super-simple wireless security?

I work for a local ISP providing technical support for broadband
customers.

Many of our customers have wireless routers. I'm wondering if anyone
has come across a really good online guide to securing wireless
routers, that manages to be both brief and include step-by-step
directions.

This would be to advise our less than technical subscribers on options
like disabling the broadcast of their SSID, and turning on WEP.

Gwen

"Gwen Morse" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
>I work for a local ISP providing technical support for broadband
> customers.
>
> Many of our customers have wireless routers. I'm wondering if anyone
> has come across a really good online guide to securing wireless
> routers, that manages to be both brief and include step-by-step
> directions.
>
> This would be to advise our less than technical subscribers on options
> like disabling the broadcast of their SSID, and turning on WEP.
>
> Gwen
>

Sounds like something YOUR company should provide - sounds a bit cheap for
IT support trawling a newsgroup for 'how-to' info?!

> This would be to advise our less than technical subscribers on options
> like disabling the broadcast of their SSID, and turning on WEP.

Problem is that many of the online guides are out of date and give
dubious advice even when current.

I realise that you posted examples but in the opinion of many, disabling
SSID broadcast does nothing to help security but plenty when everyone in
the neighbourhood is on the same channel and nobody thinks there's
another AP in range!

Any of the downloadable Linux "security" live distro's let a numpty run
kismet (and others) and that will happily show those AP's with SSID
broadcast turned off.

WEP is dead, has been for years, is still dead and any advice mentioning
WEP with regard to security for data is fundamentally flawed.

WEP is useful only in the context of preventing someone from
"accidentally" joining the network.

There are plenty of pretty bored teenagers living next to clueless
numpties that have nothing better to do than spend a little time running
the tools off the linux live distro's in order to crack their neighbours
WEP key.

David.

[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

In <(E-Mail Removed) .com> on 13 Nov 2005
13:41:53 -0800, "Gwen Morse" <(E-Mail Removed)> wrote:

>I work for a local ISP providing technical support for broadband
>customers.
>
>Many of our customers have wireless routers. I'm wondering if anyone
>has come across a really good online guide to securing wireless
>routers, that manages to be both brief and include step-by-step
>directions.
>
>This would be to advise our less than technical subscribers on options
>like disabling the broadcast of their SSID, and turning on WEP.

How to Secure Your Wireless Home Network with Windows XP
<http://www.microsoft.com/windowsxp/using/networking/learnmore/bowman_05february10.mspx>

--
Best regards, HELP FOR CINGULAR GSM & SONY ERICSSON PHONES:
John Navas <http://navasgrp.home.att.net/#Cingular>

[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

In <(E-Mail Removed) .com> on 13 Nov 2005
13:41:53 -0800, "Gwen Morse" <(E-Mail Removed)> wrote:

>I work for a local ISP providing technical support for broadband
>customers.
>
>Many of our customers have wireless routers. I'm wondering if anyone
>has come across a really good online guide to securing wireless
>routers, that manages to be both brief and include step-by-step
>directions.
>
>This would be to advise our less than technical subscribers on options
>like disabling the broadcast of their SSID, and turning on WEP.

p.s.

* Disabling SSID broadcast *isn't* an effective security tool.
* Turning on WEP *isn't* an effective security tool.
* Use WPA with a *strong* passphrase.

--
Best regards, HELP FOR CINGULAR GSM & SONY ERICSSON PHONES:
John Navas <http://navasgrp.home.att.net/#Cingular>

> How to Secure Your Wireless Home Network with Windows XP
> <http://www.microsoft.com/windowsxp/using/networking/learnmore/bowman_05february10.mspx>

She was doing ok right up until this bit...

"WPA2 uses the Advanced Encryption Standard (AES) encryption instead of
the Temporal Key Integrity Protocol (TKIP), which is used by WPA, and is
the best encryption available today for wireless networks."

It's not the best, there's better