Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: How to secure wireless lan

How to secure wireless lan 12 years 5 months ago #4282

  • ezbuddie
  • ezbuddie's Avatar
  • Offline
  • New Member
  • Posts: 4
  • Karma: 0
My boss asks me to setup a wireless lan inside a shop in a shopping mall. It is around 1000 sq meter which I plan to setup 8-10 access points (802.11g). Since it is a public area which is very easy to be hacked. Therefore, I'll improve the security by rename default SSID and disable broadcast SSID, enable WEP, build Access Control List. (details at bottom).

According to some books, high securiy can implement firewall or even VPN tunnel between the wired and wireless network (devices). For me, it is still a concept. Can anyone share to me how to equip the WLAN in high security mode ???

SSID (Service Set ID)
SSID is a unique network identifier with a
maximum of 32 characters. Each wireless
access point has to be assigned with an SSID.
The WLAN clients need to know the SSID of the
access point to be connected with. The SSID can
also be used to differentiate one WLAN from
another. The access points and clients
connected to a specific WLAN must use the
same SSID.
WEP (Wired Equivalent Privacy)
As its name say, WEP is designed to provide an
equivalent level of privacy in the wireless
environment as it is in the wired environment.
WEP uses a shared and static key, known to
both access points and clients, to encrypt data
packets before transmission. Up to 4 sets of
static keys can be defined in access
points/clients. WEP uses either a 40-bit or a
128-bit encryption mechanism for encryption.
For most WLAN access points, WEP is disabled
by default.
ACL (Access Control List)
ACL (Access Control List) is used in some WLAN
access points to control client access. The ACL is
usually based on the client’s wireless Ethernet
MAC address which is unique in each client. The
ACL is a database to store the MAC address that
can access the WLAN. If the client’s MAC
address is not listed in the ACL, his/her access
will be denied.
The administrator has disabled public write access.

Re: How to secure wireless lan 12 years 5 months ago #4294

  • dreamer
  • dreamer's Avatar
  • Offline
  • New Member
  • Posts: 15
  • Karma: 0
Hi,

don't know much about wireless networking but you can always try to check your security using some tools that hackers also use for instance:

NetStumbler (Windowsbased): the disadvantage of this application is that it relies on one form of wireless network detection. So when you disable broadcast probe request no networks will be detected.

Kismet (Linuxbased) I believe this is one of the best applications there is (also for wardriving). Cause it has different methods for detecting wireless networks. When it can Kismet will also gather additional information when possible.

Some other (usefull) tools are: Wellenreiter (discovery tool), THC-RUT (discovery tool), WEPcrack (an encryption breaker to crack 802.11 Wep encryption keys) and AirSnort (captures packets and when enough packets are gathered then it try's to crack the encryption key).

You also might want to check out http://www.airdefense.net/whitepapers/

Greets
The administrator has disabled public write access.

wow 12 years 5 months ago #4344

  • ZiPPy
  • ZiPPy's Avatar
  • Offline
  • Expert Member
  • Posts: 500
  • Karma: 0
wow! thats gonna be a fun task. I setup a small wireless setup in my apartment using the Netgear Wireless 108G router. I posted a post regarding a bottleneck problem. (not wireless but using cat5) I have that router also as my firewall. So I am still looking into that bottleneck problem. But as far as wireless setup I myself am still working and looking more into it. So let me know how that setup goes, would love to hear how it went.

ZiPPy
ZiPPy
The administrator has disabled public write access.

Re: How to secure wireless lan 12 years 5 months ago #4346

  • sahirh
  • sahirh's Avatar
  • Offline
  • Honored Member
  • Posts: 1700
  • Karma: 0
I'll be attending a seminar on wi-fi setup and security issues sometime next week (i hope).. will let you guys know what interesting stuff i pick up.
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
The administrator has disabled public write access.
Time to create page: 0.081 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup