Re: [OT] Linksys router and broadband woes

["domdevitto" <dom@xxxxxxxxxxx>]

Ideally, in order of importance, off the top of my head:
1) Use WPA with AES/PSK encryption and a **random** key
This should keep out snooping, unless they guess the key.

2) Filter by MAC
"If you not on the list, you're not coming in."

3) Don't broadcast your SSID
No point inviting people to try and connect!

Also, clients connecting need to be sure that they really are
connecting to the right AP - so if they ever get prompted for another
key, or connect without a key, they shouldn't try 'no password'.
Otherwise a client can connect to a rogue AP, and the client->internet
traffic get snooped on the wired LAN segment (etc.)

Dom

--- In ukha_d@xxxxxxx, "Tim Hawes" <timsyahoo@...> wrote:
>
> If someone is determined to get into your network then they will.
> There are sufficient tools available so the only thing a hacker really
> needs is a bit of time :-(
> On the plus side, even basic security will deter the
> casual/opportunist hacker and they'll maybe move on to someone less
> well protected.
>
> I Googled for "wireless security tips" and this was one of
the hits.
> http://news.zdnet.co.uk/security/0,1000000189,39223889-1,00.htm
>
> There's loads of other similar pages though with much the same advice,
> although not all of them suggest you turn off your access point when
> not in use.
> It's (partly) for this reason I'm moving away from an integrated
> wireless router & access point and going for separate devices
(which
> have separate mains plugs!).
>
> HTH,
>
> Tim.
>
> On 5/10/07, Ho Yin Ng <architect.hoyin@...> wrote:
> >
> > Also what is the best way of securing wireless access? I only
allow
> > access by MAC address.  Is this good enough?
> >
> > Regards
> >
> > Ho yin
>