Router/Firewall Recommendation
Ed Wilts
ewilts at ewilts.org
Wed Jun 30 20:26:23 UTC 2004
On Wed, Jun 30, 2004 at 04:16:46PM -0400, Ward William E DLDN wrote:
> Boom, I'm on the Internet before I even
> had a chance to set up the connection to my OWN (more secure) WAP. Oh,
> yeah, Wireless >OUT OF THE BOX< is Secure </roll eyes>.
I just added a Linksys wireless router to my home environment along with
my existing switch. I had fun trying to figure out how to set it up so
that the wireless stuff wasn't as insecure as it is out of the box.
When the router is set to factory default, wireless is turned out, no
encryption keys are set, all MAC addresses are enabled, the ssid is set
to a default (linksys), and broadcast is turned on. Yes, it's easy to
get going, but is no insecure that you don't want to stay this way for
more than 5 minutes until you can type fast and reconfigure it. I had
the WAN cable disconnected until I could reconfigure it.
> even after being "configured", most WAPs are STILL unsecure; the average
> user is clueless about how to secure these things.
To Linksys's credit, there's a security document on their web site to
turn the right stuff off and on. To their downside, however, the
default should be to trust noone. Set the default ssid to the serial
number of something and don't broadcast it - that will at least slow
some people down (unfortunately including the people trying to actually
use one though).
--
Ed Wilts, RHCE
Mounds View, MN, USA
mailto:ewilts at ewilts.org
Member #1, Red Hat Community Ambassador Program
More information about the redhat-list
mailing list