Appreciate your help and advice!!

On 2017-11-23 15:52, Michael Butash wrote:

> Ensure you're only using wpa2-aes (no tkip, or mix wpa1-2), and use a very long psk string.  Ensure your clients aren't vulnerable to the blueborne and other wifi ota exploits.  Not much else you can do really unless you want to run a radius and/or cert pki in-house to do eap-tls, or peap.  You can crack against wpa2, but unless using an easy string, it's not easy or assured they will figure out your string. 
> 
> I use a 32char random string, special characters, really annoying when adding new devices, but I don't worry about someone cracking it. 
> 
> -mb 
> 
> On Thu, Nov 23, 2017 at 2:58 PM, <techlists@phpcoderusa.com> wrote:
> 
>> Hi, 
>> 
>> I would like to "Harden" my WIFI and am not sure where to start.  I seem to recall past discussions on replacing the standard equipment provided by our ISP. 
>> 
>> I would like to make it very difficult to hack my WIFI and I would like a firewall.  And I would like this to be "Plug and Play" as much as is possible.  In other words I would like to stay away from installing a Linux firewall on an extra PC and then having to maintain it. 
>> 
>> Please feel free to let me know if my expectations are not valid.   
>> 
>> Thanks in advance!! 
>> 
>> Keith 
>> 
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss [1]
> 
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
 

Links:
------
[1] http://lists.phxlinux.org/mailman/listinfo/plug-discuss