I created this text to accompany a talk on 802.11 security at home.
Your opinions please?
Good Security Practices for Home Based
IEEE 802.11 Wireless LANs
* Upgrade the access point firmware if a later version is available.
* Set a unique SSID and administrative password in place of the defaults.
* Select the most recently available encryption method from this list:
IEEE 802.11 standard 40/64 bit WEP RC4 and Open Authentication
Vendor proprietary 104/128 bit WEP RC4 and Open Authentication
Wi-Fi Protected Access aka WPA: TKIP RC4 with PSK (2004)
IEEE 802.11i RSN: TKIP RC4 with PSK (2005!)
IEEE 802.11i RSN: CCMP AES with PSK (2005! and new! AES hardware)
* Create a key (WEP) or a master key (WPA and RSN).
* Adjust all client stations to match the settings on the access point.
* Record the settings and procedures for the next time.
Questionable but Commonly Recommended
WEP Security Practices Obsoleted by WPA
* Create a MAC filter list of the expected wireless client stations.
* Select Ã¢Â€ÂœHide SSIDÃ¢Â€Â or Ã¢Â€ÂœClosed NetworkÃ¢Â€Â to make discovering the SSID harder.
* Power off the access point when it is not in use.
AES: Advanced Encryption System
CBC-MAC: Cipher Block Chaining - Message Authentication Code
CCMP: Counter mode CBC-MAC Protocol
IEEE: Institute of Electrical and Electronics Engineers
LAN: Local Area Network
MAC: Medium Access Control
PSK: Pre Shared Key
RC4: Ã¢Â€ÂœRSA Labs Cipher 4Ã¢Â€Â
RSN: Robust Security Networks
SSID: Service Set Identifier
TKIP: Temporal Key Integrity Protocol
WEP: Wired Equivalent Privacy
Wi-Fi: Wireless Fidelity
WPA: Wi-Fi Protected Access
Criss Hyde 17Jun2004
This is a handy list.
Who is the target audience?
The List siggested is great for securing Access Points.
I might think of securing client also using personnel firewall.