| 10:59 pm on Nov 1, 2003 (gmt 0)|
Log into your admin and enable encryption using WEP. That'll encypt the data in transit, and if it's like mine (Airport) it will also enable password only access to the wireless network.
| 9:29 am on Nov 2, 2003 (gmt 0)|
My linksys hub will also allow you to specify the MAC addresses of the devices it will recognize. If you only have a few specific devices that connect to the hub, I strongly recommend using it, because even 128 bit WEP security has some known flaws where a day or so of traffic analysis can compromise it. Even MAC addresses can be spoofed, but it becomes one more step the hacker has to go through.
I also recommend putting a firewall between your hub and the rest of your network.
| 5:30 pm on Nov 30, 2003 (gmt 0)|
WAP is not a good thing to turn on. I creates overhead on the wireless network and can slow it down. Anybody that wants to break that can and anybody that can't well can't. Even if somebody can break it all they can do is see your traffic. It would be easier to break into your house and steal your computer. The way I lock them down is change the SSID to some random alpha numeric ID. Then turn off the beacon so that the SSID is not broadcasted. Most wireless access points have the ability to lock down access by MAC address. That is more than enough to keep 99.9% of people off. If somebody can break that and wants to you got bigger problems. If you are just really paranoid you can use an all CISCO solution they are one of the few companies that can defeat the whole access point spoof thing. Also you can get 3rd party solutions that encrypt all network traffic. That is expensive.
| 1:55 am on Dec 4, 2003 (gmt 0)|
A couple of other thoughts - instead of using DHCP, assign static IP addresses to your devices. And don't forget to change the default password on your router admin console to something harder to break.
Restricting MAC addresses is good, as is changing the SSID. On my network, though, I found that my wireless cards couldn't connect to the access point when I turned off the broadcast SSID. I ended up having to turn it back on.
| 8:45 pm on Dec 5, 2003 (gmt 0)|
If you turn off broadcast you just have to make sure you put the exact SSID when you set up the client card. It is case sensitive.
| 8:56 pm on Dec 5, 2003 (gmt 0)|
I was careful about that, ogletree, & it still didn't work. I did a bit of research on the Linksys & Microsoft knowledgebases and apparently there's a bug that affects some systems - they won't connect to an access point with a hidden SSID.
I gather that serious wireless hackers aren't slowed down too much by a hidden SSID anyway, so I decided not to spend more time troubleshooting it. I'm mainly worried about the random neighbor browsing my network, and the other precautions should take care of that.
| 9:13 pm on Dec 5, 2003 (gmt 0)|
I have set up about 5 linksys routers and acces points with XP and Pocket PC and have never had a problem with hidden SSID.
| 6:07 am on Dec 7, 2003 (gmt 0)|
I've seen this on some XP machines. Sometimes you can get around it by connecting to a visible SSID and then turning the SSID off. If you have trouble connecting again it sometimes helps to reenable the SSID broadcast for a few minutes.
|apparently there's a bug that affects some systems - they won't connect to an access point with a hidden SSID. |