1.Don't broadcast SSID
2.The router should be turned off if not in use... lol ;-)
3.Disable shared resources from every wireless computers connected on it... it's a must
4.WEP (Wired Equivalent Privacy), WPA (Wifi Protected Access) Encryption Schemes are Vulnerable but for some reason just put it on or better yet get rid of it but, if you really can't do that, isolate WEP devices on their own VLAN/subnet and do everything you can to permit only expected traffic from known devices. For example, block all but expected application connect requests and authenticate the device/user when they connect to the application server. This won't keep traffic private, but it will stop key crackers from penetrating further into your network. If you have a wireless IPS, configure it to alert you to active WEP cracking attacks, and decide what action to take -- shut down affected APs, re-key devices, physically track down the intruder.
5.Reposition the router behind thick wall facing the area where you want to broadcast wireless network, the idea here is to limit the area where the router broadcast the wireless network. of course there are devices that can sniff low connection and magnify it so that they can utilize it. but we're in the philippines right? who cares for that device.. he he he
2.The router should be turned off if not in use... lol ;-)
3.Disable shared resources from every wireless computers connected on it... it's a must
4.WEP (Wired Equivalent Privacy), WPA (Wifi Protected Access) Encryption Schemes are Vulnerable but for some reason just put it on or better yet get rid of it but, if you really can't do that, isolate WEP devices on their own VLAN/subnet and do everything you can to permit only expected traffic from known devices. For example, block all but expected application connect requests and authenticate the device/user when they connect to the application server. This won't keep traffic private, but it will stop key crackers from penetrating further into your network. If you have a wireless IPS, configure it to alert you to active WEP cracking attacks, and decide what action to take -- shut down affected APs, re-key devices, physically track down the intruder.
5.Reposition the router behind thick wall facing the area where you want to broadcast wireless network, the idea here is to limit the area where the router broadcast the wireless network. of course there are devices that can sniff low connection and magnify it so that they can utilize it. but we're in the philippines right? who cares for that device.. he he he
No comments:
Post a Comment