SOHO DIY SECURE WIRELESS Matthew Maples Eastern Kentucky University Networking Security and Electronics.

Slides:



Advertisements
Similar presentations
CY-SWR1100 Dual Band Wireless N Router
Advertisements

Application Guide For Mesh AP – MAP-3120
DSL-2730B, DSL-2740B, DSL-2750B.
DAP-1520 FAQ’s Wireless AC750 Dual Band Range Extender.
DNR-322L & DNR-326.
DSL-2870B How to Change ADSL Username and Password in your modem router How to Change Wireless Channel in your modem router How to Open Ports in your modem.
Windows XP Home Networking. 2 Windows XP The dominant client operating system from Microsoft today Strong security features make it a wise upgrade for.
Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.
ITE PC v4.0 Chapter 1 1 Operating Systems Computer Networks– 2.
Lesson 15 – INSTALL AND SET UP NETWARE 5.1. Understanding NetWare 5.1 Preparing for installation Installing NetWare 5.1 Configuring NetWare 5.1 client.
1 Web Server Administration Chapter 3 Installing the Server.
DIR-505 All-in-One Mobile Companion Greg Quinlan Technical Trainer.
DVG-N5402SP.
D-Link International Call Center Training and Staff Development Department Module: DAP-1350 Module: DAP-1350.
How to configure Linksys WRT-120N wireless Access-Point(AP) router
1 Configuring Linksys Wireless Router Prof. Valencia Community College.
hotEx RADIUS Manager Installation
Installing software on personal computer
Configuring Linksys Wireless Ethernet Bridge Prof. Valencia Community College.
Welcome to Networking! 1. Connect your computer to the network with a cable 2. Copy the Networking folder from the flash drive to the computer or your.
Technical Training: DAP-1360 Wireless N Access Point DAP-1360.
Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.
Dainis Krakops’ Wireless Network MOTOROLA SURFboard SB5101 CABLE MODEM Enables cable operators to provide broadband Internet connection for my LAN devices.
DIR-510L FAQ’s Wi-Fi AC750 Portable Router and Charger.
TAX-AIDE Network Router Setup Network Printer Setups July SMT/TCS Training - Dallas1.
Advanced Networking for DVRs
Wireless Networking 102.
DWR-113 FAQ’s 3G WiFi Router.
Ch 11 Managing System Reliability and Availability 1.
Linksys LNKWET11 Setup b Ethernet Converter Step 1. Annotate your Computer’s ethernet IP address. Step 2. Change the Ethernet IP Address/subnet/router.
Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.
1 Web Server Administration Chapter 3 Installing the Server.
Module 1 Additional Slides Introducing Windows XP Professional.
Thrive Installation.
Configuring the MagicInfo Pro Display
How to configure Linksys WRT-120N wireless Access-Point(AP) router
© 1999 Cobalt Networks, Inc. (\dkh) Cobalt NASRaQ for the Technical Overview.
Tutorial 11 Installing, Updating, and Configuring Software
Hands-On Virtual Computing
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 6 Switch Configuration.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 6 Switch Configuration Cisco Networking Academy.
1999 Cabletron Systems. Wireless Networking RoamAbout RoamAbout Installation Installation/Configuration of: Network adapter card on a: Windows 95 system.
CTSP TRAINING Router 101 And Networking Basics. You Don’t Need Internet Access to Run or Connect your devices to an Ethernet switch or Router Enable DHCP.
Home Media Network Hard Drive Training for Update to 2.0 By Erik Collett Revised for Firmware Update.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
DSL-2544N Dual Band Wireless N600 Gigabit ADSL2+ Modem Router
EMerge Browser Managed Security Platform Module 3: Startup eMerge Certification Course  Physical connection  TCP/IP Characteristics of PC  Initial connection.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Configuring Network Devices Working at a Small-to-Medium Business or.
Secure Wireless Home Networks Area 2 SIR Presentation Nov. 18, 2004 Dean Steichen Br. 8.
1/28/2010 Network Plus Unit 4 WAP Configuration WAP Configuration In this section we will discuss basic Wireless Access configuration using a Linksys.
NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.
Cisco ASA 5505 Joseph Cicero Northeast Wisconsin Technical College.
Networks.
Networking Components Michelle Vega Network System Administrations LTEC /026 Mr. West.
HotEx Radius Manager Installation. hotEx RADIUS Manager Network Diagram.
DHP Agenda: How to Access Web Interface of the DHP-1320 on Access Point Mode How to Access Web Interface of the DHP-1320 on Router Mode How to Change.
How to Deploy and Configure the Smart Net Total Care CSPC Collector
17 Establishing Dial-up Connection to the Internet Using Windows 9x 1.Install and configure the modem 2.Configure Dial-Up Adapter 3.Configure Dial-Up Networking.
Chapter 2: Configure a Network Operating System
© ExplorNet’s Centers for Quality Teaching and Learning 1 Install, configure, and deploy a SOHO wireless/wired router using appropriate settings. Objective.
SMOOTHWALL FIREWALL By Nitheish Kumarr. INTRODUCTION  Smooth wall Express is a Linux based firewall produced by the Smooth wall Open Source Project Team.
How to Use LINCWorks as a Wireless Repeater For additional help please contact: Paul Peterson
SECURE LAB: CREATING A CISCO 3550 VLSM NETWORK
NetComm Wireless NB16WV-02 Training
Introduction To Networking
What is meant by a router? A Router is a small electronic and hardware device that joins multiple computer networks to via a wire and wireless.It is designed.
Networking for Home and Small Businesses – Chapter 2
Networks Software.
Networking for Home and Small Businesses – Chapter 2
Presentation transcript:

SOHO DIY SECURE WIRELESS Matthew Maples Eastern Kentucky University Networking Security and Electronics

Overview Cost effective implementation of dual SSIDS in SOHO environment Utilize wireless technology for maximum connectivity and decrease security risks Re-purpose old or unused hardware

Motivation Mobile technology is growing More security risks from unsecure devices Experience customizing network to solve a problem Cost effectiveness

Problem Statement Design and implementation of a mock SOHO setting using common or old hardware. Utilize dual SSIDs to provide connectivity to typical network devices (file server) to secure connection while providing protection from unsecure devices.

Initial Assumptions Key for “secure” line will be handled appropriately by personnel. Background in PC communications and networking or willingness to learn. Designed for small settings. Number of devices would need to be increased for larger networks.

Components Needed FreeNas (or your choice of live cd/os to setup file server) 3 PCS (1 for server, 2 workstations for demonstration) 1 Linksys WRT54G Wireless-G Router 1 Modem Ethernet Cable Wireless NIC/Adapters

Preparation 3 PCs (2 Workstations and 1 File Server) File Server Min. Specs: ▫CPU: 32 bit or 64 bit (64bit for ZFS ▫RAM: 4gb, 6gb for ZFS ▫HD: Sata drives After choosing specifications for each system, make sure that the master/slave drives are appropriately set and documented

Preparation Download FreeNAS to appropriate removable media (CD or USB) Run FreeNAS image on File Server Set static IP for file server by selecting Configure Network Interfaces during installation Typing the IP into a web browser from a LAN workstation will connect to the server setup.

Preparation Under Storage  Volumes choose the volumes used for storage within the server. Under Services  CIFS setup the shares for the file server. Choose home directory

Preparation Setup Wireless router for dual APS. If the router does not come configured with DD- WRT then it must be installed. Download the DD-WRT version that fits your router onto a PC Connect the router to the PC via ethernet cable and log into the config using web browser (internet explorer recommended)

Preparations Log in with the appropriate credentials for your router. Click on Router Upgrade under Maintenance Browse to the image located on your systems hard drive. Wait for the installation to finish (takes some time) and log back into the router. DD-WRT IP: , User: root, Pass: Admin Perform hard reset (30/30/30) to restore factory defaults and confirm installation.

Preparations Setup 2 SSIDS on WRT54G router Connect router to PC via Ethernet cable In web browser, connect to Navigate to Wireless  Basic Settings. Click Add below Virtual Interfaces Change SSIDs as needed. (I.E office and guest)

Preperations Navigate to Wireless  Wireless Security Set Security Mode on main SSID to WPA2 Personal. Set shared key and save Navigate to Setup-  Networking Under Bridging, click ADD Change first slot to br1, click apply settings In the new bridge set the IP address to 1 off the primary network (i.e  ), subnet mask

Preparations Scroll to bottom to DHCPD section. Click ADD Switch first slot to br1, click apply settings Navigate to Administration  Commands Command Shell: Paste and Save firewall and reset router iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP iptables -I FORWARD -i br0 -o br1 -m state --state NEW -j DROP #Removes guest access to the router's config GUI/ports iptables -I INPUT -i br1 -p tcp --dport telnet -j REJECT --reject-with tcp-reset iptables -I INPUT -i br1 -p tcp --dport ssh -j REJECT --reject-with tcp-reset iptables -I INPUT -i br1 -p tcp --dport www -j REJECT --reject-with tcp-reset iptables -I INPUT -i br1 -p tcp --dport https -j REJECT --reject-with tcp-reset

Setup Now that the Router is configured for dual SSIDS, you can setup the network Setup workstations and file server with wireless communications via either wireless NICs or wireless adapters On one workstation connect to the main network (i.e office) and on the other connect to the new one (i.e guest). On the file server, connect to the main network.

Testing/Results From the workstation connected to the main network, create a new file under the share for the file server. Try to do the same from a the second workstation. If setup properly the second workstation should not see the network share from the file server.

Conclusion The setup takes time and some knowledge of networking/pc hardware or willingness to learn. Utilizing older systems/hardware can be a cost effective way to segregate small office or home networks to protect sensitive information without having to spend a lot of money on numerous WAP or limiting connectivity.

Future Work For added security, enable AP isolation for Guest SSID to prevent any workstation-> workstation communications on the guest network. Inclusion of groups within FreeNAS software can also add an extra layer of security

References (n.d.). Wireless Networking. Retrieved from networking/ Bernadette, J. How WiFi Works (n.d). Retrived from network.htm Fitzpatrick, J. (2013, April 22). How to Enable a Guest Access Point on Your Wireless Network. HowTo Geek RSS. Retrieved May 6, 2014, from network/ Heyne, C. (2013, 06 23). 7 tips to boost wireless speed, range, and reliablity. Retrieved from NetworkOC. Converting stand-alone cisco autonomous access point to lightweight access point. 2013, 09 23). Retrieved from converting-stand-alone-cisco-autonomous-access-point-to-lightweight-access-point/ Rubens, P. (2012, 05 10). Top 10 ways to secure a windows file server. Retrieved from server.html Trived, Y. (2011, March 22). Turn Your Home Router Into a Super-Powered Router with DD- WRT. HowTo Geek RSS. Retrieved May 6, 2014, from with-dd-wrt/