>On Thu, 16 May 2002 12:17:27 -0700, Azeem Shahjahan Jiva wrote:
>
>Hi,
> So what is a good way to keep my wireless network secure? Currently I do
>the following:
>
>128bit key
>limited to the MAC addresses I use (two machines)
>turn off my access point when I don't use it (night, when I'm at work).
>
>Does this sound resonable? Anything else i can do?
>
Azeem;
Here are a some of the 802.11b security measures that I've seen suggested;
1. Alter the defaults;
(i) change AP password to an unidentifiable word that uses numbers, special
characters and caps
(ii) change SSID to something generic so that it doesn't identify you or your
location
(iii) disable SSID broadcast (if available)
(iv) change SSID and password periodically and avoid usage of dictionary
words for both.
2. enable WEP, use the highest rated and supported encryption available on your AP
3. enable "closed wireless system" on AP if available, i.e. Ornico AP-1000. Apparently
this setting will
then challenge the clients to provide the correct SSID, more of an interrogative
rather than associative
process.
4. Limit the access list;
(i) Limiting (filtering) MACs (if available - more practical on small
newtworks) or
(ii) Limiting Number of DHCP users,... or better yet,
(iii) specify a limited number of static IP addresses from somewhere in the
middle of the AP IP range
5. use Protocol Filters
6. use a Virtual Private Network
Regard,
Jim
--
general wireless list, a bawug thing <http://www.bawug.org/>
[un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
