58
Appendix B: Wireless Security
Maximizing Wireless Security
Wireless-G Broadband Router
The solution, then, is to segment your network up into multiple groups. If your network had 80 users and you
used four WEP keys, a hacker would have access to only ¼ of your wireless network resources. In this way,
multiple keys reduce your liability.
Finally, be sure to change your WEP key regularly, once a week or once a day. Using a "dynamic" WEP key, rather
than one that is static, makes it even harder for a hacker to break into your network and steal your resources.
WEP Encryption
WEP encryption for the Router is configured through the Web-Utility's Security tab. Select WEP from the drop-
down menu of Security Mode, which will open the WEP screen, shown in Figure B-2.
Select which WEP key (1-4) will be used when the Router sends data, then select that number as the Default
Transmit Key. Make sure the receiving device is using the same key.
If you wish to use a WEP Passphrase, it can be a maximum of 16 alphanumeric characters. This passphrase may
not work with non-Linksys products due to possible incompatibility with other vendors' passphrase generators.
The WEP Key can be generated using your Passphrase or you can enter it manually.
If you wish to enter the WEP Key manually, type the key into the appropriate Key field on the left. The WEP key
must consist of the letters "A" through "F" and the numbers "0" through "9" and should be 10 characters in
length for 64-bit encryption or 26 characters in length for 128-bit encryption. All points in your wireless network
must use the same WEP key to utilize WEP encryption.
Once the Passphrase is entered, click the Generate key to generate a WEP key.
Click the Save Settings button to apply your changes and return to the Setup tab or Cancel Changes to cancel
your changes.
C. WPA
Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are
available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of two encryption methods: TKIP
(Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message
Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes
a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a
RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP.
WPA is accessed through the Web-Utility's Security Tab. Choose one of the following Security Modes from the
drop-down menu:
Figure B-2: WEP
Important: Always remember that each
point in your wireless network MUST use the
same WEP Encryption method and encryption
key or your wireless network will not function
properly.
Figure B-3: Pre-Shared Key