On Tue, 01 May 2007 10:25:21 -0700, Jeff Liebermann
<jeffl@comix.santa-cruz.ca.us> wrote in
<v5se33t60dv3k8j7eane07loahfuso5fkr@4ax.com>:

>WPA is your primary security method.

Good advice.

>Avoid dictionary words in the passphrase.

Not such good advice (IMnsHO at least).

There's no need to avoid dictionary words given enough passphrase length
-- it just means the passphrase needs to be longer (20+ characters) than
with random characters (14+ characters).

Like the downside of SSID hiding (the likelihood of increased
interference from neighbors), not using words makes passphrases much
harder to use, a disincentive and source of grief.

Diceware words <http://world.std.com/~reinhold/diceware.html> are a good
way to build a strong but easy to use passphrase, and the Diceware
Passphrase FAQ gives good advice on how many words are needed:
<http://world.std.com/~reinhold/dicewarefaq.html#howlong>
I personally consider 6 words (20+ characters) sufficient for home users
and even for most business users.

>Suggestion: Use WPA-2 to secure your network.

Overkill.

>Change the router
>config and guest passwords.

Yes.

>Get a RADIUS server if you don't like
>shared WPA keys (probably overkill for a home system).

Or more practically:
* Get a ZyXEL G-2000 Plus, which has its own authentication server.
<http://us.zyxel.com/products/model.php?indexcate=1076902407&indexcate1=&>
* Use an external RADIUS service; e.g., Radiuz <http://radiuz.net/>
(free)

>Learn how to
>read the log files to check for anything funny.

Beyond most users.

>Never mind the other
>dumb ideas on securing your WLAN.

Yes.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>