Security software for Linksys WAP

Lisa Phifer offers her advice about security software for a Linksys Wireless-G access point.

ITKnowledge Exchange member "rountree" had a question about security software for a Linksys Wireless-G access point and our resident wireless guru, Lisa Phifer offered her advice. Here is the Q&A.

ITKnowledge Exchange member "rountree" asked:
I'm trying to find a easy-to-use / configure security software application that I can use with my Linksys Wireless-G access point (Mfg. Part: WAP54G). I need an application that will allow me to control who has access to the wireless access point as well as what they can access. I have looked at LucidLink, but according to the LucidLink website, that application currently does not support the Linksys access point I have. I'd appreciate any suggestions on a wireless security software product that is easy to use and configure.
Thanks.

Lisa Phifer WRITES:
Here are a few alternatives:

  1. Use the MAC Access Control List on your WAP54G to authorize known wireless cards. This will block WLAN use by cards not on the list, although it is fairly easy for someone to watch your WLAN traffic, spot a legitimate MAC address, and reconfigure their own wireless card to use that MAC address.
  2. Enable WEP on your WAP54G. This will stop any station that doesn't know the WEP key from using your WLAN. Here again, it is fairly easy for someone to capture WLAN traffic and guess the WEP key -- depending on traffic and the cards you use, about 20K packets is usually enough.
  3. Enable WPA-PSK on your WAP54G. This will stop any station that doesn't know the Preshared Secret Key (PSK) from using your WLAN. If you choose a short, easy-to-guess PSK, cracking the PSK is pretty easy -- the intruder simply needs to catch one successful login and run a dictionary attack (trying words from a password dictionary to come up with the right PSK). You can defeat this attack by choosing a PSK that's at least 20 characters long, not composed of dictionary words, and relatively random.
  4. Enable WPA-802.1X on your WAP54G. Depending upon your AP, something like LucidLink or TinyPEAP can be used as the RADIUS Server, and you may have to install 802.1X supplicant software on your wireless stations. [Note: LucidLink DOES run on WAP54G v1.05 and later, but TinyPEAP only runs on WRT54G -- the router version of your AP.] If you don't want to run your own RADIUS Server, you can use a managed service like WirelessSecurityGuard. Linksys includes a free trial of this service with new WAP54Gs, but after the trial ends, you'd need to pay a monthly fee.

itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke


Want to join in on a similar conversation? Register for ITKnowledge Exchange and fill out your profile so you can immediately begin asking specific sets of people your IT questions and also help out your fellow wireless and mobile computing aficionados. Anyone can read answers already provided to questions, but only registered ITKnowledge Exchange members can ask questions or add to threads.

Read all the answers to this question.

Not on ITKnowledge Exchange yet? Register today.

This was first published in August 2005

Dig deeper on Mobile Device Security

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchConsumerization

SearchNetworking

SearchTelecom

SearchUnifiedCommunications

SearchSecurity

Close