Risk Management of Wireless Networks

An anonymous reader writes "As wireless becomes a bigger part of our networks, those of us charged with maintaining them find ourselves also responsible for keeping drive-by script kiddies with a Pringles can out. BankInfoSecurity.com is running an excellent article on identifying and mitigating risks on wireless networks. The article was written by members of the Office of the Comptroller of the Currency (OCC) for banks, but it's applicable to any network environment and clearly lays out all the key steps to protecting wireless systems." There's nothing new here, really, but it's a good overview of issues to keep in mind when building a wireless net, as well as a good security plan starting point.

Re:Pringles Can?

[frankmanowar]

It seems you can make a wirelss antenna out of a pringles can.

SSIDs and WEP

[USAPatriot]

Ars Technica has a good summary of what you can do with SSID's and WEP to improve your wireless network's security:

Security Practicum: Essential Home Wireless Security Practices

Reducing Risks of Wireless Networks

[gellenburg]

Disclaimer: I work in Information Security.

• APs should be configured so as not to broadcast their SSID.
• 128bit WEP keys should be chosen.
• • WEP keys should be changed as frequently as practical.
  • APs should be firewalled, and on their own DMZ.
  • If the AP supports it, consider MAC Address filtering by only allowing authorized MAC Addresses.
  • If the AP supports it, consider additional authentication such as RADIUS.

But, by all means:

• Please change the damned default SSID that was configured on your AP:
  • Linksys
  • Default
  • Netgear

We now return you to your regularly scheduled programming.