|
Posted by Eric on January 27, 2008, 3:51 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>I have a Netgear WGR614 v6 wireless router which I have recently begun to
>use wirelessly for my wife's work laptop. There is also a desktop
>connected to the router via cat 6. Both machines are running XP SP2 with
>all updates. I have the router set as follows & want to be sure I'm doing
>all I can to maximize security on the network:
>
> - File sharing is OFF on both PC's
> - Router setup password has been changed to 14 random characters
> - Router updated with most recent firmware
> - SSID set to 13 random characters
> - SSID broadcast is OFF
> - WPA-PSK activated w/10 random character passphrase (tried a longer
> passphrase, but Windows Networking seemed to have trouble with it, kept
> defaulting to a shorter phrase). Key lifetime is the default 60 minutes.
> - Access control is ON with the MAC addresses for the 2 PC's being the
> only ones entered.
>
> We live in a fairly remote suburban area, so I don't think the threat of
> "wardriving" is what it might be in a more populated area, but I still
> want to be sure I'm doing all I can in terms of security.
>
> TIA
>
> Dan
Hi,
VPN and Radius Servers are complete overkill for your environment. Unless
you view setting either up as a learning exercise, its pretty silly to
consider either.
All you measures that you wrote are fine. I would, however, suggest that
you do broadcast a SSID. Broadcasting an SSID is part of the 802.11
specifications. By not broadcasting an SSID, at best it may cause you
problems, at worst your neighbors will consider it rude RFI.
Even with SSID broadcast disabled, you can still easily be seen. Disabling
SSID broadcast may even make you a more likely target because it looks like
you are trying to hide (which you can't).
As for using MAC filtering, that is your call. If MAC filtering is tied
into being able to dish out two static IP's to your two computers, then use
it. If not, then it doesn't really offer that much extra security. MAC
filtering may be another effective layer for that 80 year old granny across
the street, but not for her 14 year old great grandson.
Again, you sound fine on your LAN side, but are you okay on your WAN
(internet) side?
| 
XML site map