Wireless security checklist?

[morganlefay]

Well I am not the only one suggesting turning of DHCP.......so it would appear that you are singling me out........as in the other thread...auto login

Neg...thanks for the links......very informative

ahhhh IT the never ending learning game..........

but then there all some of us that know it all....

MLF

[brokencrow]

...auto login

Oh no, not again! Evil, evil, evil...

Seriously, manually assigning ip addresses is a pain. And if you're using a manually-assigned ip address on your home wireless connection and it's a laptop, it's going to be an even bigger pain when you try accessing another wireless network on the road. I'm not sure it's worth the trouble, IMHO.

[morganlefay]

Well...its really not that hard to manually assign an ip address....and a gateway

I have really never had issues with doing it...

Yes turning off DHCP would be a pain to keep track of IP addresses on a larger network

MLF

[brokencrow]

No, it's not hard if you know your way around a router or gateway and are comfortable programming one. Even then though, things can get glitchy (happened to me last week on an ip camera system: had to set it back to dhcp to get it networked).

If it's a laptop and you're mobile, a fixed ip address on that wireless connection is going to require resetting your tcp/ip settings everytime you want to jump on a different network. That's just too much trouble.

edit -- Neg, thanks for the links. Never knew MAC filters were as useless as that.

[RoadClosed]

I wouldn't call manually assigning IP addresses and disabling DHCP trivial. ASSUMING you take the effort to subnet the ip scheme into the number of clients you use.

Say 123.45.67.221/30?


Besides it just makes you feel good.

[HTRegz]

Originally posted here by morganlefay
Well I am not the only one suggesting turning of DHCP.......so it would appear that you are singling me out........as in the other thread...auto login

Neg...thanks for the links......very informative

ahhhh IT the never ending learning game..........

but then there all some of us that know it all....

MLF

Up until the point you replied (other than the OP) you were actually the only one so I wasn't centering you out

RC: The problem is in say a home environment you usually can't change the routers from anything other than a /24.

I was surprised to find Mac filtering on that list considering Mac Filtering is usually considered a fairly standard security measure even in the higher end cisco gear and not just on wireless networks... Actually I guess it would be less useful on wireless than wired... Wired it'd be harder for them to get another address to change to than it is on Wireless..

Peace,
HT

[ShagDevil]

In an older post on this, I had mentioned that even using encryption, the MAC address can still be sniffed out during the "4-Way Handshake". Enabling the MAC filter might keep Angelina Jolie out ("Hackers" ) but , not anyone who is determined to access your wireless network.
As for DHCP, I have mine enabled. I have it setup so that the IP pool is only enough to cover the machines connecting to it. In addition to that, I use static IP's (not for security purposes though). I'm guessing we should try to keep it somewhat simple as petereno admits, he/she is new to wireless.

Hello, Im new to wireless and I want some expert advise

[RoadClosed]

RC: The problem is in say a home environment you usually can't change the routers from anything other than a /24.

I am not that swift on most consumer products, so if that is the case. That totally sucks.