Wireless Network *UPDATE*

Discussion in 'other security issues & news' started by TOn3LaB, Nov 3, 2004.

Thread Status:
Not open for further replies.
  1. TOn3LaB

    TOn3LaB Registered Member

    Joined:
    Aug 16, 2004
    Posts:
    17
    Hello Wilders,

    All the equipment has arrived, I emailed Linksys and asked which modem they would advise, they suggested a Zoom X3 / X4. The shop had no X3s in stock so I bought the X4. I also purchased a Linksys LAN card instead of a second wireless card because the router is on the end of my desk by my machine. I have got it working but having a few problems setting it up securely:

    1. When WEP encryption is used I can't share with the wired LAN connection, am I doing something wrong?
    FIXED: Wifes machine did not have SP2 installed, I installed it and it allowed me to add a WPA PSK key, now it works fine! :D But is WPA PSK the correct type of key to use?

    2. ShieldsUP! shows all ports except about 6 are closed and not stealthed.
    FIXED: If you set DMZ to a pointless IP on the modem such as 11.0.0.11 ShieldsUP! reports all ports being stealthed, very strange!

    3. Should I run the Windows firewall on the Network connections or use something else such as Look 'n' Stop or Kerio v2.1.5?

    4. Is there a way of manually setting it all up because the LAN IPs will never change? would this be done on the adapter, TCP/IP setting?
    EDIT: I've manually added the IPs for the wired connection in the adapter, is this the correct way to do it?

    Thankyou!

    T3
     
    Last edited: Nov 3, 2004
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    1. Should be fine for routine stuff,
    2. Hmmm, don't know about this one.
    3. Personally, I'd use something else. I know lots of folks heavily configure their firewalls for maximum security. I really only use mine for application based outbound control. Both firewalls mentioned are fine, but I prefer the application based approach - personal taste really.
    4. If everything is set with a unique static IP, no worries. The only other thing to do is disable DHCP on the router (assuming everything is static).

    Blue
     
  3. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Closed is still secure.
    Did you have the Firewall enabled along with Block Anonymous Internet Requests on the Security tab?
    While forwarding unsolicited inbound traffic to a non-existent IP is a workaround, it is not something I would recommend. One of the advantages of having a router is to block this unwanted inbound traffic at the outer perimeter. Why invite/allow it in, even if it is to a non-existent IP?

    Regards,

    CrazyM
     
  4. T-LaB

    T-LaB Guest

    Hello,

    CrazyM
    I set the DMZ on the Zoom, not the Linksys. I assume thats because the X4 is the first thing the internet sees, so it will be its ports listed on ShieldsUP! Is there anyway of seeing how locked down the Linksys is after the modem?

    I have also setup the Wireless MAC Filter to only allow the wireless devices I choose. This with the WPA key should not let any outside access to my network.

    BlueZannetti
    Which would be the best out of those two? the reason I picked those was because there low on resources. Perhaps L'n'S would be the best option as it is still in development, where as Kerio 2.1.5 is finished.

    Thank you!

    T
     
  5. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I tried Kerio once, wasn't my cup of tea, although many swear by it.

    Of the two, if I were looking for a new firewall now, I'd very likely run a trial of LnS. I had even downloaded a copy to test before I decided to pull the trigger and purchase my current one.

    Blue
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    With the Zoom also being a router you now have two NAT devices in front of your LAN systems. You might want to consider reconfiguring your hardware so just one device is acting as the router/gateway (providing their config allows it):
    - Zoom modem/router/gateway -> Linksys as WAP only
    - Zoom modem only -> Linksys router/gateway/WAP

    Regards,

    CrazyM
     
Loading...
Thread Status:
Not open for further replies.