On Tue, 2005-02-01 at 19:30 -0700, Donn Shumway wrote: > George, > I have been experimenting with Wifi on Linux for a few weeks and I > have to say I have not had much success (with anything faster than > 802.11b with WEP). However, regarding security, my typical steps for > securing the connection are: > 1) Use WPA-PSK minimum for encryption. If you're on Linux, this may > not be possible, so use WEP 128-bit. > 2) Set the router's MAC address filtering to only accepts known MAC > addresses and deny all others. > 3) Do not broadcast your SSID. > 4) Change the name of your router. A lot of manufacturers put the > router model name in this field, like my Linksys WRT54G. There's no > sense telling anyone who does find your network what model your using. > > I am not an expert, but this has worked pretty well for all the > wireless routers I have setup. > > Does anyone else have any suggestions? --- of course but he should declare where and how secure. WEP isn't very secure WPA-PSK is better a VPN tunnel is even better but you have to set the wireless AP up so it denies traffic access to the LAN otherwise - tough for someone to do. If you choose Donn's suggestions above - implement one step at a time and make sure your wireless can get there so you aren't chasing all possible problems at once... i.e. start with open - no encryption - and connect stop ssid broadcast and then connect start MAC address filtering and connect add WEP encryption keys and connect add WPA-PSK encryption keys and connect (WPA not supported on 802.11b - need 802.11g) only at last point can you feel as though you have some semblance of security (wonder how long it will take to break WPA-PSK?) Breaking WEP keys is reportedly a few minutes. If this is a business - I figure the only safe thing to do is to put wireless access on outside of LAN firewall so they can access internet and only access LAN via VPN connection. Craig --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss