Securing A Wireless Home Network. Simple home wired LAN.
-
Upload
paulina-logan -
Category
Documents
-
view
216 -
download
0
description
Transcript of Securing A Wireless Home Network. Simple home wired LAN.
SecuringAWireless Home Network
Simple home wired LAN
Simple home wireless LAN
Wireless LAN Wireless base station has to signal its existence so clients can connect (you laptop or other devices)
Attackers of wireless LANs therefore need to be kept out!
Types of attacksAttack laptops and workstations on the
networkSteal information being transmitted over
your wireless networkSteal Internet access through your Internet
What Happens When Your Laptop and Workstation are Attacked?
Attacker attempts to steal data from hard drives
Attacker attempts to damage the data on the hard drives
Attacker plants malicious software to attack other computers
Attacks can be traced to your computer, not his or hers!
Attacks to steal Internet access Attacker’s computer joins your network, uses
your Internet gateway Attacker could be (for example):
– Downloading copyrighted music files– Downloading child pornography– Broadcasting spam– These can be traced back to your Internet
connection
How easy is it to attack a wireless LAN?
Very easyAll an attacker needs is a laptop computer,
a wireless card and some softwareA directional antenna will increase the
range over which the attacker can access your network
Directional antenna can be made from a Pringles potato chip can!
Attackers drive around with their computers looking for open wireless networks
Why is it so easy to invade a wireless LAN?
Ease of setupDefault settings allow even people with
limited technical skills to set up and run a basic wireless network
Allows wireless users to use open, public networks (usually for Internet access)
Ex. Such as the one at your local Starbucks
How do you keep attackers out of your home wireless LAN?
Secure the networkChange the service set identifier (SSID)
of your base stationChange your base station’s passwordShut off your base station’s SSID
broadcastEnable encryption (WPA or WPA2)
Changing your SSID
To access the LAN you need the service set identifier (SSID) of your base station
Changing the default SSID reduces the chance the attacker will be able to guess it (it may be called default, Linksys ex.)
Works best with other security measures
Change your password To access the LAN you need the base
station’s password Changing the default password (often
‘admin’ or ‘password’) drastically reduces the chance the attacker will be able get into your network
Close your network Shut off SSID broadcast Reduces chances that the attacker can see
your network at all Like parking your car in a closed garage
– If the thief can’t see it, he won’t know that it’s available to steal
Enable wireless encryption Encrypt your network traffic
– This has to be done on the base station and all access points, wireless adapters, etc.
• All devices use the same WPA or WPA2 keys WPA or WPA2 (Wi-Fi Protected Access)
• Don’t forget yours; write it down
WPA & WPA2-Personal Choose this option to protect your network with Wi-Fi Protected
Access. Choose Password and enter a password between 8 and 63
characters. Wireless client computers using WPA or WPA2 can join the
network.
Setting up wireless security Make security changes in all devices (routers,
access points, adapters, etc.) through a wired link– If you change a device setting through a wireless
link, you could lose the connection when you apply the changes
– Set up devices in this order:• Base station (Cable/DSL modem)• Access points
– Test each device for connectivity before you install it in its final location
Wireless security is not perfect However, many simple measures can
be taken to make the job harder Wireless LAN security is not perfect but
if you make it difficult enough, attackers will pick other targets
Let’s Get to Work! Change Default Administrator
Passwords and Usernames Change the Default SSID Disable SSID Broadcast Turn on WPA Encryption
Default User Names and Passwords
Linksys Comcast User Name: comcast Password: 1234 Linksys User Name: [none] Password: admin NetGear User Name: admin Password: password D-Link User Name: admin Password: admin Cisco User Name: cisco Password: cisco Apple Airport Extreme User Name: [none] Password: admin