Wireless Networking: Where to start? - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Wireless Networking: Where to start?

  1. #11
    Just an update with more specifics...The boss just wants a few wireless notebooks to be able to connect to the existing LAN, and we're looking at well-ranged 802.11 b/g devices. Does that pinpoint things a bit better?

  2. #12
    Junior Member
    Join Date
    Mar 2004
    Posts
    7
    Couple of things.

    - if you can avoid deploying wireless at all, do so

    - if you must deploy wireless, here are few tips:
    - do NOT put the WAP on your internal network, hang it off of a DMZ on your firewall and require users to VPN into your network once they've connected to the WAP
    - DO use WEP, it's weak, but every little bit helps (think defense in depth)
    - DO use MAC address filtering (again, defense in depth)
    - Once you've got the network set up, take your own laptop and walk around the building to see how far your radio signal reaches. Limiting the signal strength is beyond the scope of a simple forum post, but at least knowing how far you've just extended your network will make you aware of your exposure.
    - get your hands on a WAP that supports WPA (basically WEP with TKIP)

    Those are some quick points off the top of my head.

    --Ben

  3. #13
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888
    - if you can avoid deploying wireless at all, do so

    - if you must deploy wireless, here are few tips:
    - do NOT put the WAP on your internal network, hang it off of a DMZ on your firewall and require users to VPN into your network once they've connected to the WAP
    - DO use WEP, it's weak, but every little bit helps (think defense in depth)
    - DO use MAC address filtering (again, defense in depth)
    - Once you've got the network set up, take your own laptop and walk around the building to see how far your radio signal reaches. Limiting the signal strength is beyond the scope of a simple forum post, but at least knowing how far you've just extended your network will make you aware of your exposure.
    - get your hands on a WAP that supports WPA (basically WEP with TKIP)
    Very good advice venom600...

    I do not work in a large crowded city where security 10 or 20 feet outside of my building would be a concern. I suppose I do sometimes need to figure in the possibilities of industial espionage, Bandwidth hijacking, and possibly Homeland security against Terrorism, and other risks when suggesting a simple fix for a small in-house network.

    AngelicKnight... what is the element of security you are trying to achieve, are there people out there who could benifit from cracking your network?
    I have a question; are you the bug, or the windshield?

  4. #14
    Senior Member
    Join Date
    Sep 2003
    Posts
    500
    are there people out there who could benifit from cracking your network?
    Yeah wardrivers!
    You shall no longer take things at second or third hand,
    nor look through the eyes of the dead...You shall listen to all
    sides and filter them for your self.
    -Walt Whitman-

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •