Re: a few wireless network questions
From: Chuck (none_at_example.net)
Date: 12/29/04
- Next message: Doug Sherman [MVP]: "Re: 2 network, 2 dsl, 1 nic, 1 wireless how do I select the right dsl connection?"
- Previous message: Hans-Georg Michna: "Re: network utilization 60%...can i get more??"
- In reply to: Nih: "RE: a few wireless network questions"
- Next in thread: Nih: "Re: a few wireless network questions"
- Reply: Nih: "Re: a few wireless network questions"
- Messages sorted by: [ date ] [ thread ]
Date: 29 Dec 2004 09:36:06 -0600
On Wed, 29 Dec 2004 05:57:20 -0800, Nih <Nih@discussions.microsoft.com> wrote:
>I just noticed ther is a wireless networking forum, could someone please move
>this down to that section.
>
>"Nih" wrote:
>
>> I currently have a wired network with 1 PC and 1 laptop. I have a wireless
>> card for the laptop and am having problems with my router (its old) so I am
>> thinking of getting a wireless Linksys router. First question is I know
>> someone outside could access the internet using my connection but can they
>> access my network? I have both computers running windows firewall and I
>> believe the Linksys has its own firewall. What other steps should I take to
>> prevent someone from getting onto my home network? Second are there any
>> changes I have to make to my network settings when i switch to wireless or
>> should I just be able to plug and go, (other than running the wireless card's
>> software). My pc will still be hardwired to the router, both run win xp home.
You are right to be concerned, with your wireless LAN. Indeed, all computers -
not just the wireless ones - are vulnerable.
Here's a story about somebody's very stupid wireless neighbor. Don't expect all
wireless neighbors to be this stupid.
<http://www.canoe.ca/NewsStand/LondonFreePress/News/2003/11/22/264890.html>.
The point is, you need to protect a wireless LAN with more precautions than just
the NAT firewall.
Change the router management password, and disable remote (WAN) management.
Enable WEP / WPA. Use non-trivial (non-guessable) values for each. (No "My dog
has fleas").
Enable MAC filtering.
Change the subnet of your LAN - don't use the default. Make the router LAN
address something like 192.168.101.1.
Disable DHCP, and assign an address to each computer manually, like
192.168.101.n (n '= 1).
Install a software firewall on every computer connected to a wireless LAN. Put
manually assigned ip addresses in the Local (highly trusted) Zone. Open file
sharing, only in the Local Zone.
Don't disable SSID broadcast - some configurations require the SSID broadcast.
But change the SSID itself - to something that doesn't identify you, or the
equipment.
Enable the router activity log. Examine it regularly. Know what each
connection listed represents - you? a neighbor?.
Use non-trivial accounts and passwords on every computer connected to a wireless
LAN. Disable or delete Guest userid, if possible (XP Home is a bad choice
here). Rename Administrator, to a non-trivial value, and give it a non-trivial
password. Never use the Administrator renamed account for day to day
activities, only when intentionally doing administrative tasks.
Stay educated - know what the threats are. Newsgroups alt.internet.wireless and
microsoft.public.windows.networking,wireless are good places to start.
-- Cheers, Chuck Paranoia comes from experience - and is not necessarily a bad thing.
- Next message: Doug Sherman [MVP]: "Re: 2 network, 2 dsl, 1 nic, 1 wireless how do I select the right dsl connection?"
- Previous message: Hans-Georg Michna: "Re: network utilization 60%...can i get more??"
- In reply to: Nih: "RE: a few wireless network questions"
- Next in thread: Nih: "Re: a few wireless network questions"
- Reply: Nih: "Re: a few wireless network questions"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
