how-to block ads
Home LAN security historically has focused on protecting the internal LAN from unsolicited traffic to and from the WAN (Internet). Many of us have spent a great deal of time protecting ourself by installing stateful firewalls, packet filters, proxy servers, anit-virus, anti-spyware, spam filters...you get the idea.
With the addition of wireless routers and access points to the LAN a new security threat emerges. We now have a wide open back door from the outside to our once protected and trusted LAN. Wireless devices default installations allow anybody with similar technology (802.11a, 802.11b/g/n) to jump onto our LAN as uninvited guests. Sure we have MAC filters, WEP, WPA, Radius to help us in the battle but most of those can be cracked by a physically local, determined intruder.
Wireless access points by design extend the trusted Efficient managed LAN to the outside. They are inherently less secure than wireless routers and benefit the most from this procedure. Wireless routers normally isolate their users to a separate wired/wireless ethernet segment. The WAN port on the wirless router allows access into the trusted wired LAN normally for access to the Internet. This same access also exposes all the devices on the Efficient managed LAN. You could install software firewalls on each LAN device but why not prevent the access in the first place?