Quick Wireless LAN Security – Do It!   Leave a comment

Checklist from Wardrive.net

Things you can do to secure your wireless network.

  1. Change the default Admin password on your Access Point (this includes the webinterface).
  2. Check if the firmware for your Wireless Access Point and drivers for your Wireless Adapter(s) are up to date. Update if necessary. Keep checking for new releases in the future.
  3. Use a high level of encryption (WPA2/802.11i strongly preferred) — Use decent keys.
  4. Authenticate wireless users with protocols like 802.1X, RADIUS, EAP (including EAP-PAX, EAP-PSK, EAP-TLS, EAP-TTLS, EAP-FAST, EAP-POTP, EAP-IKEv2, EAP-GPSK, PEAP, and EAP-SIM). These protocols support authentication credentials that include digital certificates, usernames and passwords, secure tokens, and SIM secrets.
  5. Use strong encryption for all (userland) applications you use over the wireless network, e.g., use SSH and TLS/HTTPS.
  6. Encrypt wireless traffic using a VPN (Virtual Private Network), e.g. using IPSEC or other VPN solutions.
  7. Use WLAN Security Tools for securing the wireless network. This software is specifically designed for securing 802.11 wireless networks.
  8. Create a dedicated segment for your Wireless Network, and take additional steps to restrict access to this segment.
  9. Use a proxy with access control for outgoing requests (web proxy, and others).
  10. Regularly TEST the security of your wireless network, using the latest Wardriving Tools (the same tools the attacker will use). Don’t use these tools on other networks, and always check local laws and regulations before using any wardriving tools.
  11. Enable strict (sys)logging on all devices, and check your (wireless) log files regularly to see if your security policy is still adequate.
  12. (only provides very little security)Enable MAC address filtering on your Access Point. Note that MAC addresses can be changed easily by the attacker.

Powered by ScribeFire.


Posted 14 September 2009 by chrismmm in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: