RE: home wireless router good practices for security

[shankarnarayan.d () netsol co in]

-----Original Message-----
From: Steve [mailto:securityfocus () delahunty com] 
Sent: Wednesday, December 31, 2003 12:03 AM
To: security-basics () securityfocus com
Subject: home wireless router good practices for security

So I went out and purchased a wireless router (Linksys 802.11b) for home
since it was so inexpensive and actually less cost than the wireless access
points I was trying to get via eBay.  Got it home, installed my wireless
network card (SMC), powered on the router, attached it to a port on my other
wired linksys router, and boom it worked great.  Then about 5 minutes after
I sent an instant message to my neighbor (fellow IT friend) he was on my
network.  So I took the steps that Linksys recommends below, seems good (to
me).
    Change the default SSID
    Disable SSID Broadcasts
    Change the default password for the Administrator account
    Enable WEP 128-bit Encryption
Linksys also recommends these other measures, I have not implemented:
    Enable MAC Address Filtering
    Change the SSID periodically
    Change the WEP encryption keys periodically.

My Questions:

1) Anyone know how much enabling 128-bit encryption will hurt my wireless
performance?

Answers: We've tried this on a Cisco Aironet, Intel cards and Orinoco cards
- it is about 15% - the worst being 20%. But please remember Wireless
Bandwidths are specified 11Mbps, but you land up with a throughput
(throughput = Bandwidth - Overheads) of 7 to 8Mbps. However, if you are
sitting around a microwave oven or such things don't expect a good
throughput as it is already reduced because of the microwave. 

2) Does setting the SSID for my wireless NIC then keep me from getting onto
other wireless networks like when traveling?  I ask since that setting was
set to ANY before I changed it to the SSID that I set for my wireless
router.

Answers: ANY "generally" permits you to log onto any Wireless Network with
any SSID. "Generally speaking" changing the SSID should help you from
getting onto other networks. But if you really wanted, there are some simple
tools that can permit you to easily link up to insecure networks and some so
called secure networks


3) What else should I really do to protect my home network?

Answers: Currently, you are pretty much safe when you implement WEP and all
the steps you have taken. As far as the popularity charts of WEP as an
encryption mechanism are concerned, they aren't very great simply because a
determined hacker can break through WEP using available tools. But for
someone to do this (s)he would require serious reasons to go through all the
trouble and break into your Network. Just to make it that wee bit more
difficult, make sure that you don't put an easy combination on your WEP
keys/ SSID - just in case someone tries to guess the key/SSID

So it is better that you keep changing the keys, passwords and SSID. MAC
filtering is a pretty decent way to keep most intruders out, but there are
software's that can spoof a MAC address. 

If you are paranoid, some AP's and Wireless equipment now come with WPA
(Wi-Fi Protected Access) that can be enabled in combination with Pre-shared
keys for home use. Try this out. Otherwise, you are pretty much OK unless
you've really got some really precious stuff on that computer of yours that
all the hackers are gonna be after

Happy Wireless-ing 

Shankarnarayan D

---------------------------------------------------------------------------
----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------