Forum

All:

I created this text to accompany a talk on 802.11 security at home.

Your opinions please?

Thanks. /criss
==============================================

Good Security Practices for Home Based
IEEE 802.11 Wireless LANs

* Upgrade the access point firmware if a later version is available.

* Set a unique SSID and administrative password in place of the defaults.

* Select the most recently available encryption method from this list:
IEEE 802.11 standard 40/64 bit WEP RC4 and Open Authentication
Vendor proprietary 104/128 bit WEP RC4 and Open Authentication
Wi-Fi Protected Access aka WPA: TKIP RC4 with PSK (2004)
IEEE 802.11i RSN: TKIP RC4 with PSK (2005!)
IEEE 802.11i RSN: CCMP AES with PSK (2005! and new! AES hardware)

* Create a key (WEP) or a master key (WPA and RSN).

* Adjust all client stations to match the settings on the access point.

* Record the settings and procedures for the next time.


Questionable but Commonly Recommended
WEP Security Practices Obsoleted by WPA

* Create a MAC filter list of the expected wireless client stations.

* Select “Hide SSID” or “Closed Network” to make discovering the SSID harder.

* Power off the access point when it is not in use.


Acronyms:
AES: Advanced Encryption System
CBC-MAC: Cipher Block Chaining - Message Authentication Code
CCMP: Counter mode CBC-MAC Protocol
IEEE: Institute of Electrical and Electronics Engineers
LAN: Local Area Network
MAC: Medium Access Control
PSK: Pre Shared Key
RC4: “RSA Labs Cipher 4”
RSN: Robust Security Networks
SSID: Service Set Identifier
TKIP: Temporal Key Integrity Protocol
WEP: Wired Equivalent Privacy
Wi-Fi: Wireless Fidelity
WPA: Wi-Fi Protected Access

Criss Hyde 17Jun2004

This is a handy list.

Who is the target audience?

The List siggested is great for securing Access Points.
I might think of securing client also using personnel firewall.
Sarwar