How can I configure my wireless network for the strongest security?

How can I configure my wireless network for the strongest security? There seem to be many security features in wireless routers from MAC address filtering to the authentication type and data encryption. WPA or WPA2 PSK? AES or TKIP?
Asked by: Guest \| Views: 371

Total answers/comments: 1

Comments display order:

Guest [Entry]

"Definitely WPA2 - it replaces WPA and is considered ""secure"". Use AES (TKIP has flaws) with a pre-shared key; make it > 13 characters and as random/secure as possible. This should pretty much guarantee that no one can get into your home router. Not that anyone ever would want to, though -- there are plenty of unsecured APs out there that they'd use first.

MAC address filtering is basically useless as the MAC is sent unencrypted, so anyone watching packets could wait for a MAC to come along that is authenticated, then spoof that (trivial). It just adds overhead to your management (""I got a new laptop, why can't I get on my wireless? OH gotta add the MAC, D'oh!"")

Disabling SSID broadcast is also not really useful as that is also easily derivable by sniffing the wireless traffic. Again, it only adds a bit of headache to when you want to reconnect to your network (""What was my SSID again? Ah right, 'SDFSADF'"")

If you can set up a home-based VPN on your system as well, that adds an additional level of security. I set my home wireless router to place wireless users in the DMZ (aka internet) so they cannot access my home network unless further logging in via VPN (another username/password w/login timeouts/resets the cracker would have to defeat). For the near future and against a non-governmental cracker, this is secure. :D"