Re: Wireless security linksys home system

On Tue, 16 Aug 2005 07:57:55 -0500, "jcgc50" <jcgc50@xxxxxxx> wrote:

>Thanks for the response. The changes are what I have found at linksys site
>and others. Changing the SSID, disabling broadcast of the id, enabling MAC
>filtering etc. Generally, I have found they recommend 5 to 10 changes.

Everyone has their own formula for what's considered safe enough. To
corporate America, nothing less than WPA2-AES-TKIP with an IPSec VPN
running, is good enough. For most home users, WPA-PSK is good enough.
There is some debate about the merits of MAC filtering and disabling
SSID broadcasting.

>The router defaulted to WPA - PSK for Pre-Shared Key. While I see WPA2 in
>the list I am not sure if my computer works with that or not.

XP does WPA2:
> http://www.microsoft.com/downloads/details.aspx?familyid=662bb74d-e7c1-48d6-95ee-1459234f4483&displaylang=en

>Considering the importance of security in a wireless network it is
>surprising how difficult it was to find out what to do and then when you do
>find it how poorly it is explained.

Oh, it's not that difficult if you know the right buzzwords to feed
into Google.

>For example everyone said change the
>SSID. What no one mentioned is that you are immediately kicked off your
>router since the ID is no longer the same nor how to go about getting back.

Chuckle. I do *ALL* my configuration using a wired connection. Yes,
you'll get disconnected if you make changes while connected via
wireless. Changing the SSID, MAC filtering, and encryption method
will all pull the plug on you if you're trying to configure things via
wireless. However, do it via wireless anyway. It's good practice to
see how to disconnect, search for a new access point, and reconnect.

>Nor do they mention that when you do get in to check everything else. Since
>this also turned off the MAC filtering. I have probably missed something
>else but who knows.
>
>It would be nice to get a detailed primer on this.

Ask and ye shall receive...
http://www.practicallynetworked.com/support/wireless_secure.htm
http://www.extremetech.com/article2/0,1697,1152933,00.asp
http://www.pcmag.com/article2/0,4149,844020,00.asp
http://insight.zdnet.co.uk/communications/wireless/0,39020430,39170748,00.htm
http://www.microsoft.com/windowsxp/using/networking/learnmore/bowman_05february10.mspx
http://netsecurity.about.com/cs/wireless/a/aa112203_2.htm
http://www.lanarchitect.net/Articles/Wireless/SecurityRating/

A dozen more articles on wireless security.
http://netsecurity.about.com/od/secureyourwifinetwork/

About half the above debunked:
http://blogs.zdnet.com/Ou/index.php?p=43
Incidentally, I agree with all his points.

Overwhelmed yet? Good. That's because I consider much of the above
to be worthless. You can change the SSID, password, encryption, and
such, and still have an insecure system. Devious and evil people
(like me) always seem to find holes in the firewall, or sloppy
implimentations. For example, give me 10 seconds with your laptop and
my autorun USB dongle will copy your wireless settings, including your
allegedly secret WPA pass phrase. Another 10 seconds and I can
autorun a script to setup an admin account for me on your computah.
(No, I won't publish my scripts and tools).

In my never humble opinion, the real basis of security is monitoring.
It's like locking the door, but never checking to see if anyone is
trying to pick the lock. Yeah, it's a bore looking at log files and
intrusion reports, but that's about the only way to detect if I'm on
your system. Do the basics as mentioned above. Never mind the
creative nonsense such as SSID hiding, MAC filtering, disable DHCP,
using NETBEUI, etc, and get some monitoring tools:
http://www.sonic.net/wallwatcher/
http://home.comcast.net/~jay.deboer/airsnare/

Also, run some firewall security check tools:
http://www.pcflank.com/exploits.htm
http://www.pcflank.com/test.htm
Lots of other online security testers. However, be careful with their
recommendations. Many of them are trying to sell you their security
software, which may not be necessary or useful.


--
Jeff Liebermann jeffl@xxxxxxxxxxxxxxxxxxxxxx
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
AE6KS 831-336-2558
.

Relevant Pages

  • RE: Wirless Bleeding - How to stop it?
    ... The other thing to do is to set the AP to only permit specific MAC addresses ... If you cannot limit the transmission speed I would change the SSID to ... access to those who know you have a wireless AP and those who are ... your WEP key regularly. ...
    (Security-Basics)
  • Re: Linksys routers
    ... 811427 Your Computer Connects to an Access Point That Broadcasts Its SSID ... Linksys says to disable the SSID Broadcast> option. ... >>>enable MAC address filtering. ... >>wireless router. ...
    (microsoft.public.windowsxp.network_web)
  • Wireless MAC address filtering
    ... My older Linksys wireless AP router can only do WEP security, so when I got my new HP laptop with built-in WiFi I decided to add wireless MAC address filtering to my router. ...
    (comp.sys.laptops)
  • Re: First foray into the wireless world, couple of questions...
    ... There's no "strength" in the SSID. ... THE SIX DUMBEST WAYS TO SECURE A WIRELESS LAN ... MAC filtering: This is like handing a security guard a pad of paper ... SSID hiding: There is no such thing as "SSID hiding". ...
    (alt.internet.wireless)
  • Re: Firewall - MAC Filter
    ... I have a wireless router. ... the built in MAC filter is not working and emails to the ... > find a sotware solution to perform MAC address filtering. ...
    (comp.security.firewalls)