2.0 Types of Wireless Network Security Wireless Security

			Search:
	login · register

FAQs

how-to block ads

	Search for: in all FAQs
All FAQs » Wireless Security » 2.0 Types of Wireless Network Security
FAQ Revisions	Editors: KeysCapt , jazzman916 Last modified on 2007-07-20 21:26:03 view: single page · printable

2.0 Types of Wireless Network Security ·General Steps You Can Take ·MAC Address Filtering ·What is IPSEC? ·VPN Links ·Mac OS X Supported Security
General Steps You Can Take (#11279)
Here are some general steps you can implement to improve the security of your wireless network: • Enable WPA Encryption. (Best Bet, at this time.) TKIP, AES, or RADIUS authentication recommended. Be forewarned that all WiFi devices on your network will have to share identical encryption settings. Therefore you might have to find the lowest common denominator; the strongest setting common to all your devices. •Use a strong passphrase; 63 characters is best, with non-dictionary words •Authenticate wireless clients with protocols like EAP (including EAP-TLS, EAP-TTLS, PEAP, and EAP-SIM) •Encrypt wireless traffic using a VPN (Virtual Private Network) • Change the default SSID. Change it periodically. Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is �linksys�.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use. • Change the default password for the Administrator account. With every wireless networking device you use, keep in mind that network settings (SSID, WEP keys, etc.) are stored in its firmware. Your network administrator is the only person who can change network settings. If a hacker gets a hold of the administrator�s password, he, too, can change those settings. So, make it harder for a hacker to get that information. Change the administrator�s password regularly. • Enable MAC Address Filtering. (This is a weak tool, and should not be considered a "fix" by itself.) »Wireless Security »MAC Address Filtering •Check for available firmware updates at the manufacturer's website, usually in the Support area. Wireless Security involves more than just following "general steps". Make sure that you are aware of the risks involved with using wireless networking. feedback form by KeysCapt last modified: 2005-12-24 09:20:42
MAC Address Filtering (#11462)
MAC address filtering registers valid MAC (media access control) addresses in use and permits only recognized MAC addresses to establish communication with wireless access points. Most wireless APs/routers now come the MAC Filtering feature. This option will limit access to ONLY the MAC addresses that you have configured your router to permit. If you would like to use this feature, you will need to find all the MAC addresses of the wireless cards that will be using your network. You can find a wireless card's MAC address In Windows 2000/XP by going to "Start" -> "Run" -> Type "cmd" -> Type "ipconfig/all" and look for the wireless card in the output box. It should say "Physical Address", or something similar, under the card info. Write that MAC address down and copy it into the "MAC Allow" section of the wireless AP/router. Although this mechanism might sound foolproof, it isn't. Most 802.11 NICs allow you to configure the MAC address of the NIC in software. If you can "sniff" the MAC address of an existing node on the network, you can join the network by spoofing the MAC address of that node. MAC filtering really only keeps somebody from accidently connecting to your WAP. It won't keep a determined wardriver out. Keep in mind that Windows XP will try to associate automatically. It is quite easy for someone with knowledge to change their MAC to match the one that has been allowed in your system, and log on in it's place. The original system will lose its access to the WAP, and it will be quite confusing to figure out what is actually going on. However, it is still recommended to have MAC filtering enabled. ------------------------------------------ Some articles that discuss MAC filtering: "Enable MAC Address Filtering on Wireless Access Points and Routers" feedback form by Bill edited by KeysCapt last modified: 2005-12-23 20:23:56
What is IPSEC? (#11518)
IPSec (IP Security) protocols provide mechanisms for establishing security associations between pairs of devices. In fact, IPSec may be used to establish private end-to-end communications between pairs of computers, so that an additional layer of security is imposed above and beyond whatever Wi-Fi controls may be in place. This mechanism is quite similar to that used in VPNs (virtual private networks), in which additional security is used to make connections across inherently unsecure links. feedback form by KeysCapt
VPN Links (#11519)
VPN links are special added protocol layers and encryption services that allow traffic between a sender and a receiver to be further secured while in transit across public or other unsecure network links (such as the Internet). Most experts recommend the use of VPN or similar technologies any time sensitive data must traverse unsecure links or media (such as WLANs). feedback form by KeysCapt
Mac OS X Supported Security (#11568)
For the most part mac's are fully compatible. However, there is a thing or two to note. To connect to a "Closed" network (one that doesn't broadcast its SSID) you select "Other" from the Airport menu. For use with non-apple WEP systems you'll need to enter the code in hex. When WEP was designed, there was no pass-phrase system in place. So the different manufacturers have different systems which are (for the most part) incompatible. With the latest release (10.3.7), there are options of "WEP Password" = Apple Base-station password "WEP 40/128-bit hex" = The password in hex "WEP 40/128-bit ASCII" = Enter a pass-phrase with ASCI->HEX conversion (some brands use this system) LEAP = Use Cisco's LEAP network authentication system WPA Personal = WPA-PSK (TKIP) WPA Enterprise = Centralized WPA server With some of the older versions, there was only "WEP Password". The workaround was to start the code with a 0x which would clue the computer in that it is a hex password. With WPA however, it was included in the technical standard so it "just works". Previously, there was no support for WPA-AES encryption with OS X, but Apple has released updates for their operating system and wireless access points that bring full compatibility with WPA2 / WPA-AES. Conveniently, Airport (802.11b) cards do support WPA, which is good because most PC 802.11b cards don't. You must be running OSx with the latest airport software loaded. There is no OS9 support at this time. With some (protected) networks you will get a error message that you can't join (instead of prompting for the password). However, going into other and punching in the Network Name (SSID) and password will let you in anyway. Some brands/models work as expected and others don't. feedback form by macmouse edited by KeysCapt last modified: 2005-11-21 06:56:30


Saturday, 30-Aug 01:09:01	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 9 years online! © 1999-2008 dslreports.com. republican-creole

All FAQs » Wireless Security » 2.0 Types of Wireless Network Security

2.0 Types of Wireless Network Security

General Steps You Can Take (#11279)

MAC Address Filtering (#11462)

What is IPSEC? (#11518)

VPN Links (#11519)

Mac OS X Supported Security (#11568)