Security Basics mailing list archives
RE: home wireless router good practices for security
From: shankarnarayan.d () netsol co in
Date: Wed, 31 Dec 2003 10:50:18 +0530
-----Original Message----- From: Steve [mailto:securityfocus () delahunty com] Sent: Wednesday, December 31, 2003 12:03 AM To: security-basics () securityfocus com Subject: home wireless router good practices for security So I went out and purchased a wireless router (Linksys 802.11b) for home since it was so inexpensive and actually less cost than the wireless access points I was trying to get via eBay. Got it home, installed my wireless network card (SMC), powered on the router, attached it to a port on my other wired linksys router, and boom it worked great. Then about 5 minutes after I sent an instant message to my neighbor (fellow IT friend) he was on my network. So I took the steps that Linksys recommends below, seems good (to me). Change the default SSID Disable SSID Broadcasts Change the default password for the Administrator account Enable WEP 128-bit Encryption Linksys also recommends these other measures, I have not implemented: Enable MAC Address Filtering Change the SSID periodically Change the WEP encryption keys periodically. My Questions: 1) Anyone know how much enabling 128-bit encryption will hurt my wireless performance? Answers: We've tried this on a Cisco Aironet, Intel cards and Orinoco cards - it is about 15% - the worst being 20%. But please remember Wireless Bandwidths are specified 11Mbps, but you land up with a throughput (throughput = Bandwidth - Overheads) of 7 to 8Mbps. However, if you are sitting around a microwave oven or such things don't expect a good throughput as it is already reduced because of the microwave. 2) Does setting the SSID for my wireless NIC then keep me from getting onto other wireless networks like when traveling? I ask since that setting was set to ANY before I changed it to the SSID that I set for my wireless router. Answers: ANY "generally" permits you to log onto any Wireless Network with any SSID. "Generally speaking" changing the SSID should help you from getting onto other networks. But if you really wanted, there are some simple tools that can permit you to easily link up to insecure networks and some so called secure networks 3) What else should I really do to protect my home network? Answers: Currently, you are pretty much safe when you implement WEP and all the steps you have taken. As far as the popularity charts of WEP as an encryption mechanism are concerned, they aren't very great simply because a determined hacker can break through WEP using available tools. But for someone to do this (s)he would require serious reasons to go through all the trouble and break into your Network. Just to make it that wee bit more difficult, make sure that you don't put an easy combination on your WEP keys/ SSID - just in case someone tries to guess the key/SSID So it is better that you keep changing the keys, passwords and SSID. MAC filtering is a pretty decent way to keep most intruders out, but there are software's that can spoof a MAC address. If you are paranoid, some AP's and Wireless equipment now come with WPA (Wi-Fi Protected Access) that can be enabled in combination with Pre-shared keys for home use. Try this out. Otherwise, you are pretty much OK unless you've really got some really precious stuff on that computer of yours that all the hackers are gonna be after Happy Wireless-ing Shankarnarayan D --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: home wireless router good practices for security shankarnarayan . d (Dec 31)
- <Possible follow-ups>
- RE: home wireless router good practices for security Nick Duda (Dec 31)
- RE: home wireless router good practices for security Ed Whitesell (Dec 31)
- RE: home wireless router good practices for security Preston, Tony (Dec 31)
- RE: home wireless router good practices for security Francisco Mário Ferreira Custódio (Dec 31)