Beefing up network security

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • stolte
    New Member
    • Apr 2007
    • 16

    Beefing up network security

    Hey guys I just got hired at a mortgage company and they've asked me to beef up their network security. Currently there are no encryption or passwords on the wireless router (A Belkin 54g). The router is plugged directly into the server. My problem is when I reset the router the default settings would not allow people to connect to the network, however when I turned on "Act as just an access point" option, apparently what it was before, everyone is able to connect. What must I do to allow users to connect and still have very good security?
  • sicarie
    Recognized Expert Specialist
    • Nov 2006
    • 4677

    #2
    I would recommend setting up WPA-PSK and a proper subnet, and a complete update/upgrade. You could do things like MAC address filtering, but those are easily enough to spoof - to a person with the right knowledge.

    Comment

    • stolte
      New Member
      • Apr 2007
      • 16

      #3
      Originally posted by sicarie
      I would recommend setting up WPA-PSK and a proper subnet, and a complete update/upgrade. You could do things like MAC address filtering, but those are easily enough to spoof - to a person with the right knowledge.

      I am very aware of the security techniques commonly used, however my problem isn't necessarily with security, it's with my lack of router-server skills. I'm assuming it's something simple like turning on DHCP but I'm just asking around to make sure I dont fudge something up :) thanks

      stolte

      Comment

      • r035198x
        MVP
        • Sep 2006
        • 13225

        #4
        Originally posted by stolte
        Hey guys I just got hired at a mortgage company and they've asked me to beef up their network security. Currently there are no encryption or passwords on the wireless router (A Belkin 54g). The router is plugged directly into the server. My problem is when I reset the router the default settings would not allow people to connect to the network, however when I turned on "Act as just an access point" option, apparently what it was before, everyone is able to connect. What must I do to allow users to connect and still have very good security?
        Moved to Networking forum.

        Comment

        • Colloid Snake
          New Member
          • Nov 2006
          • 144

          #5
          Originally posted by stolte
          Hey guys I just got hired at a mortgage company and they've asked me to beef up their network security. Currently there are no encryption or passwords on the wireless router (A Belkin 54g). The router is plugged directly into the server. My problem is when I reset the router the default settings would not allow people to connect to the network, however when I turned on "Act as just an access point" option, apparently what it was before, everyone is able to connect. What must I do to allow users to connect and still have very good security?
          So you're having trouble with the default settings, and how they affect (effect?) connectivity? Seems like the documentation (not sure of your model, so here's the support page) would probably be the best way to go, without a specific question. I'm thinking that someone may have finally gotten it right with defaults and made those be "turn everything off" as a secure initial setting, and you have to enable it, but I haven't worked with it.

          Comment

          • RevBooter
            New Member
            • Mar 2007
            • 69

            #6
            i wouldn't setup dhcp on a wireless router... compromises security. sounds like the clients ip addresses dont match up with the router?

            Comment

            • Dököll
              Recognized Expert Top Contributor
              • Nov 2006
              • 2379

              #7
              Originally posted by RevBooter
              i wouldn't setup dhcp on a wireless router... compromises security. sounds like the clients ip addresses dont match up with the router?
              Good point, within your network, you should be able to go static. Let your proxy handle incomings.

              You should also separate into two networks, use two routers and bridge them in, keep frequent flyers from stuff they should not see.

              Also get yourself a solid antivirus software if you are going static. The worst part is having an inside job bring down your network...

              Comment

              Working...