• All:

    I created this text to accompany a talk on 802.11 security at home.

    Your opinions please?

    Thanks. /criss

    Good Security Practices for Home Based
    IEEE 802.11 Wireless LANs

    * Upgrade the access point firmware if a later version is available.

    * Set a unique SSID and administrative password in place of the defaults.

    * Select the most recently available encryption method from this list:

    IEEE 802.11 standard 40/64 bit WEP RC4 and Open Authentication
    Vendor proprietary 104/128 bit WEP RC4 and Open Authentication
    Wi-Fi Protected Access aka WPA: TKIP RC4 with PSK (2004)
    IEEE 802.11i RSN: TKIP RC4 with PSK (2005!)
    IEEE 802.11i RSN: CCMP AES with PSK (2005! and new! AES hardware)

    * Create a key (WEP) or a master key (WPA and RSN).

    * Adjust all client stations to match the settings on the access point.

    * Record the settings and procedures for the next time.

    Questionable but Commonly Recommended
    WEP Security Practices Obsoleted by WPA

    * Create a MAC filter list of the expected wireless client stations.

    * Select “Hide SSID” or “Closed Network” to make discovering the SSID harder.

    * Power off the access point when it is not in use.

    AES: Advanced Encryption System
    CBC-MAC: Cipher Block Chaining - Message Authentication Code
    CCMP: Counter mode CBC-MAC Protocol
    IEEE: Institute of Electrical and Electronics Engineers
    LAN: Local Area Network
    MAC: Medium Access Control
    PSK: Pre Shared Key
    RC4: “RSA Labs Cipher 4”
    RSN: Robust Security Networks
    SSID: Service Set Identifier
    TKIP: Temporal Key Integrity Protocol
    WEP: Wired Equivalent Privacy
    Wi-Fi: Wireless Fidelity
    WPA: Wi-Fi Protected Access

    Criss Hyde 17Jun2004

  • This is a handy list.

    Who is the target audience?

  • The List siggested is great for securing Access Points.
    I might think of securing client also using personnel firewall.

Page 1 of 1
  • 1