i have read several of the post on different ways to secure wireless router's. i currently have WEP enabled, NOT broadcasting SSID. but i would like more. i ran across an article yesterday (that i can't for the life of me find today) that described opening/closing certian ports to designate/restrict internet traffic. could someone point me to or let me know how to do this w/ my router? also, any other tips/instructions or links to other post that would help me setup up my router as secure as possible.
i realize it's NEVER completly secure. hell, i found this forum looking for HOW TO CRACK WEP. but i'm glad i found it. all kinds of straight - forward, ecspecially-if-your-a-noob, info.
so please bare w/ me if my question seems or is redundant. just trying to get started in this forum w/ a general question that i don't have the answer for.
WEP is basically useless except for the casual user who doesn't know anyting about wireless. WEP can be cracked in minutes, and measures posted on a BBS about securing WEP, if that is what they said, can be disregarded. Same with not broadcasting the SSID. The SSID is still in the beacon and can be seen without any particularly special tools.
If however you own client hardware, or AP hardware for that matter, that doesn't support WPA or WPA2 then that is what your stuck with. MAC filtering, or some Router/AP combos will filter by IP ACL's. Turning off SSID Broadcast etc... That's about as good as you can do. Ports are already blocked. Can't speak to what you heard or read but if they actually said/wrote that you should block ports then well, they really should be ignored. I suppose there may be some SOHO routers that have ports open and you could close them but it's unlikely. The opposite is true. NAT Routers should block and you have to manually open them if you want to do something using that port. Running an FTP server on one of your machines for instance. You'd open port 21.
If your concerned about wireless security, honestly, then go out and by contemporary hardware that supports a mechanism that isn't pitifully easy to break. Buy WPA capable devices. WEP, MAC filtering, disabling SSID broadcast, if you know what your doing, is barely a bump in the road.
If you haven't already done so, go to netgear's WGR614 web support and see if there is a firmware upgrade for your WGR614 which will support WPA. I suppose this actually boils down to installing an upgrade for your version of the WGR614 if one is available and then seeing if it now supports WPA.
Hey, maybe it buys you nothing but it's also the cheapest first step to take towards securing your network. :wink: