[ILUG] Ripwave, Wireless router and security?

Niall O Broin niall at linux.ie
Sun Sep 11 12:32:17 IST 2005 

On 11 Sep 2005, at 12:56, John Gay wrote:

> Well, I've got a Ripwave modem for internet access until Irish 
> Broadband can
> setup my 2M link, which is then plugged into a U.S.Robotics Wireless 
> router
> which is then networked to my Linux box, my Daughters old WindowsXP 
> box and
> providing a wireless link for her new laptop.

Your duaghter gets a new laptop, and you're getting a shiny dual 
Opteron, and from Peats at that? Lottery, dead relative, or new job (in 
declining order of lucrativity :-)  )

> My question is, how worried should I be about security?

Somewhat.

> The Ripwave offers nothing concerning password setup

The Ripwave as such is not a problem.

> and I haven't dug too deeply into U.S.R. docs about this.

This is where you need to do some configuration.

> On the WindowsXP box I've run Ad-Aware and clamAV

Always a good idea on Windows.

> Norton AV software since it ran out, but I haven't run anything yet on 
> the
> laptop.

If it's also running XP, also install Ad Aware, and maybe SpyBot Search 
and Destroy, and some anti virus - ClamAV or AVG Free.

> I am thinking at the very least I should setup some kind of password 
> for the
> wireless router to keep the casual user from strolling near the house 
> and
> surfing on my broadband

Enable WEP or preferably WPA on the router. Be aware that WEP is now 
completely insecure against the determined attacker, but it still 
provides protection against casual attackers. You could also restrict 
access to your router by MAC address. Again, not going to stop the 
determined attacker, but it does provide yet another layer of 
protection against casual attackers.

> and possibly peeking inside our PC's when they're on.

Do you run anything on your PCs which lets people "peek inside" them?

> But what about attacks from the Internet side from IB?

Unless you have set up some kind of port forwarding on the U.S.R. 
router your internal systems should be safe from internet attack, as 
they are not reachable from the world. Mind you, it has not been 
unknown for such little router devices to have e.g. configuration 
interfaces visible to the world via some oddball port. Googling for 
your particular device would be a good idea.

> My previous setup used a Smoothwall box for Internet access which 
> provided my
> peace of mind. Now I'm not so sure?

Well, you're now using the U.S.R. box in place of the smoothwall box. 
Same principles apply. I'm sure you could also use the Smoothwall box 
with the Ripwave device, and use the U.S.R. router only to do the 
wireless part, if you're more comfortable with the Smoothwall box.


Niall

More information about the ILUG mailing list