5)SSID
There are a few things you can do to make your SSID more secure:
a.Disable Broadcast
b.Make it unique
c.Change it often
Most wireless networking devices will give you the option of broadcasting the SSID. This is a
option for
convenience, allowing anyone to log into your wireless network. In this case, however, anyone
includes hackers.
So don't broadcast the SSID.
A default SSID is set on your wireless devices by the factory. (The Neo-Meridian default SSID is
"Neo-Meridian".) Hackers
know these defaults and can check these against your network. Change your SSID to something
unique and not
something related to your company or the networking products you use.
Changing your SSID regularly will force any hacker attempting to gain access to your wireless
network to start
looking for that new SSID.
With these three steps in mind, please remember that while SSIDs are good for segmenting
networks, they fall
short with regards to security. Hackers can usually find them quite easily.
6)MAC addresses
Enable MAC address filtering if your wireless products allow it. MAC address filtering will allow you
to provide
access to only those wireless nodes with certain MAC addresses. This makes it harder for a
hacker using a
random MAC address or spoofing (faking) a MAC address.
7) Firewalls
You can use the same firewall technology to protect your wired network from hackers coming in
through your
wireless network as you did for the Internet. The firewall will protect your network from any
transmissions
entering via your wireless network.
8)WEP
Wired Equivalent Privacy (WEP) is often looked upon as a panacea for wireless security concerns.
This is
overstating WEP's ability. Again, this can only provide enough security to make a hacker's job
more difficult.
WEP encryption implementation was not put in place with the 802.11 standard. This means that
there are about
as many methods of WEP encryption as there are providers of wireless networking products. In
addition, WEP is
not completely secure. One piece of information still not encrypted is the MAC address, which
hackers can use to
break into a network by spoofing (or faking) the MAC address.
Programs exist on the Internet that are designed to defeat WEP. The best known of these is
AirSnort. In about a
day, AirSnort can analyze enough of the wireless transmissions to crack the WEP key. Just like a
dictionarybuilding
attack, the best prevention for these types of programs is by not using static settings, periodically
changing WEP keys, SSID, etc.
There are several ways that WEP can be maximized:
a) Use the highest level of encryption possible
b) Use multiple WEP keys
c) Change your WEP key regularly