1. Home
  2. Wireless Networking
  3. Wifi hardening

Wifi hardening

A local Church has been running a wifi network for some time , and again they have been raided over the wifi so being softhearted I am going to sort things a little in the morning , atm there is no security and being trustful naive souls they felt it was unnecessary (oops)

I don't want to make it to hard to maintain so will be applying the following

Secure the router ( yes it's basic)

Stop broadcast of the SSID

Enable WPA encryption instead of WEP

Use MAC filtering for access control

Reduce your WLAN transmitter power

Disable remote administration

Turn off the router dhcp and specify ip ranges fixed ?

if it happens again I will take a look at maybe radius and wonder if there are any other easy suggestions as I wont be admisitering this network , I would prefer to run copper but it physically is not possible Thanks B

Reply to
atec 77
Loading thread data ...

Please don't do this.

It doesn't stop anyone with the tools to hack WEP (although I see you're using WPA; good) and makes it harder for anyone else in range to *avoid* the channel you're using.

Chris

Reply to
Chris Davies

Disabling SSID broadcasting also makes it difficult for the user to access the user's network, and can make it difficult to retain the connection.

Q
Reply to
Quaoar

No problems so far >see my other post

Reply to
atec 77

This be stop nobody who want enter god people network.

This be the important step, but must be used long phrase like "Jesus jump on red rooster".

Easy spoof MAC address.

Good hacker person will be having directional gain antenna. Low power make god people lose connection when pig lady walk near router, be unreliable.

This be good.

Good hacker have sniff passive. Look at IP and guess IP next in block unused.

Reply to
Bhagat Gurtu

What post? Message ID would be good; otherwise a subject line could help.

If you're saying that you've got no problems after having turned off your ESSID, well at the moment that's fine. But go back at read the underlying reasons why I and others have suggested you don't disable ESSID broadcast.

Chris

Reply to
Chris Davies

It has not caused a problem , all machines on an 16 number subset fixed ip , Sunday morning early it will be copper . Thanks anyway

Reply to
atec 77

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.