LANCOM Wireless DSL – LANCOM Wireless ADSL
Chapter 8: Security settings
78
EN
found in the LANconfig in the 'IP router' configuration section on the
'Routing' tab.
Have you closed critical ports with filters?
The firewall filters of the LANCOM Wireless DSL devices offer filter func-
tions for individual computers or entire networks. Source and target filters
can be set for individual ports or for ranges of ports. In addition, individual
protocols or any combinations of protocols (TCP/UDP/ICMP) can be fil-
tered. It is particularly easy to set up the filters with LANconfig. The 'Rules'
tab under 'Firewall/QoS' can assist you to define and change the filter
rules.
Have you excluded certain stations from access to the router?
Access to the internal functions of the devices can be restricted using a
special filter list. Internal functions in this case are configuration sessions
via LANconfig, WEBconfig, Telnet or TFTP. This table is empty by default
and so access to the router can therefore be obtained by TCP/IP using Tel-
net or TFTP from computers with any IP address. The filter is activated
when the first IP address with its associated network mask is entered and
from that point on only those IP addresses contained in this initial entry
will be permitted to use the internal functions. The circle of authorized
users can be expanded by inputting further entries. The filter entries can
describe both individual computers and whole networks. The access list
can be found in LANconfig in the 'TCP/IP' configuration section on the
'General' tab.
Is your saved LANCOM configuration stored in a safe place?
Protect the saved configurations against unauthorized access in a safe
place. A saved configuration could otherwise be loaded in another device
by an unauthorized person, enabling, for example, the use of your Inter-
net connections at your expense
.
Have you secured your wireless network encryption, an ACL and
LEPS?
With the help of 802.11i, WPA or WEP, you can encrypt the data in your
wireless network with different encryption methods such as AES, TKIP or
WEP. LANCOM recommends the strongest possible encryption by using
802.11i and AES. If the WLAN client adapters do not support these, then
you should use TKIP or at least WEP. Make sure that the encryption func-
tion in your device is activated, and that at least one passphrase or WEP
key has been entered and selected for application.