Re: [tlug] Securing a WLAN-Router

[Stuart Luppescu <s-luppescu@example.com>]

On 土, 2004-12-04 at 12:03 +0100, Niels Kobschaetzki wrote:
> Hi!
> In some days I will get a DSL-connection and because of making the 
> contract I got a WLAN-router. In spite of having a flat I do not want to 
> have the next hotspot in berlin ;)
> What's the best to secure the thing?
> I did the following:
> 
> 1. Changing the standard admin-pass ;)
> 2. The network will be hidden (so it will be not seen if you do not use 
> special tools)
> 3. 128-WEP-encryption (WPA caused some errors thus I used WEP - neither 
> got a connection with mac os x nor with win xp - and my linux computer 
> has no wlan)
> 4. MAC-filtering
> 5. Living ca. 10 m above the street and have walls which have a very 
> good shielding ;)
> 
> Any other things I should look out for in the admin-software of the router?

You've done the major important things already. You should also change
the SSID. I have found open access points with the SSID left at the
default value (e.g., ``Linksys''). All you have to do is go to the
manufacturer's web site, download the manual, and get all kinds of
information that can be used for hacking into the router. Not that I
would do such a thing --- very often. If you're really paranoid you can
set the router to not transmit the SSID (you have to explicitly enter
the SSID on the client to connect). That will make your access point
nearly invisible.

-- 
Stuart Luppescu -=- s-luppescu .at. uchicago.edu        
University of Chicago -=- CCSR 
$B:MJ8$HCRF`H~$NIc(B -=-    Kernel 2.6.9-gentoo-r4                
"I've been talking to Uvaente Fox, the new
 president of Mexico -- I know him -- to have gas
 and oil sent to the United States ... so we'll not
 depend on foreign oil."  George W. Bush October 3,
 2000

Attachment: signature.asc
Description: This is a digitally signed message part