[geeks] cheap 802.11?
Gary Nichols
gary at linuxforce.org
Fri Feb 28 15:34:26 CST 2003
On Fri, 28 Feb 2003, David L Kindred (Dave) wrote:
> Besides, WEP should still always be configured as your
> least-common-denominator and first line of defense, should it not? The
> first thing I was ever taught about security is "defense in depth".
Absolutely.
1> Don't broadcast your ESSID please. [0]
2> Use 128-bit WEP (with a decent key) and change your key periodically!
3> Use encryption between client and gateway just past the access point.
4) FIrewall off your AP from your network only allowing the secure
traffic.
5> Bonus: add a honeypot to your wireless realm and watch the fun!
[0] If your AP vendor doesn't give you this option in the firmware,
upgrade
your firmware or choose another brand. No point in advertising yourself
to everyone!
More information about the geeks
mailing list