Archived from groups: alt.internet.wireless (
More info?)
"Ryan" <nikespex@hotmail.com> wrote in message
news:f05919fc.0409010844.110a215b@posting.google.com...
> I am completely new to 802.11. When my new laptop arrives in a week I
> will be sharing my Internet connection between two machines (and also
> networking the laptop with my existing desktop machine). I'm running
> Win2K on the desktop and WinXP Home on the laptop.
>
> What are the basic steps I need to take to ensure I'm not opening my
> machines to univited visitors? Is one brand of router better than
> others when it comes to security? Can anyone recommend a good site
> with solid tips for beginners like me?
>
> -- Ryan
Ryan,
Welcome to the Monkey House.
If your laptop has an 802.11G wireless card, they usually come with "WPA"
encryption capability. Be sure that you turn it on for all machines. If
you'll be using 802.11B, then you're probably limited to WEP encryption,
which can be easily cracked but is better than nothing.
I suggest you purchase a router/NAT box, such as a Linksys WRT54G, and use
that to handle the interface chores. If you're going to do without a router,
and share your connection by using Interent Connection Sharing on your PC,
you'll need to put the wireless cards into "Ad Hoc" mode.
Basic security steps:
1. _NEVER_ enable a "writeable" share! To transfer information between
machines, share _ONE_ folder in "Read Only" mode, and _PULL_ the information
from that PC to its destination, i.e., use the destination machine to access
the shared folder on the source, and copy/paste into the destination folder.
You will, of course, have to move the files into the shared folder on the
source machine first.
2. Be sure _all_ your machines are up-to-date with _all_ security patches.
Ditto for AntiVirus software.
3. Disable unneeded services, such as Windows Messenging Service and
Personal Web Server, to reduce your exposure to vulnerabilities.
4. If you have a machine connected directly to the net, pay for firewall
software such as Zone Alarm. On second thought, put firewall software in no
matter how you get to the net.
5. Never use the Administrator account for routine business. Always create
restricted user accounts for all users, yourself included, and use
Administrator only for specific tasks that require it, such as software
upgrades.
6. While you're at it, rename the Administrator account to something else.
Some viruses test commonly-used passwords on the Administrator account, and
if they find a match, you're owned. Don't worry about losing functionality:
the "Administrator" name is just a convention, and the actual user id is a
number that doesn't change.
7. Run a vulverability scan on each machine. There are a number of free
scanners available, and they'll check for weak passwords, open shares, and
common exploits.
8. Ask yourself what information is on the machines, and whether anyone else
would want it. The answer is usually "No", but remember that locks are used
to keep honest people honest, and you should use them if you have them. If
you have material on the PC's that could help your business competitors in
some big way, then the game changes and you need to hire someone like me to
improve your security.
HTH.
William
--
William Warren
(Filter noise from my address for direct replies.)