Saturday, November 05, 2005
Never Manage a Wireless AP from the Wireless Side
OK, So this is going to be a good practical lesson in basic security. I was setting up my wireless AP this evening, trying to secure it. I have been living here for a few weeks and just running it in the default and have noticed a few other people on it now and again. I don't so much care but the wife would like to know that the cops aren't going to come banging on our door for something the neighbor did.
So I went on the wired side with one of my PC's and logged into my AP. Set a password and then setup WPA with a preshared key and a new SSID and turned off broadcast. Power cycled the AP thinking I had done not too bad and got on to testing it. I turned around to my laptop and it was still on the Internet. Hrump maybe the settings didn't take, so went back to the PC and back into the AP interface and it showed my laptop was still connected. So I set up a MAC exclusion and let only my laptop in, since it didn't have the settings yet it wouldn't be able to connect.
I turned back around to my laptop and refreshed the page I was looking at and it came up no problem. So I was wondering WTF, from my laptop I signed into the AP. Tried my password and it didn't work, tried the default password and it did work. So what the hell? I thought setting the password took? Didn't I already login once with my new password?
Then it dawned on me, I checked my access point from my desktop and sure enough my laptop was no longer connected. Just think what the support call would have gone like for linksys if I hadn't realized that I was on someone elses default configuration AP and had configured it correctly.
So I went on the wired side with one of my PC's and logged into my AP. Set a password and then setup WPA with a preshared key and a new SSID and turned off broadcast. Power cycled the AP thinking I had done not too bad and got on to testing it. I turned around to my laptop and it was still on the Internet. Hrump maybe the settings didn't take, so went back to the PC and back into the AP interface and it showed my laptop was still connected. So I set up a MAC exclusion and let only my laptop in, since it didn't have the settings yet it wouldn't be able to connect.
I turned back around to my laptop and refreshed the page I was looking at and it came up no problem. So I was wondering WTF, from my laptop I signed into the AP. Tried my password and it didn't work, tried the default password and it did work. So what the hell? I thought setting the password took? Didn't I already login once with my new password?
Then it dawned on me, I checked my access point from my desktop and sure enough my laptop was no longer connected. Just think what the support call would have gone like for linksys if I hadn't realized that I was on someone elses default configuration AP and had configured it correctly.
