1. Home
    2. /
  2. Manuals
    3. /
  3. Linksys
    4. /
  4. WAG300N
    5. /
  5. 15
Page 71 / 98 Scroll up to view Page 66 - 70
65
Appendix B: Wireless Security
Security Precautions
Wireless-N ADSL2+ Gateway
Appendix B: Wireless Security
Linksys wants to make wireless networking as safe and easy for you as possible. The current generation of
Linksys products provide several network security features, but they require specific action on your part for
implementation. So, keep the following in mind whenever you are setting up or using your wireless network.
Security Precautions
The following is a complete list of security precautions to take (at least steps 1 through 5 should be followed):
1.
Change the default SSID.
2.
Disable SSID Broadcast.
3.
Change the default password for the Administrator account.
4.
Enable MAC Address Filtering.
5.
Change the SSID periodically.
6.
Use the highest encryption algorithm possible. Use WPA if it is available. Please note that this may reduce
your network performance.
7.
Change the WEP encryption keys periodically.
For information on implementing these security features, refer to “Chapter 5: Configuring the Wireless-N ADSL2+
Gateway.”
Security Threats Facing Wireless Networks
Wireless networks are easy to find. Hackers know that in order to join a wireless network, wireless networking
products first listen for “beacon messages”. These messages can be easily decrypted and contain much of the
network’s information, such as the network’s SSID (Service Set Identifier). Here are the steps you can take:
Change the administrator’s password regularly.
With every wireless networking device you use, keep in mind
that network settings (SSID, WEP keys, etc.) are stored in its firmware. Your network administrator is the only
person who can change network settings. If a hacker gets a hold of the administrator’s password, he, too, can
change those settings. So, make it harder for a hacker to get that information. Change the administrator’s
password regularly.
NOTE:
Some of these security features are
available only through the network gateway,
router, or access point. Refer to the gateway,
router, or access point’s documentation for more
information.
Page 72 / 98
66
Appendix B: Wireless Security
Security Threats Facing Wireless Networks
Wireless-N ADSL2+ Gateway
SSID.
There are several things to keep in mind about the SSID:
1.
Disable Broadcast
2.
Make it unique
3.
Change it often
Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be
more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast
the SSID.
Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.)
Hackers know these defaults and can check these against your network. Change your SSID to something unique
and not something related to your company or the networking products you use.
Change your SSID regularly so that any hackers who have gained access to your wireless network will have to
start from the beginning in trying to break in.
MAC Addresses.
Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only
those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with
a random MAC Address.
WEP Encryption.
Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security
concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job
more difficult.
There are several ways that WEP can be maximized:
1.
Use the highest level of encryption possible
2.
Use “Shared Key” authentication
3.
Change your WEP key regularly
WPA.
Pre-Shared Key (WPA) is the newest and best available standard in Wi-Fi security.
WPA2
is the newer
version of Pre-Shared Key with stronger encryption than WPA. WPA gives you a choice of two encryption
methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates
Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System),
which utilizes a symmetric 128-Bit block data encryption. WPA-Enterprise and WPA2-Enterprise use a RADIUS
(Remote Authentication Dial-In User Service) server for authentication. RADIUS uses a RADIUS server and WEP
encryption.
IMPORTANT:
Always remember that each device
in your wireless network MUST use the same
encryption method and encryption key or your
wireless network will not function properly.
Page 73 / 98
67
Appendix B: Wireless Security
Security Threats Facing Wireless Networks
Wireless-N ADSL2+ Gateway
WPA-Personal
. Select the type of algorithm, TKIP or AES, enter a password in the Passphrase field of 8-63
characters, and enter a Group Key Renewal period time between 0 and 99,999 seconds, which instructs the
Gateway or other device how often it should change the encryption keys.
WPA2-Personal
. WPA2 gives you one encryption method, AES, with dynamic encryption keys. Enter a
Passphrase of 8-63 characters. Then enter a Group Key Renewal period, which instructs the Gateway how
often it should change the encryption keys.
WPA-Enterprise
. This method is WPA used in coordination with a RADIUS server. Enter the IP address and
port number of the RADIUS server. Then enter the key shared between the Gateway and its RADIUS server.
Then enter a Key Renewal Timeout period, which instructs the Gateway how often it should change the
encryption keys.
WPA2-Enterprise
. This method is WPA2 used in coordination with a RADIUS server. Enter the IP address and
port number of the RADIUS server. Then enter the key shared between the Gateway and its RADIUS server.
Then enter a Key Renewal Timeout period, which instructs the Gateway how often it should change the
encryption keys.
RADIUS
. This method is WEP used in coordination with a RADIUS server. Enter the IP address and port
number of the RADIUS server. Then enter the key shared between the Gateway and its RADIUS server. Enter
the WEP settings.
Implementing encryption may have a negative impact on your network’s performance, but if you are transmitting
sensitive data over your network, encryption should be used.
These security recommendations should help keep your mind at ease while you are enjoying the most flexible
and convenient technology Linksys has to offer.
Page 74 / 98
68
Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter
Windows 98 or Me Instructions
Wireless-N ADSL2+ Gateway
Appendix C: Finding the MAC Address and IP Address for
Your Ethernet Adapter
This section describes how to find the MAC address for your computer’s Ethernet adapter so you can use the MAC
filtering feature of the Gateway. You can also find the IP address of your computer’s Ethernet adapter. This IP
address is used for the Gateway’s filtering, forwarding, and/or DMZ features. Follow the steps in this appendix to
find the adapter’s MAC or IP address in Windows 98, Me, 2000, or XP.
Windows 98 or Me Instructions
1.
Click
Start
and
Run
. In the
Open
field, enter
winipcfg
. Then press the
Enter
key or the
OK
button.
2.
When the
IP Configuration
screen appears, select the Ethernet adapter you have connected to the Gateway
via a CAT 5 Ethernet network cable. See Figure C-1.
3.
Write down the Adapter Address as shown on your computer screen (see Figure C-2). This is the MAC address
for your Ethernet adapter and is shown in hexadecimal as a series of numbers and letters.
The MAC address/Adapter Address is what you will use for MAC filtering. The example in Figure D-2 shows
the Ethernet adapters’s MAC address as 00-00-00-00-00-00. Your computer will show something different.
The example in Figure C-2 shows the Ethernet adapter’s IP address as 192.168.1.100. Your computer may
show something different.
Figure C-2: MAC Address/Adapter
Address
Figure C-1: IP Configuration Screen
NOTE:
The MAC address is also called the Adapter Address.
Page 75 / 98
69
Appendix C: Finding the MAC Address and IP Address for Your Ethernet Adapter
Windows 2000 or XP Instructions
Wireless-N ADSL2+ Gateway
Windows 2000 or XP Instructions
1.
Click
Start
and
Run
. In the
Open
field, enter
cmd
. Press the
Enter
key or click the
OK
button.
2.
At the command prompt, enter
ipconfig /all
. Then press the
Enter
key.
3.
Write down the Physical Address as shown on your computer screen (Figure C-3); it is the MAC address for
your Ethernet adapter. This appears as a series of numbers and letters.
The MAC address/Physical Address is what you will use for MAC filtering. The example in Figure C-3 shows
the Ethernet adapters’s MAC address as 00-00-00-00-00-00. Your computer will show something different.
The example in Figure C-3 shows the Ethernet adapter’s IP address as 192.168.1.100. Your computer may
show something different.
Figure C-3: MAC Address/Physical Address
NOTE:
The MAC address is also called the Physical Address.

Rate

4 / 5 based on 1 vote.

Popular Linksys Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top