Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Wireless Network, Security Fun :) 1

Status
Not open for further replies.
tek777

tek777

Technical User
Nov 6, 2001
99
US
I was wondering if anyone could provide suggestions on where to start with my wireless network.

I just started with a new company, and they have 3 access points with no security. The Access points are on the same IP address as the servers. Basically we are broadcasting everything that happens on our network in the air around our building. I don't think that is a good thing.

There is no documentation for the access points, and they all look like different brands. Where would you suggest I start to fix this, as in emergency fix? Limit by Mac address? All the PCs have different Wireless cards, so setting up WEP could be a nighmare.

I was also thinking about using a router, making a new network just with internet access. Then have the users use our current VPN software to gain access to the network.

Any pointers would be appreciated, I guess limiting the MACs would be a starting point. I would have to do that on each of the 3 access points though. THanks!
 
Sort by date Sort by votes
Can you moves these guys to their own subnet, say a 10.x.x.x subnet? This will help things, also, dont run DHCP on that subnet, its like giving an address to your favorite black hat...not a good idea...so where is this place? can I go sniff? ;-) j/k
 
Upvote 0 Downvote
1. Well first you can start by closing your SSID. All AP's accept the SSID "ANY" If the AP's have the option stop them from beaconing your "network name" avoiding passive scan. Your AP's will not respond to probe request unless the station has the right SSID. Also change the SSID from anything obvious.

2. Depending on your network size you can filter by MAC as you said

3. Packet fowarding- All traffic can be fowarded to a network authentication server (RADIUS).

4. You can try using static WEP but this can be a pain if you have a large network.

5. you can reduce your cell size by decreasing your output power thus decreasing your exposer to the "outside" the coverage area will still be the same because any good AP will increase the power to hold the client while decreasing data rate depending on SNR
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

smittywes38
  • Locked
  • Question
Unable to print to wireless printer connected to VPN
Replies
0
Views
93
smittywes38
smittywes38
DenisTz
  • Locked
  • Question
Wireless Management software
Replies
0
Views
105
DenisTz
DenisTz
DrJorde
  • Locked
  • Question
No wireless receiver detected on your computer message after plugging in a USB3 1
Replies
3
Views
328
DrJorde
DrJorde
UnclScott
  • Locked
  • Question
Poor Man's unmanaged, home, segmented, Network 1
Replies
5
Views
159
goombawaho
goombawaho
kythri
  • Locked
  • Question
Cisco 4404/WiSM (1st generation) - Guest Wireless Help
Replies
0
Views
82
kythri
kythri

Part and Inventory Search

Sponsor

Back
Top