Ensure you're only using wpa2-aes (no tkip, or mix wpa1-2), and use a very long psk string. Ensure your clients aren't vulnerable to the blueborne and other wifi ota exploits. Not much else you can do really unless you want to run a radius and/or cert pki in-house to do eap-tls, or peap. You can crack against wpa2, but unless using an easy string, it's not easy or assured they will figure out your string.
I use a 32char random string, special characters, really annoying when adding new devices, but I don't worry about someone cracking it. -mb On Thu, Nov 23, 2017 at 2:58 PM, <[email protected]> wrote: > > Hi, > > I would like to "Harden" my WIFI and am not sure where to start. I seem > to recall past discussions on replacing the standard equipment provided by > our ISP. > > I would like to make it very difficult to hack my WIFI and I would like a > firewall. And I would like this to be "Plug and Play" as much as is > possible. In other words I would like to stay away from installing a Linux > firewall on an extra PC and then having to maintain it. > > Please feel free to let me know if my expectations are not valid. > > Thanks in advance!! > > Keith > > > > --------------------------------------------------- > PLUG-discuss mailing list - [email protected] > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss >
--------------------------------------------------- PLUG-discuss mailing list - [email protected] To subscribe, unsubscribe, or to change your mail settings: http://lists.phxlinux.org/mailman/listinfo/plug-discuss
