Table of Contents
Advertisement
random numbers and letters - but it is not very secure if you use a short key which is very easy to guess -
for example, a three-letter word from the dictionary.
Because of the damage that can be done by a malicious attacker, it's not just people who have
sensitive information on their network who should use security. Everybody who uses any wireless network
should ensure that effective security is in place.
A good way to come up with effective security keys, passwords and so on is to use obscure information
that you personally will easily remember, and to enter it in a way that appears random and does not
include real words. For example, if your mother owns a 1970 Dodge Challenger and her favorite movie is
Vanishing Point (which you know was made in 1971) you could use "70dodchal71vanpoi" as your
security key.
The following sections introduce different types of wireless security you can set up in the wireless
network.
7.10.3.1 SSID
Normally, the VMG acts like a beacon and regularly broadcasts the SSID in the area. You can hide the
SSID instead, in which case the VMG does not broadcast the SSID. In addition, you should change the
default SSID to something that is difficult to guess.
This type of security is fairly weak, however, because there are ways for unauthorized wireless devices to
get the SSID. In addition, unauthorized wireless devices can still see the information that is sent in the
wireless network.
7.10.3.2 MAC Address Filter
Every device that can use a wireless network has a unique identification number, called a MAC
1
address.
A MAC address is usually written using twelve hexadecimal characters
00A0C5000002 or 00:A0:C5:00:00:02. To get the MAC address for each device in the wireless network,
see the device's User's Guide or other documentation.
You can use the MAC address filter to tell the VMG which devices are allowed or not allowed to use the
wireless network. If a device is allowed to use the wireless network, it still has to have the correct
information (SSID, channel, and security). If a device is not allowed to use the wireless network, it does
not matter if it has the correct information.
This type of security does not protect the information that is sent in the wireless network. Furthermore,
there are ways for unauthorized wireless devices to get the MAC address of an authorized device. Then,
they can use that MAC address to use the wireless network.
7.10.3.3 User Authentication
Authentication is the process of verifying whether a wireless device is allowed to use the wireless
network. You can make every user log in to the wireless network before using it. However, every device
in the wireless network has to support IEEE 802.1x to do this.
For wireless networks, you can store the user names and passwords for each user in a RADIUS server. This
is a server used in businesses more than in homes. If you do not have a RADIUS server, you cannot set up
user names and passwords for your users.
1.
Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These
kinds of wireless devices might not have MAC addresses.
2.
Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.
Chapter 7 Wireless
VMG3925-B10C/B30C User's Guide
118
2
; for example,
Advertisement
Table of Contents
