Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Security, hacker detection & forensics FAQ

Wireless Security

What are the basic measures for securing a wireless network by schofs
Posted: 12 Jul 05

Change the default SSID in access points to something that does not reflect anything obvious such as the organizationÆs, building's or street's name.
Disable sending the SSID in the AP's broadcast beacon. This prevents showing the SSID to unauthorized wireless clients.
Configure strong administrative passwords, and if possible, turn off remote administration features.
Locate the AP in an area where the signal will not be picked by unauthorized clients. If possible, limit the AP's service area by reducing its power.
Reserving MAC addresses (in DHCP or an AP) to require a valid MAC address for clients is not a secure solution on itself because MAC addresses can be spoofed easily and are send in clear-text even when WEP encryption is enabled.
Consider disabling the AP's DCHP feature and assign static IP addresses to all wireless clients.
Implement a firewall and intrusion detection system between the wireless and wired networks.
Enable WEP (Wired Equivalent Privacy). Although it doesn't provide very strong security, it should be enabled nevertheless. Use 128-bit WEP encryption keys and rotate the keys often. Don't rely on WEP as your only means of encryption.
Use VPN technology, such as IPSec or L2TP. Note: the use of a VPN will greatly decrease the throughput of a wireless network.
If available, use WPA (Wireless Protected Access) with TKIP in place of WEP.
When possible, use the 802.1X port-based authentication protocol in combination with EAP (Extended Authentication Protocol) to negotiate an authentication method, such as username and password logon or the use of smartcards, and for example, a RADIUS server.

Back to Security, hacker detection & forensics FAQ Index
Back to Security, hacker detection & forensics Forum

My Archive

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close