Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

WEP Encryption


  • Please log in to reply

#1
Kiijo

Kiijo

    New Member

  • Member
  • Pip
  • 8 posts
Hello,

I've just set up a Wireless Network. It's working fine, however I'd like to improve the security and am unfamiliar with the various security settings. I've looked over the options but they are rather confusing and I'm wondering how secure the network needs to be. Essentially I'd like to be able to control who can access the wireless LAN and give permissions to specific people who should be able to access it.

Thanks,
Rob
  • 0

Advertisements


#2
-=jonnyrotten=-

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
Please give a detailed description of computers and networking hardware you are using.

-=jonnyrotten=- <_<
  • 0

#3
Kiijo

Kiijo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
First I should start by saying that this network is for a small non-profit company, for which I work. My job is not IT related, but because we are so small there is no IT person and because no one else in the business knows more than I do, I have become the default IT person on top of my usual responsibilities.

Our network is a bit extensive. The reason this all came up is that we actually added a new piece to it and that's when I became aware of its potential vulnerability. Here's goes nothing though...

We have a SMC Cable Gateway (rented from Comcast) connected to our switch, which feeds into our main office's LAN. Also connected to the switch is a Cisco 340 Aironet Wireless Workgroup Bridge, sending a wireless signal to 4 other buildings. Then in another building we have a Cisco 340 Aironet Wireless Access Point grabbing and extending that signal. Then there are 2 additional buildings with Cisco 340 Aironet Wireless Workgroup Bridges grabbing that signal. All of this has been set up and running for years (and before I came into the picture) and is running 802.11b (11mbps max).

We recently decided to add availability to another building. We purchased a Netgear WGE101 54 mbps Wireless Ethernet Bridge (802.11b/g). As I researched these things I became acutely aware of the vulnerability of Wireless network and wanted to find out what I can do to prevent any attack on our LAN.

Hope that's helpful, and please let me know if there is any further info I can provide, thanks in advance!
Rob
  • 0

#4
-=jonnyrotten=-

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
I would suggest making sure all communications require certificates. Therefore no one can optain an IP address wirelessly and connect to your network because they will not have a valid trusted certificate. Next in order to make sure no one can capture your information wirelessly I would make sure the wireless connections between the buildings is encrypted with IPSec (3des). That way even if someone captures your info it will be impossible to decrypt it. Only implement IPSec between the buildings, if you have it all over the network, network traffic will be substantially higher and will take way too long to communicate.

-=jonnyrotten=- <_<
  • 0

#5
Kiijo

Kiijo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

I would suggest making sure all communications require certificates.  Therefore no one can optain an IP address wirelessly and connect to your network because they will not have a valid trusted certificate.  Next in order to make sure no one can capture your information wirelessly I would make sure the wireless connections between the buildings is encrypted with IPSec (3des).  That way even if someone captures your info it will be impossible to decrypt it.  Only implement IPSec between the buildings, if you have it all over the network, network traffic will be substantially higher and will take way too long to communicate. 

-=jonnyrotten=- <_<

View Post



We do not run a DHCP server, so all of our IP's are assigned and static. Is that enough protection to avoid potential attackers?

I've never heard of IPSec encryption. Could you please detail what it is and how I would go about setting it up?

Thanks,
Rob
  • 0

#6
-=jonnyrotten=-

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
Which OS are your servers running?

-=jonnyrotten=- <_<
  • 0

#7
Kiijo

Kiijo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Win 2k

Users are XP/98/Mac OS10 mix
  • 0

#8
-=jonnyrotten=-

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
Basically what will need to be done is configure the Cisco wireless components that communicate to the other ones in the other buildings to use IPSec encryption. That is an Encryption by microsoft that comes with windows server 2000, xp, and 2003 server. I know you can configure wireless routers to run Ipsec mode, but I'm not sure how. It would probably be either on the router itself or on the computer that you use to configure the router. Who actually set up these components? It might be running already. What it would do is encrypt the data sent through the air and only the receiving end would be able to unencrypt it, very secure.

-=jonnyrotten=- <_<
  • 0

#9
Geek3point0

Geek3point0

    New Member

  • Member
  • Pip
  • 6 posts
RTM for steps because im not familiar with your routers user interface...


One Good measure above encryption would be to whitelist mac addresses.... record the mac address of wireless cards authorized for use, find the Tap that says Allow only specified MAC addresses and enter em.

Just my 2pennies
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP