| The Access Point will
allow multiple Wireless clients to communicate with
each other and
to systems connected via network cables on a LAN:
Although most Access Points are shipped with a default
configuration allowing easy
connection of wireless clients, either either minimal
or sometime no need for configuring
the Access Point, it is highly recommended to become
familiar with the setup, especially
the security features, of the Access -Point, to
avoid unwanted "Guests" to connect via
the WLAN to your network.
The
following example shows a Belkin
Access-Point (F5D7130), but other Access-Points
have similar configurations (to be able to comply
to the world-wide standard for 802.11b/g ).
Most Access-Points have a build-in webserver, allowing
you to connect via a web browser ,
( for details on your access-point , please
view the User Manual of your access point ):
to be able to make changes, a login is required
:
security risk#1 : the device is shipped
without a password.
You need to assign later a password to ensure,
that nobody can connect via
the WLAN from the outside and change the settings.
when having multiple Access-Point , there needs
to be a method to define on the clients,
to which access point to connect.
Therefore each WLAN network uses a SSID: a Wireless
network name. For easy connection
of WLAN clients, most access-points can be configured
to broadcast this SSID, to allow
clients to scan for available WLAN networks.
Security risk #2: the default SSID names
you need to change the SSID to a name unique
used only by you
Security risk #3 : the broadcast of the
SSID
if the SSID is broadcasted, everybody (including
unwanted "guests" will be able to
scan foryour WLAN, giving already away the presence
of your WLAN.
for private usage, the following next steps may
be sufficient to secure the WLAN
network,but for security-sensitive company networks
you should disable the broadcast
of the SSID.
To make your WLAN secure, you can and should
define encryption of the wireless
data.
Security
risk#4 : default configuration of Access-point with
disabled security
change the security to one of the WEP Encryption
levels :
and define a security code, which you will also
need to enter on all WLAN clients,
which are allowed to connect to this access point
:
for maximum security, you can also define a list
of clients, which are allowed to connect,
by entering the MAC = hardware network address of the WLAN network card.
-
Example of a PC-Card configuration / connection
to the Access-Point
You need to change the settings of your Access-Point
to secure your WLAN network.
|
