- Posts: 33
- Thank you received: 0
HELP WITH WIRELESS NETWORK
20 years 2 weeks ago #5832
by lan2wan
HELP WITH WIRELESS NETWORK was created by lan2wan
I need to design, install and support a network that is totally wireless. I have four locations within the same city and should have 25-50 pcs in each loaction.
With so many wireless net working concepts and equipment out there, can someone help me get started with a information on tested and relible equipment, best practices etc.
Thanks a lot.
Lan2wan
With so many wireless net working concepts and equipment out there, can someone help me get started with a information on tested and relible equipment, best practices etc.
Thanks a lot.
Lan2wan
20 years 2 weeks ago #5841
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: HELP WITH WIRELESS NETWORK
Well you'll probably want to consider rolling out an 802.11g network since that is the new technology.. its faster, and also has backward compatibility for 802.11b networks.
You'll need to survey each of the sites and choose your equipment based on that.. since you're saying 20-25 machines, you'll want an AP that has support for DHCP. Install the AP, but don't connect it to the LAN yet.. see how far the signal is going (maybe use a handheld wireless detector like the neat one from mobileedge.com)... lower your AP's power till it just fits your site so that there is no signal leakage.
Then you will want to enable some security mechanisms.. I recommend the following:
Enable WPA as opposed to WEP...
Enable MAC address filtering...
Tunnel any important traffic you have over SSL or IPSEC VPNs
Install arpwatch on a Linux machine to watch the wireless segment, then let all your wireless clients communicate for a bit.. arpwatch will tell you about all their NICs.. after this if you see any NIC's you know that someone else is trying to connect to the network.
Based on your architecture, you might want to firewall off the wireless segment, maybe put it in a DMZ or similar configuration.
Think about it this way.. its the equivalent of having a regular network that anyone can plug their laptops into.
Cheers,
You'll need to survey each of the sites and choose your equipment based on that.. since you're saying 20-25 machines, you'll want an AP that has support for DHCP. Install the AP, but don't connect it to the LAN yet.. see how far the signal is going (maybe use a handheld wireless detector like the neat one from mobileedge.com)... lower your AP's power till it just fits your site so that there is no signal leakage.
Then you will want to enable some security mechanisms.. I recommend the following:
Enable WPA as opposed to WEP...
Enable MAC address filtering...
Tunnel any important traffic you have over SSL or IPSEC VPNs
Install arpwatch on a Linux machine to watch the wireless segment, then let all your wireless clients communicate for a bit.. arpwatch will tell you about all their NICs.. after this if you see any NIC's you know that someone else is trying to connect to the network.
Based on your architecture, you might want to firewall off the wireless segment, maybe put it in a DMZ or similar configuration.
Think about it this way.. its the equivalent of having a regular network that anyone can plug their laptops into.
Cheers,
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
20 years 1 week ago #5868
by gl0bal
Replied by gl0bal on topic Re: HELP WITH WIRELESS NETWORK
There are a few security considerations and Sahirh or others may correct me here but I believe that for authentication you would do well to look at the 802.1x standard
You will want to consider your physical location because as Sahirh said you do not want to much leakage. Imagine if your wireless network was next to Mr Starbucks coffee shop and all those execs were in there sipping latte's with their laptops... next thing you know they see your network and hook up thinking its the Starbucks network. So it would be useful to hide your SSID as well I believe.
Also think of environmental factors that may affect performance such as microwaves which operate within tee same frequency range - there are other devices but I forget what they are, that can cause interference.
I'm planning to develop my laptop into a formidable wireless network penetration tester with the help of some Pringle tubes (lol) ...
You will want to consider your physical location because as Sahirh said you do not want to much leakage. Imagine if your wireless network was next to Mr Starbucks coffee shop and all those execs were in there sipping latte's with their laptops... next thing you know they see your network and hook up thinking its the Starbucks network. So it would be useful to hide your SSID as well I believe.
Also think of environmental factors that may affect performance such as microwaves which operate within tee same frequency range - there are other devices but I forget what they are, that can cause interference.
I'm planning to develop my laptop into a formidable wireless network penetration tester with the help of some Pringle tubes (lol) ...
20 years 1 week ago #5879
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: HELP WITH WIRELESS NETWORK
yes 802.1x is supposed to be the best for authentication.
I slept through a presentation on the whole authentication mechanism.. if you need more details let me know
Cheers,
I slept through a presentation on the whole authentication mechanism.. if you need more details let me know
Cheers,
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
19 years 11 months ago #6169
by guerilla7
"I see dead packets"
Replied by guerilla7 on topic Re: HELP WITH WIRELESS NETWORK
Hi guys!
I am also studying implementing wireless lan for internet connection in our office. Can you please provide some helpful links here inside this site as well as outside links to get me started? It will be my first time to install wireless connection.
I will be using a Linksys 2.4.GHz Access Point, 802.11b. The connection will be used primarily for sharing internet connection only, and im targeting 10 laptops connected to it at the same time.
Thanks a lot guys!
I am also studying implementing wireless lan for internet connection in our office. Can you please provide some helpful links here inside this site as well as outside links to get me started? It will be my first time to install wireless connection.
I will be using a Linksys 2.4.GHz Access Point, 802.11b. The connection will be used primarily for sharing internet connection only, and im targeting 10 laptops connected to it at the same time.
Thanks a lot guys!
"I see dead packets"
Time to create page: 0.126 seconds