Hardening WIFI
Michael Butash
michael at butash.net
Thu Nov 23 15:52:07 MST 2017
Ensure you're only using wpa2-aes (no tkip, or mix wpa1-2), and use a very
long psk string. Ensure your clients aren't vulnerable to the blueborne
and other wifi ota exploits. Not much else you can do really unless you
want to run a radius and/or cert pki in-house to do eap-tls, or peap. You
can crack against wpa2, but unless using an easy string, it's not easy or
assured they will figure out your string.
I use a 32char random string, special characters, really annoying when
adding new devices, but I don't worry about someone cracking it.
-mb
On Thu, Nov 23, 2017 at 2:58 PM, <techlists at phpcoderusa.com> wrote:
>
> Hi,
>
> I would like to "Harden" my WIFI and am not sure where to start. I seem
> to recall past discussions on replacing the standard equipment provided by
> our ISP.
>
> I would like to make it very difficult to hack my WIFI and I would like a
> firewall. And I would like this to be "Plug and Play" as much as is
> possible. In other words I would like to stay away from installing a Linux
> firewall on an extra PC and then having to maintain it.
>
> Please feel free to let me know if my expectations are not valid.
>
> Thanks in advance!!
>
> Keith
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20171123/d6629d50/attachment.html>
More information about the PLUG-discuss
mailing list