Re: home wireless router good practices for security

[Greg Tracy <greg () sixx com>]

Everyone so far has suggested that you change your SSID, which is good
practice because it will at least tell a wardriver or hacker that you know
enough to have likely disabled most of the defaults that are set on the AP
out of the box. I set my SSID to "Ireadmylogs" and have gotten some
interesting feedback from friends who have happened through my neighborhood.
Setting WAP has a similar effect. The fact that there are soooooo many home
users that never use WAP will make a stronger 128 bit key unattractive. It's
much easier to go after the guy next door who has no protection. Besides,
under normal use you're talking hours upon hours of packet grabbing to have
enough weak ones to try to run a WEP cracker against. I imagine that you'd
see the guy sitting at your curbside next to your garbage with his laptop by
that time. :) I have my WAP set to email me my logs and it helps me to keep
tabs on the situation, so I'd recommend that as well. Firewalls are a must
anyway, and wireless makes them even more necessary. Another idea I haven't
seen posted yet is to use SSL to get your email, if your provider allows and
you're really paranoid. As I said, I've been using 128 bit WAP for a while
now and have seen little or no problem with performance.

Greg

> From: Steve [mailto:securityfocus () delahunty com]
> Sent: Tuesday, December 30, 2003 1:33 PM
> To: security-basics () securityfocus com
> Subject: home wireless router good practices for security
>
>
> So I went out and purchased a wireless router (Linksys 802.11b) for home
> since it was so inexpensive and actually less cost than the wireless
> access
> points I was trying to get via eBay.  Got it home, installed my wireless
> network card (SMC), powered on the router, attached it to a port on my
> other
> wired linksys router, and boom it worked great.  Then about 5 minutes
> after
> I sent an instant message to my neighbor (fellow IT friend) he was on my
> network.  So I took the steps that Linksys recommends below, seems good
> (to
> me).
> Change the default SSID
> Disable SSID Broadcasts
> Change the default password for the Administrator account
> Enable WEP 128-bit Encryption
> Linksys also recommends these other measures, I have not implemented:
> Enable MAC Address Filtering
> Change the SSID periodically
> Change the WEP encryption keys periodically.
>
> My Questions:
>
> 1) Anyone know how much enabling 128-bit encryption will hurt my
> wireless
> performance?
>
> 2) Does setting the SSID for my wireless NIC then keep me from getting
> onto
> other wireless networks like when traveling?  I ask since that setting
> was
> set to ANY before I changed it to the SSID that I set for my wireless
> router.
>
> 3) What else should I really do to protect my home network?
>
>
>
> ------------------------------------------------------------------------
> ---
> ------------------------------------------------------------------------
> ----
>
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------


---------------------------------------------------------------------------
----------------------------------------------------------------------------