Re: Wi-Fi security using linux-based router

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMAlan Pratt at <-
MHarold at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: John Schember
Date:  
To: Main PLUG discussion list
New-Topics: Is there a simple ethernet splitter?
Subject: Re: Wi-Fi security using linux-based router
Like that links says a third party firmware (DD-WRT or OpenWRT) are
required if you want more functionality than it comes with.

As far as securing your wireless network:

* Use WPA2 with AES encryption.
* Use a random key, grc.com[1] has a very good one.
* Rotate your key month at a minimum.
* Turn down the transmit power on the router to the point that the
signal does not reach outside any area you would connect from.
* Use a Mac filter.
* Use a good rule set for Iptables.
* Use static IP addressing.
* If the firmware allows it divide the wireless and wired lan into
different segments (different address ranges) to better control what the
wifi can access. This with static IP addressing will allow you to add
Iptables rules that prevent devices on the wireless portion to access
devices on the wired. This is still possible with the same address range
on wired and wireless but having them separate is a bit easier.

John

[1]https://www.grc.com/passwords.htm


On Tue, 2007-05-15 at 09:34 -0700, wrote:
> About a month ago I bought a Linux-based Linksys wireless router,
> WRT54GL v1. By the way, as I approached the Linksys shelf at
> Fry's (Northwest Phoenix) it was the first box I came to ... didn't
> have to search.
>
> Are there any interesting things I can install on it, to improve the
> security of my wireless network?
>
> I found one link right away, which I haven't looked at yet:
>
> http://www.sns.ias.edu/~jns/wp/2006/03/24/iptables-on-a-linksys-cisco-wrt54gl-broadband-router-howto/
>
> I'm just fishing for any pointers or recommendations that will give
> me a boost. I'm specifically interested in controlling what wireless
> connections can see, and maybe limiting access to specific PCs.
>
> Thanks,
>
> Vic
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: Wi-Fi security using linux-based routerArizona LoCo (was: Re: Ubuntu Weekly News)->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)