How do I make my wireless network secure?
First question how secure do you want it to be?
Wireless security home best practices
Following these practices will generally keep your home network secure from the casual war driver.
- WEP, enable WEP while not a end-all to security it will stop the casual war-driving from logging onto your network
- Disable Beacon broadcasts, this will stop SOME netstumblers from detecting your network.
- Only allow certain MAC addressess on your network
Find out if someone connects
1. Run [kismet] to detect wireless probes and other nasties such as:
- Detect netstumbler
- Detect DEAuth floods
- Detect lucent PING tests
- Detect Wellenreiter SSID brute force attempt
- Detect Previously detected AP changing to a new channel
- Detect Broadcast disconnect/deauthenticate
- Detect airjack tools
- Detect Clients probing for networks, being accepted by that network, and continuing to probe for networks.
- Detect Traffic from a source within 10 seconds of a disassociation
- Probe response packet with 0-length SSID tagged parameter
2. Run snort
- A intrusion detection system
3. Run arpwatch
- Find out when someone gets online.
Increase security further
- 1. Separate your wireless network w/ a firewall and VPN
- 2. Do certificates with PEAP and 802.1x
- 3. Regularly change your WEP key
Running windows and want to stay secure?
For Windows
- 1. Free anti-virus software for commercial and personal use: [clamav]
- 2. Free anti-virus for personal use: [avg]
- 3. Installing a new machine? try running [autopatcher] BEFORE you put it on the network
- 4. Think you are safe w/ windows firewall? Think again. windows firewall starts up 10 seconds to 2 minutes after your network stack comes up. Which means you can be infected with a virus even with a firewall. Use a hardware firewall and keep your machine up to date.
- 5. Don't use default passwords.
- 6. Run spybot or adcleanup software to such as adaware.
![[Home]](http://juneauwireless.net/images/logo/juneauwireless3-small.png){kind=logo}