Page 46 / 67 Scroll up to view Page 41 - 45
40
Appendix B: Wireless Security
Security Precautions
Wireless-G Access Point with Power Over Ethernet
Appendix B: Wireless Security
Linksys wants to make wireless networking as safe and easy for you as possible. The current generation of
Linksys products provide several network security features, but they require specific action on your part for
implementation. So, keep the following in mind whenever you are setting up or using your wireless network.
Security Precautions
The following is a complete list of security precautions to take (as shown in this User Guide) (at least steps 1
through 5 should be followed):
1.
Change the default SSID.
2.
Disable SSID Broadcast.
3.
Change the default password for the Administrator account.
4.
Enable MAC Address Filtering.
5.
Change the SSID periodically.
6.
Use the highest encryption algorithm possible. Use WPA if it is available. Please note that this may reduce
your network performance.
7.
Change the WEP encryption keys periodically.
To ensure network security, steps one through five should be followed, at least.
Security Threats Facing Wireless Networks
Wireless networks are easy to find. Hackers know that in order to join a wireless network, wireless networking
products first listen for “beacon messages”. These messages can be easily decrypted and contain much of the
network’s information, such as the network’s SSID (Service Set Identifier). Here are the steps you can take:
Change the administrator’s password regularly.
With every wireless networking device you use, keep in
mind that network settings (SSID, WEP keys, etc.) are stored in its firmware. Your network administrator is the
only person who can change network settings. If a hacker gets a hold of the administrator’s password, he, too,
can change those settings. So, make it harder for a hacker to get that information. Change the administrator’s
password regularly.
NOTE:
Some of these security features are
available only through the network router or
access point. Refer to the router or access
point’s documentation for more information.
Page 47 / 67
41
Appendix B: Wireless Security
Security Threats Facing Wireless Networks
Wireless-G Access Point with Power Over Ethernet
SSID.
There are several things to keep in mind about the SSID:
1.
Disable Broadcast
2.
Make it unique
3.
Change it often
Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be
more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast
the SSID.
Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.)
Hackers know these defaults and can check these against your network. Change your SSID to something unique
and not something related to your company or the networking products you use.
Change your SSID regularly so that any hackers who have gained access to your wireless network will have to
start from the beginning in trying to break in.
MAC Addresses.
Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only
those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with
a random MAC Address.
WEP Encryption.
Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security
concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job
more difficult.
There are several ways that WEP can be maximized:
1.
Use the highest level of encryption possible
2.
Use “Shared Key” authentication
3.
Change your WEP key regularly
WPA.
Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are
available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of two encryption methods: TKIP
(Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message
Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes
a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a
RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP.
IMPORTANT:
Always remember that each
device in your wireless network MUST use the
same encryption method and encryption key or
your wireless network will not function properly.
Page 48 / 67
42
Appendix B: Wireless Security
Security Threats Facing Wireless Networks
Wireless-G Access Point with Power Over Ethernet
WPA Pre-Shared Key
. If you do not have a RADIUS server, select the type of algorithm, TKIP or AES, enter a
password in the Pre-Shared key field of 8-64 characters, and enter a Group Key Renewal period time
between 0 and 99,999 seconds, which instructs the Router or other device how often it should change the
encryption keys.
WPA RADIUS
. WPA used in coordination with a RADIUS server. (This should only be used when a RADIUS
server is connected to the Router or other device.) First, select the type of WPA algorithm,
TKIP
or
AES
. Enter
the RADIUS server’s IP Address and port number, along with a key shared between the device and the server.
Last, enter a Group Key Renewal period, which instructs the device how often it should change the encryption
keys.
RADIUS
. WEP used in coordination with a RADIUS server. (This should only be used when a RADIUS server is
connected to the Router or other device.) First, enter the RADIUS server’s IP Address and port number, along
with a key shared between the device and the server. Then, select a WEP key and a level of WEP encryption,
and either generate a WEP key through the Passphrase or enter the WEP key manually.
Implementing encryption may have a negative impact on your network’s performance, but if you are transmitting
sensitive data over your network, encryption should be used.
These security recommendations should help keep your mind at ease while you are enjoying the most flexible
and convenient technology Linksys has to offer.
Page 49 / 67
43
Appendix C: Upgrading Firmware
Wireless-G Access Point with Power Over Ethernet
Appendix C: Upgrading Firmware
The Access Point's firmware is upgraded through the Web-based Utility’s Administration - Firmware Upgrade tab.
Follow these instructions:
1.
Download the firmware upgrade file from the Linksys website,
www.linksys.com
.
2.
Extract the firmware upgrade file on your computer.
3.
Open the Access Point’s Web-based Utility.
4.
Click the
Administration
tab.
5.
Click the
Upgrade Firmware
tab.
6.
On the
Firmware Upgrade
screen, enter the location of the firmware upgrade file in the field provided, or click
the
Browse
button to find the file.
7.
Click the
Upgrade
button, and follow the on-screen instructions.
Figure C-1: Firmware Upgrade
Page 50 / 67
44
Appendix D: Windows Help
Wireless-G Access Point with Power Over Ethernet
Appendix D: Windows Help
Almost all wireless products require Microsoft Windows. Windows is the most used operating system in the world
and comes with many features that help make networking easier. These features can be accessed through
Windows Help and are described in this appendix.
TCP/IP
Before a computer can communicate with the Access Point, TCP/IP must be enabled. TCP/IP is a set of
instructions, or protocol, all PCs follow to communicate over a network. This is true for wireless networks as well.
Your PCs will not be able to utilize wireless networking without having TCP/IP enabled. Windows Help provides
complete instructions on enabling TCP/IP.
Shared Resources
If you wish to share printers, folder, or files over your network, Windows Help provides complete instructions on
utilizing shared resources.
Network Neighborhood/My Network Places
Other PCs on your network will appear under Network Neighborhood or My Network Places (depending upon the
version of Windows you're running). Windows Help provides complete instructions on adding PCs to your
network.

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top