Security Basics mailing list archives
Re: home wireless router good practices for security
From: Greg Tracy <greg () sixx com>
Date: Wed, 31 Dec 2003 16:13:52 -0500
Everyone so far has suggested that you change your SSID, which is good practice because it will at least tell a wardriver or hacker that you know enough to have likely disabled most of the defaults that are set on the AP out of the box. I set my SSID to "Ireadmylogs" and have gotten some interesting feedback from friends who have happened through my neighborhood. Setting WAP has a similar effect. The fact that there are soooooo many home users that never use WAP will make a stronger 128 bit key unattractive. It's much easier to go after the guy next door who has no protection. Besides, under normal use you're talking hours upon hours of packet grabbing to have enough weak ones to try to run a WEP cracker against. I imagine that you'd see the guy sitting at your curbside next to your garbage with his laptop by that time. :) I have my WAP set to email me my logs and it helps me to keep tabs on the situation, so I'd recommend that as well. Firewalls are a must anyway, and wireless makes them even more necessary. Another idea I haven't seen posted yet is to use SSL to get your email, if your provider allows and you're really paranoid. As I said, I've been using 128 bit WAP for a while now and have seen little or no problem with performance. Greg
From: Steve [mailto:securityfocus () delahunty com] Sent: Tuesday, December 30, 2003 1:33 PM To: security-basics () securityfocus com Subject: home wireless router good practices for security So I went out and purchased a wireless router (Linksys 802.11b) for home since it was so inexpensive and actually less cost than the wireless access points I was trying to get via eBay. Got it home, installed my wireless network card (SMC), powered on the router, attached it to a port on my other wired linksys router, and boom it worked great. Then about 5 minutes after I sent an instant message to my neighbor (fellow IT friend) he was on my network. So I took the steps that Linksys recommends below, seems good (to me). Change the default SSID Disable SSID Broadcasts Change the default password for the Administrator account Enable WEP 128-bit Encryption Linksys also recommends these other measures, I have not implemented: Enable MAC Address Filtering Change the SSID periodically Change the WEP encryption keys periodically. My Questions: 1) Anyone know how much enabling 128-bit encryption will hurt my wireless performance? 2) Does setting the SSID for my wireless NIC then keep me from getting onto other wireless networks like when traveling? I ask since that setting was set to ANY before I changed it to the SSID that I set for my wireless router. 3) What else should I really do to protect my home network? ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: home wireless router good practices for security Aditya [ Aditya Lalit Deshmukh ] (Jan 02)
- <Possible follow-ups>
- Re: home wireless router good practices for security Greg Tracy (Jan 02)
- RE: home wireless router good practices for security jburzenski (Jan 02)
- Re: home wireless router good practices for security Jamie Pratt (Jan 02)
- RE: home wireless router good practices for security nate (Jan 02)
- Re: home wireless router good practices for security Alvin Oga (Jan 02)
- RE: home wireless router good practices for security Jacob McMaster (Jan 02)
- RE: home wireless router good practices for security Preston, Tony (Jan 02)
- RE: home wireless router good practices for security Alex Pimperton (Jan 05)
- Re: home wireless router good practices for security Greg Tracy (Jan 05)
- RE: home wireless router good practices for security JM (Jan 06)
- Re: home wireless router good practices for security Jack (Jan 05)
(Thread continues...)