Wireless-B Ethernet Bridge
5) SSID
There are a few things you can do to make your SSID more secure:
a. Disable broadcast
b. Make it unique
c. Change it often
Most wireless networking devices will give you the option of broadcasting the SSID. This is a option for convenience, allowing anyone to log into your wireless network. In this case, however, anyone includes hackers. So don't broadcast the SSID.
A default SSID is set on your wireless devices by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.
Changing your SSID regularly will force any hacker attempting to gain access to your wireless network to start looking for that new SSID.
With these three steps in mind, please remember that while SSIDs are good for segmenting networks, they fall short with regards to security. Hackers can usually find them quite easily.
6) MAC Addresses
Enable MAC address filtering if your wireless products allow it. MAC address filtering will allow you to provide access to only those wireless nodes with certain MAC addresses. This makes it harder for a hacker using a random MAC address or spoofing (faking) a MAC address.
7) Firewalls
Once a hacker has broken into your wireless network, if it is connected to your wired network, they’ll have access to that, too. This means that the hacker has effectively used your wireless network as a backdoor through your firewall, which you've put in place to protect your network from just this kind of attack via the Internet.
You can use the same firewall technology to protect your wired network from hackers coming in through your wireless network as you did for the Internet. Rather than connecting your access point to an unprotected switch, swap those out for a router with a
Appendix B: Wireless Security | 29 |
What Are the Risks?