I apologize for such a big break between blog postings. In the future I'll make my posts shorter, as I realize the last post was quite a bit to register all at once.
But at least we have the definitions out of the way and now work towards proper wireless IP configuration.
Items to disable:
SSID, so long as you know the name of your access point you can manually configure your devices to connect to your wireless access point. Disabling SSID will prevent everyone in the neighborhood from knowing that you have a wireless router.
Web based configuration from the outside, this is actually more of a port setting on the router. You never want to open up a login/password screen for anyone on the outside network. This opens up an avenue where a hacker could use automated scripts to log into your router over and over again until it has your password correct.
Items to enable:
WPA encryption, although a little more complex to set up WPA is far more advanced than WEP, which can be cracked in a short period of time. I say this because once WEP is cracked, a hacker has access to all of your computer sessions on the network. I have noticed that devices such as Nintendo WII and DS only connect using WEP protocols, if you have to go this route due to limitations of your wireless devices make sure that you have a fairly random and complex WEP key. Steve Gibson has an excellent random number/password generator, Click Here to view
MAC address filtering, this step is optional but offers more control for your network devices. Every network enabled device has a MAC (Media Access Control) address, which is unique to each device. View your network device documentation to find the Mac address, add it to the allow list and only machines with your unique addresses will be allowed on to the network. This is a huge undertaking for a large-scale network, but pretty manageable on a small home network. MAC addresses can be spoofed, in other words a person with the right software can make its MAC appear to be the same as another device. In order for this process to work correctly to get into your private network, they would have to actually know the MAC addresses that you have on your allow list. So long as you aren't broadcasting this information, you'll be safe.
That's it for now. I'll continue to add configuration tips throughout the blog, but will try to work with quick and to the point posts from now on. I'll be glad to answer any questions that you have.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment