On Tue, 22 Feb 2005, Brian Kuhn wrote: > I am trying to understand the security limitations of my AP. In > particular, I am trying to determine what someone would have access to > if they were able to find my SSID, determine a valid MAC address, > break my WEP key and connect to the AP wirelessly. > > I'm trying to determine if its wireless connection is inside our > outside the built-in firewall. To test this out, I connected to it > wirelessly and attempted to access a server connected to one of the > ethernet ports via its internal IP address. This did not work. The > router refused my connection. > > Are there any vulnerabilities that I am missing? I don't really care > if someone wants to take the time to crack my AP and get an Internet > connection. However, I must prevent them from gaining access to the > wired network behind my AP's firewall. For now, I've put a firewall > behind the wireless router just to be safe. Is this really necessary?
Hi Brian .. Regarding your original question, the home wireless routers I have used (including Linksys but the wrt54g, a different model) all had a firmware option whether you wanted local wireless clients firewalled from local Ethernet clients. If you turned on this option, and did some tests with nmap and found no connectivity between Ethernet and radio clients, the extra firewall inside the router probably isn't important. M.D. -- Michael A. Dickerson : Unix Systems Administrator : Pomona College Andrew 252a : 909.607.8653 : [EMAIL PROTECTED]
