OK, this story would make Keith Brown cry, but probably not surprise him. About a year ago, I bought myself a LinkSys wireless gateway/router. Happy as a clam, I plugged it into the network, installed necessary wireless NICs, and left everything on the default settings for the most part just to get up and running. Over time, I began routing different ports to different computers for things like HTTP, MMS, DNS, etc. This morning, I looked at the DHCP settings on the router and saw entries for DOUGPC and KIMPC - Doug and Kim are our neighbors across the street. Doug and Kim are nice people and most likely have no clue they were authenticated on my network...but I still don't want them there! So after mocking myself for being an SL - Security Loser - I downloaded the latest firmware for my router and did a couple of quick-fix type of things:
- Turned off broadcasting of SSID.
- Set a 128 WEP key with usage set to MANDITORY.
- Set the Station MAC Filter to ENABLED.
- Made the necessary MAC address entries into the MAC Filter Settings.
- Made the necessary changes on each wireless client to include the new security key.
Yes, I plan to do more. Don't be an SL! If you want to avoid this type of thing, here's some reading material for you.
http://www.extremetech.com/article2/0,3973,1309285,00.asp
http://www.practicallynetworked.com/support/wireless_secure.htm
http://www.intranetjournal.com/articles/200307/ij_07_10_03a.html
http://www.cs.umd.edu/~waa/wireless.pdf
http://www.pcmag.com/article2/0,4149,844020,00.asp
