security wireless

[legend_018]

ok if I buy a wireless router/switch and setup a laptop to connect to my cable modem wireless method - will it come with instructions on security pertaining not having people around my neighborhood connecting in? Or do I have to obtain those instructions somewhere?

[thefultonhow]

There will be instructions on how to set various options, but not what options to set in order to secure the network. If you are just trying to prevent against casual interlopers, I'd recommend enabling WPA encryption with a hard-to-guess Pre-Shared Key.

If you want to get more secure than that (no real reason to in a home network though) and don't anticipate ever having friends come in and use the wireless, I would set up MAC address filtering and possibly turn off SSID broadcast. But I think WPA should be enough.

[Ob1]

TIP: to make strong password for either your wpa-psk or wpa2-psk security on your wireless network, make sure you have one number, one uppercase letter, a symbol, and make it at least 7-8 characters and dont use plain words, or your dogs name, etc. use something lilke these:

sJ{k3b@a

or

Ch@rger06.

i also disable my SSID but anyone with netstumbler can detect your wireless network regardless of disabling the SSID. The longer and more complex the password the better chance of protecting your network. you could even change the passphrase every 60-90 days but thats getting a little extreme on a home network.


here are some other tips:
Change default admin password on wireless router
change default SSID
enable mac filtering
adjust amount of ip address dished about by the routers dhcp
disable SSID
dont' allow remote administration on the wireless router
change the default ip scheme. most routers come with 192.168.1.x . change it up to something like 192.168.35.x


if you need assistance, just post your questions, people here can help you get it setup properly.

[TallTravel]

Your wireless router will most likely come with its own implementation of an industry standard set of security features, and the manual will describe how to set the system up securely. Two choices, one relatively old: WPA, and a much newer one: WPA2, may be offered by your router manufacturer.

[Stuey]

Ob1 pretty much gave you all the extra info you're going to need. The router will probably come with documentation on the installation CD, or will direct you to the manufacturer's site with documentation (pdf style). There you'll find the info as to how to do various things.

But, most routers have rather intuitive interfaces so with Ob1's list, you should be able to figure things out easily.

[glc]

How to Secure a Network

[legend_018]

ok - I'm waiting for my WAP54G to come in the mail, but I also have a SMOOTHWALL firewall. My cable modem hooks up to smoothwall which has a 2nd network card that hooks into a switch I have where my computers hook into.

I got the laptop with WIFI and I'm waiting for the WAP54G which I will have to hook up to the switch. As far as connecting from my laptop - will I have worry about the firewall?

Last night while in my house, I saw some connection "probably in the neighborhood" Im guessing and I connected to see what would happen. I was on the internet but it was so slow. If I was using somebodys access point because they didn't secure it why would it be so slow?

[Ob1]

no you wont have to worry about the firewall.

maybe everyone in your neighborhood attachs to that unsecured wireless network, so besides you and the owner of that AP, there could be 10 other people on it as well causing a lot of network traffic, what was your signal strength. if its low then that can cause slow speeds. spyware broadcasting off of that ap, eating up all the bandwidth, the possiblities are endless, maybe he just has a crappy connection, or a lot of noise on his line causing it to run slow.

[legend_018]

I'm losing the understanding. The purpose of my firewall "hardware" firewall is everything has to go through that first before it gets to my local computer.
so the cable connection goes from teh wall to teh firewall machine to the switch and than computers plug into the switch. If I have a wirless laptop in the other room connecting to a WAP54G router which in turn has a connection into the firewall machine that connects to the internet - I guess it doesn't matter because I'm internal right? and the firewall accepts internal calls maybe? Ok I'm probably being real confusing.

Update: My firewall machine "hardware machine called smoothwall" is also the dhcp server and assigns the ip addresses to the xp workstations.

[Ob1]

yes, the ap is internal therefore it technically bypasses the smoothwall firewall, which is why its so important not to have rogue AP on a companies network and to make sure to secure them as much as possible. you could have the tightest, most fancy firewall installed on your network, but if you have an open wireless ap, then that fancy, and probably expensive firewall/intrusion detection system isnt doing anything since people could get into your network through and unsecured wireless AP and then have access t. make sense......

[glc]

Exactly. Just set up the AP with decent security to keep the wardrivers out. Read the link I posted.