Talk:Wireless security

From DD-WRT Wiki

Jump to: navigation, search

All PSK protection schemes are vulnerable to wpacracker.com and other types of brute force attacks. There are ways to lessen your vulnerability, but the best defense is to use "enterprise" protection rather than pre-shared keys. I am new to dd-wrt, but working through the documentation to provide guidance on doing this.

Goals:

one SSID for open use as a friendly hot spot, with appropriate rate filtering, or for use with PSK

one SSID for use with WPA2/Enterprise/Radius

iptable rules to ensure the LAN can get to WiFi, but not the other way around

ssh, openvpn and voip access from the WAN

If there is interest, I will post my results. If there is anything extra that someone wants, let me know, I might want it too.

My thanks to everyone who has made DD-WRT such an incredible resource.