Welcome
 
FAQ
FAQs

1. What is WI-FI?

2. What are the threats with Wi-Fi?

3.About WI-Fi Security Systems ?

3.Steps to protect your WI-Fi Network?

4. How to secure your Wireless Network?
What is Wi-Fi?

  Wi-Fi has become widespread in corporate infrastructures, therefore the security related issues has also increased to a   drastic level. The purpose of Wi-Fi is to hide complexity by enabling wireless access to applications and data, media and   streams. The main aims of Wi-Fi are the following:
   • Make access to information easier
   • Ensure compatibility and co-existence of devices
   • Eliminate cabling and wiring
   • Eliminate switches, adapters, plugs, pins and connectors.
   • Typically reducing the costs of network deployment and expansion.
What are the threats with Wi-Fi?

  Wi-Fi networks that are open can be monitored and used to read and copy data (including personal information)   transmitted   over the network. Some of the prominent threats of Wi-Fi are:-
   • Evil Twin
   • War Driving
   • Promiscuous Clients

About WI-Fi Security Systems?

  The contribution of Micro Technologies has been significant in security domain be it a personal asset security or cyber security. Micro Wi-Fi Security System (WSS) is software which works in the stealth mode.Micro Wi-Fi Security System (WSS) installed in the computer, allows the administrator to monitor the activity of the user and provide information about the Wi-Fi access through the authorized web account.

    • Micro WSS automatically detects the change of security settings and warns the Wi-Fi user and send the details on to the Server level Secured Web Account of the user to prevent an Evil Twin and Promiscuous Clients attack.
    • In an unsecured/secured WLAN, Micro WSS can detect any addition of a user and can send an alert email containing the information about the new machine. The email will contain the following information:
      a. IP address assigned to the machine
      b. MAC address of the user

    • Using MAC address the user can be identified and the location of the user can be traced.
Steps to protect your Wi-Fi network?
    • Change the default password: Default passwords for popular routers and access points are easy to find online, so therefore, it is essential that you change the default password as soon as you install a WiFi device. To do so, launch your wireless hardware's setup software and enter a new password.
    • Change the default SSID: Change the default SSID, which is your network's name. Load your router's setup software, look for the SSID name and change it to one that doesn't describe your location or other personal info.
    • Disable SSID broadcast: By default, your Wi-Fi network broadcasts its name to all wireless users within range. With broadcast disabled, your network is invisible to your neighbours.
    • Activate encryption: Go to Start/Control Panel/Wireless Network Setup Wizard. If this is a new Wi-Fi LAN, check "Set up a new wireless network." Enter SSID and complete Network Setup Wizard.
    • Use MAC address filtering: Use MAC address filtering to create a list of devices that can access your network or PC. To determine what your MAC address is, select Start/Run and type cmd and then ipconfig/all on the command line. Hit Enter. The "Physical Address" is your MAC address.
    • Enter MAC address into network software:The MAC address you found in the previous step can be added to a select list of devices that can access your LAN. This is done in your router's setup software (if MAC address filtering is supported).
    • Enable Firewalls On Each Computer and the Router: Modern network routers contain built-in firewall capability, but the option also exists to disable them. Ensure that your router's firewall is turned on. For extra protection, consider installing and running personal firewall software on each computer connected to the router.
    • Assign Static IP Addresses to Devices: Most home networkers gravitate toward using dynamic IP addresses. DHCP technology is indeed easy to set up. Unfortunately, this convenience also works to the advantage of network attackers, who can easily obtain valid IP addresses from your network's DHCP pool. Turn off DHCP on the router or access point, set a fixed IP address range instead, then configure each connected device to match. Use a private IP address range (like 10.0.0.x) to prevent computers from being directly reached from the Internet.
    • Do Not Auto-Connect to Open Wi-Fi Networks: Connecting to an open Wi-Fi network such as a free wireless hotspot or your neighbor's router exposes your computer to security risks. Although not normally enabled, most computers have a setting available allowing these connections to happen automatically without notifying you (the user). This setting should not be enabled except in temporary situations.
    • Turn Off the Network During Extended Periods of Non-Use
How To secure your Wireless Network?

The following pages briefly describe the procedures to implement wireless network security good practices on the most common access points available today viz. Netgear, Linksys and D-Link. You are strongly encouraged to refer to the manufacturer’s user guide for your access point.


Good Practices on NETGEAR  (Show Details...)
  • Open your Internet browser(for example Internet Explorer) and type 192.168.0.1 in the address bar and then press enter.
  • The Login window prompts for a Username and Password. The default Username is admin and the password is password
  • To upgrade access point firmware, click on Router Upgrade Maintenance in the Setup wizard
  • Tick the Check For New Version Upon Log-in and click on Check button to search online for latest available firmware on the vendor’s site
  • Download firmware and uncompress the file
  • Click on Browse to locate uncompressed file
  • Next, click the Update button to update and install the latest firmware on the router. This will restart the router and change the version
  • Login to the router with the username and password and click on Wireless Settings under Setup Menu
  • Change the default SSID to a unique name
  • Click apply to save settings
  • Click Settings Advanced menu
  • Uncheck Enable SSID Broadcast button to disable SSID broadcast
  • Click on apply to save changes
  • To change security options click on Wireless Settings under Setup menu
  • Select the latest security feature i.e., WPA2-PSK[AES] and set a complex pass phrase that is easy for you to remember but difficult for others to guess
  • To change the default password of the access point, click Set Password under Maintenance in the Setup Wizard
  • Change the password to a unique value
  • Click Apply to save the new Password
  • Click Settings Advanced menu to enable MAC filtering
  • Click Setup Access List
  • Click on the Add Button
  • Enter the descriptive Device Name(like Hall Desktop) and the MAC address of the wireless card, and click Add
  • Repeat the last 2 steps to add all wireless clients to the allowed list
  • When you have completed adding all the wireless MAC address allowed to connect with your access point, check Turn Access Control On
  • Click Apply. Your settings will be saved and only the wireless clients with MAC address listed in the allowed list will be allowed to connect with your access point
Good Practices on Linksys  (Show Details...)

  • Open your Internet (for example Internet Explorer) and type 192.168.1.1 in the address bar and then press enter
  • The Login window prompts for a Username and Password. The default Password is admin
  • To upgrade access point firmware, click on Administration on the top black bar and then Firmware Upgrade on the top blue bar
  • Click on Browse to locate the upgrade file.
  • Next, click the Upgrade button to install the latest firmware on the router
  • Click on the Wireless Tab on the top black bar
  • In the Wireless Network Name field ,type in a unique name for your access point
  • In the Wireless Channel field choose any channel above 6 or 7
  • Click Disable to disable SSID broadcast, under the Wireless Tab and click on Save Settings to save changes to access point
  • Then choose a security mode of WPA2 Personal or higher. Select AES in WPA Algorithms
  • Enter a password in the WPA shared key field. Pick a password that is easy for you to remember, but hard for someone else to guess. Click the Save Settings button
  • Next, to set up the MAC filter click on the wireless MAC Filter section. Check Enable to enable Wireless MAC filter and then click on the Edit Mac Filter List button
  • In the MAC Address Filter List enter the MAC address of the computers you want accessing your access point . When done click on Save Settings button
  • On the Administration tab, change the default router password to a unique value and click the Save Settings button.
Implementing Good Practices on D-Link  (Show Details...)
  • Open your Internet browser(for example Internet Explorer) and type the IP address (refer to product documentation to obtain the default IP address) in the address bar and then press enter
  • The Login window prompts for a Username and Password. Refer User Manual for the default username and password. Enter and click on Ok.
  • To upgrade access point firmware, click on Tools on the top menu bar and then click on Firmware on the left menu bar
  • Click on Browse for the latest firmware and then click Apply to apply changes to the access point
  • To change the default SSID, click on Home on the top menu bar and then click on Wireless on the left menu bar
  • Change the channel to a value above 6 or 7
  • Next, disable SSID broadcast. For this uncheck the Enable AP check box
  • To change the security options select security level WPA under Security
  • Next select the WPA2 radio button and put a tick on the Enable WPA2 Pre-authentication check box
  • Check the Pre-shared key radio button and enter a password in the PSK String field. Pick a password that is easy for you to remember, but difficult for others to guess.
  • Click Apply to save changes to access point settings.
 
|
|
|
|
  Site Map
© Copyright 2008 www.microtechnologies.net , all rights reserved.