Corinex Global ADSL2+ User Manual

Page 123

Advertising
background image

122

Appendices

Corinex ADSL2+ Wireless Gateway G

7) Firewalls

Once a hacker has broken into your wireless network, if it is connected to your
wired network, they’ll have access to that, too. This means that the hacker has
effectively used your wireless network as a backdoor through your firewall, which
you’ve put in place to protect your network from just this kind of attack via the
Internet.

You can use the same firewall technology to protect your wired network from
hackers coming in through your wireless network as you did for the Internet.
Rather than connecting your access point to an unprotected switch, swap those
out for a router with a built-in firewall. The router will show the access point com-
ing in through its WAN port and its firewall will protect your network from any
transmissions entering via your wireless network. PCs unprotected by a firewall
router should at least run firewall software, and all PCs should run up-to-date
antiviral software.

B. WEP

Wired Equivalent Privacy (WEP) is often looked upon as a panacea for wireless
security concerns. This is overstating WEP’s ability. Again, this can only provide
enough security to make a hacker’s job more difficult.

WEP encryption implementation was not put in place with the 802.11 standard.
This means that there are about as many methods of WEP encryption as there
are providers of wireless networking products. In addition, WEP is not completely
secure. One piece of information still not encrypted is the MAC address, which
hackers can use to break into a network by spoofing (or faking) the MAC address.

Programs exist on the Internet that are designed to defeat WEP. The best known
of these is AirSnort. In about a day, AirSnort can analyze enough of the wireless
transmissions to crack the WEP key. Just like a dictionary-building attack, the best
prevention for these types of programs is by not using static settings, periodically
changing WEP keys, SSID, etc.

There are several ways that WEP can be maximized:

a) Use the highest level of encryption possible
b) Use multiple WEP keys
c) Change your WEP key regularly

Advertising
Popular Brands
Popular manuals