[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Off Topic - Wireless Routers



PureBytes Links

Trading Reference Links


In a typical corporate wireless setup, the wireless router terminates into a DMZ (a firewalled
section of the network) and a VPN or bastion host is used when drive mapping / IP routing
is required.

Try to find a Wireless with a built in Firewall, failing this, consider a dedicated hardware FW,
or at least at software one. If your Wireless unit doesn't support VPN, consider supporting
one in software ... Google is your friend.


Justin

---

Gary Fritz wrote:

I have a friend who is always notebooking around all over and he
says he does that all the time.
"War driving" (named after "War Dialing," the practice of dialing every number in an exchange looking for modems, as popularized by Matthew Broderick in the 1983 movie "War Games") is incredibly popular and incredibly easy. Most people bring their wireless router home from Best Buy, plug it in, and go. They never bother to turn on any of the security settings. Their router broadcasts its presence to the world, and anybody can get on. Drive around with a wifi notebook and you'll find open access points all over the place.

That's definitely a bad idea. But wireless routers don't HAVE to be insecure. I did the following to my router:

* Disabled broadcast of the router's wifi SSID (so you have to
know it's there to find it)

* Changed the router's default wifi SSID (so you have to know
what it is to connect to it)

* Limited the # of open connections to the # of wireless units
in the house

* Limited the MAC ID#'s (hardware address in the LAN card) that are allowed to connect to a specified list -- so unless it's one of our devices, it can't connect. I suspect
this is the best hacker-blocker in the list.

* Encrypted the data passed over the air

That took all of 10-15 mins when I set up the router, just read the instructions and point & click. No war driver is going to tap into MY wifi. I doubt even a very savvy cracker could worm his way into the wifi even if he knew it was there and knew what the SSID was.

Now my cordless phones, that's an entirely different story... :-)
Gary