On Wednesday, December 31, 2003 9:31 AM, Chris Gehlker wrote:
> I still don't really know what level of security is appropriate for a
> home office network.
You may not care if someone accesses the data on your laptop or uses your
Internet connection for surfin' p0rn, but what if they use your wireless
connection for some nefarious activity (e.g. sending SPAM, or cracking
someone else's box, or launching a virus). That activity could possibly be
traced back to your IP address, and trying to explain to the authorities
that it really wasn't you that defaced John Ashcroft's web site could be an
annoying waste of time. :)
I found the following 3 articles to be interesting and enlightening:
http://www.cs.umd.edu/~waa/wireless.pdf
http://www.arstechnica.com/paedia/w/wireless/security-1.html
http://www.oreillynet.com/pub/a/wireless/2002/04/19/security.html
At the minimum, I would say that you should turn off SSID broadcast, enable
128-bit WEP and turn on the MAC address filtering. Yes, these measures can
be defeated (easily so by someone that knows what they're doing), but they
are "better than nothing." I also change my SSID once a week, and, since I
only need to use the wireless capability when I'm using my laptop in the
evening, I only enable the wireless functionality on my router when I want
to use it and turn it off when I'm done.
One thing I want to play around with is Black Alchemy's FakeAP
(
http://www.blackalchemy.to/project/fakeap/). You can turn your wireless
NIC-equipped Linux box into an access point that broadcasts 50,000 or so
fake SSIDs. The SSID of your "real" network would be hidden in plain sight
amidst all the noise. It's sort of security through obscurity, but I've
heard anecdotal evidence that this can cripple a war-drivin' script kiddie's
laptop. Looks like fun!
HTH,
~Jeff
(text/plain)