Wireless Security Suggestions

[beerabuser30]

What are the suggestions everyone has for wireless networks security? I have had multiple routers and many have the same options but a lot of the stuff is different. Wasn't sure where to place this post but I guess networking is as good as a spot as any.

 

[SultanGris]

depends on where u live, what u have on computer, and how much u care.

if you have personal financial info on your pc, and live in a city, and have your hard drive shared out to your other pc's on your network, i would enable the security.

if u dont live within wireless range of any other houses, dont have personal info, and dont have hard drives shared, it wont really matter, unless your talking about firewall security from the internet,

 

[beerabuser30]

What encryption does everyone use?

 

[SultanGris]

i dont use any, cause no one lives close enough to access my network, plus i dont have any personal info on my pc, and my hd isnt shared, so if they do access my network, all they can do is print something and use the internet.

 

[beerabuser30]

I don't have anything all that important, but I do have some drives shared on multiple computers.

 

[vhunter]

For Wireless, I use WPA with TKIP.

 

[DelJo63]

security is a multi-faceted issue.
First, there is a proactive component; things you do to AVOID problems;
Routers, firewalls, escryption, blacklists, are some examples.
Secondly, there's the reactive component; antivirus and Intrustion Detection Systems are primary examples.

When you have a setup like

DSL/Cable modem --- some-router---systems(one or more)​

the NAT feature of the router becomes your primary defense from direct attack
from the internet (excluding email, applets, java, and ActiveX).
Without a wireless connection, this will defend a great deal. With a wireless,
the ENCRYPTION will be your secondary defense. If you setup your firewall
correctly, the worst case breach will be to 'seal bandwidth' of your connection.
The Wirewall will/could/should/must reject all access from LAN addresses you do not use.

EG: I have several systems and I setup the LAN to TRUST(allow)
anything from known addresses (198.162.0.1 -- 198.162.0.10).
I ensure that my DHCP assigns unknow users to 198.168.0.11 and above,
and set the firewall to disallow all access from these addresses.

While many people dump on Norton NIS, I like the Profiling capability which
allows me to create {away, office, home} profiles and assign separate runs to
each. I can go to any hotspot, connect, and be assured no one is getting access.

WPA is far superior to WEP, as someone with technical skills can get the key
and break the code *IF* they wish to make the effort.
Per the above reasoning, this can be mute if the secondary defense is setup correctly.

 

[beerabuser30]

I have wpa and tkip enabled currently. Allowing trust for the different accounts is interesting i might try that out.