New Wireless Network

In the course of my security training at work, I learned many things about security – especially securing wireless networks. In a previous posting many years ago [quite litterally – Sept. 2004], I talked about securing a Wireless network. I was wrong on one topic though: DON’T disable the broadcasting of the SSID. I read a good article on the microsoft web site that basically says it’s more secure to NOT disable the broadcast. In other words, don’t hide the SSID – there are holes in the way XP processes hidden wireless networks which actually causes them to be exposed by the client anyway. Since then, I have made changes and un-hidden the network, while keeping it WPA and now WPA2.

This week, though, my manager allowed me to expense a new wireless router which supports an additional level of security: WPA-Enterprise using RADIUS. I got this to learn more about how ISA & IAG (MSFT’s version of RADIUS) work in concert with a PKI infrastructure and wireless network security. With the new device [which is also stronger for better signal coverage] I will set up an 802.1X certificate-based RADIUS authenticated wireless LAN that should be the most secure home wireless network ever. Corporations do it, but I’ve never seen one in a home before.

But then, not many people have the fun toys at home that I do…

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: