Securing wireless network

Discussion in 'Windows Desktop Systems' started by dreamworks, Jun 10, 2004.

  1. dreamworks

    dreamworks --== babyface ==--

    Messages:
    355
    Hi guys ..

    I have just recently bought a Linksys wireless broadband router (Model: BEFW11S4) and I am wandering whats the best way and practise to secure my home wireless network?

    This is what I have done:-

    1) Changed default admin password
    2) Disabled Wireless SSID broadcast
    3) Enabled Block Anonymous Internet Requests
    4) Switched on wireless security mode to WEP

    I would like to protect the network from intruders who maybe around with wireless capability and use my network to surf the net and also protect the individual workstations.

    On the desktops and workstations, the firewall is already configured but when I do a simple check with grc.com, I find that my port 80 is open. Do I have to disable that or should I leave it as it is ..?

    Please advise. Thank you.

    :D
     
  2. muzikool

    muzikool Act your wage. Political User

    Port 80 should be open since it's for HTTP and you are online using grc.com. It looks like you've done plenty to secure the network. I was going to recommend WEP, but you've already done it. :)
     
  3. dreamworks

    dreamworks --== babyface ==--

    Messages:
    355
    muzikool, thanks for your feedback.

    i was previously using an artnet adsl router connected to an 8 port switch .. after i bought the linksys device, i connected the artnet adsl router into the linksys. so it becomes like a router connected to a router.

    i took out the artnet adsl router and use back my original aztech adsl modem, run a check on grc.com and symantec.com and all ports are closed now.

    is WEP the normal standard for securing our wireless network? honestly speaking how safe is the wireless network? : )

    Hehehehe ..
     
  4. tdinc

    tdinc █▄█ ▀█▄ █ Political User

    Messages:
    3,507
    Location:
    Sterling Heights, MICHIGAN


    Wireless routers in my opinion are extremely unsafe no matter how
    patched, locked, or hidden you are. anyone with some knowledge of linux
    and with a program like snort, can cause havoc. that is why I'm still sticking
    with a wired setup....BTW if you really want to feel more at peace
    build yourself a honeypot server for added security. :)
     
  5. Admiral Michael

    Admiral Michael Michaelsoft Systems CEO Folding Team

    what about MAC filtering?
     
  6. NetRyder

    NetRyder Tech Junkie Folding Team

    Messages:
    13,256
    Location:
    New York City
    Excellent suggestion. I just read the original post and wondered why it wasn't there on the list. MAC filtering is actually one of your safest bets.

    As tdinc mentioned, utilities like AirSnort can be used to crack WEP encryption. Now admittedly, this is unlikely since it takes quite a bit of time to crack the encryption key (we're talking days to weeks here, depending on the amount of data traffic, and whether you're using a 64 or 128-bit key). If anybody were to crack it, it would probably be one of your neighbors, or else you'd probably notice someone sitting in your front yard with a laptop for a few days. [​IMG]

    With MAC filtering on the other hand, the router maintains a list of MAC addresses that are allowed to connect to it. Any MAC address not on the list is denied access. Again, MAC address spoofing is possible, but the chances of anyone trying to gain access to your network knowing the MAC addresses of your wireless adapters is next to impossible.
     
  7. NetRyder

    NetRyder Tech Junkie Folding Team

    Messages:
    13,256
    Location:
    New York City
    Actually, that's not quite true. [​IMG]
    The GRC port scan checks if the port in question is open to incoming traffic, not outgoing traffic. Port 80 should be open to incoming traffic only if you're running an HTTP daemon like Apache/IIS etc.

    @dreamworks: Check your router port forwarding settings to make sure than port 80 isn't being forwarded to any machines on the internal LAN, and that the DMZ option is disabled. If you're using a software firewall, it should be blocking port 80. If everything is setup correctly, you should see it marked as stealth on the GRC test, as in this screenshot:
     
  8. muzikool

    muzikool Act your wage. Political User

    I set up a friend's network with access limited to specific MAC addresses, so I don't know why I didn't think of it earlier. It's simpler than setting up WEP as well. Like NetRyder said though, the chances of cracking the encryption for WEP is unlikely. Wireless networks can be secure, so don't be too paranoid about it. ;)
     
  9. Geffy

    Geffy Moderator Folding Team

    Messages:
    7,805
    Location:
    United Kingdom
    the port 80 thing, is the wireless router/access point setup for "Remote Administration" as that would allow incoming traffic to port 80.
     
  10. Xie

    Xie - geek - Subscribed User Folding Team

    Messages:
    5,275
    Location:
    NY, USA
    Well for *nix MAC address is software instead of hardware like on pc though .. so if someone knew a valid MAC on that list ... :p Ok I'm just being a pain.
     
  11. dreamliner77

    dreamliner77 The Analog Kid

    Messages:
    4,702
    Location:
    Red Sox Nation

    You? A pain? Never
    :cool:
     
  12. dreamworks

    dreamworks --== babyface ==--

    Messages:
    355
    :) Hehehe .. good suggestion.

    I've just enable MAC filtering as well. Thanks for your suggestion guys.