A few points:
1) Cable modems provide no security, All Cable/DSL users should have a proper firewall (usually a Linux(or BSD)-based appliance or a dedicated Linux or BSD PC).
2) The Linksys WRT54G is OK in it's default config. You should definitely break out the manual and go over it's settings to see if you can lock it down any further, since the default does allow a few not-good things to avoid breaking common applications.
3) WEP is an instant hack, most wardriving tools break through it without even pausing. If you want a secure wireless you need WPA2 (which isn't supported well in Linux), and even then DO NOT TRUST a wireless network, ever.
4) Do all sensitive tasks (financial, sensitive personal information, home video surveillance, etc...) from a machine with a wired connection only, preferably behind a second firewall to protect it from the wireless network.
Example diagram attached.
==Joseph++
FoulDragon@aol.com wrote:
> I'm having cable put in, so I wanted to make sure my ship was as tight as
> possible first. Up til now, aside from a disasterous attempt to share a 56k
> connection, the network has been for file and printer sharing only.
>
> Current Network configuration: Two desktop PCs on wireless, one networkable
> printer via Ethernet. Possibly an on-again-off-again wireless laptop.
>
> Right now, I suspect IP numbers are being assigned by DHCP
>
> The router/hub/waffle iron is a Linksys WRT54G version 2. Apparently very
> popular.
>
> The network configuration:
> -Two desktop PCs with $19 802.11g PCI cards. Likely peak configuration will
> be four desktops. These PCs will be running Windows (2000 SP4 / XP
> gold-master / 98SE o.O) at least part time.
>
> -One, possibly worst-case two laptops with 802.11 cards.
>
> -One HP LaserJet 5, hanging off Ethernet.
>
> Wireless security in place:
>
> WEP with a 112-bit key. SSID changed from the default. SSID broadcast
> disabled. MAC filter set to "allow specific cards only" and filled in with the two
> PCI cards and one prehistoric PCMCIA 802.11b card I have in my near-dead
> laptop.
>
> Is there anything else I should be doing to keep wardrivers at bay?
>
> And how do I set the WRT54G's firewall, both in terms of where are the
> controls and what are reasonable values?
>
> Or is it moot and the "default" Cox modem the bloke is bringing also
> supplants the router? If so, are there a specific list of best practices for that
> setup?
>
>
>
> ------------------------------------------------------------------------
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss