stephensuley DD-WRT Guru
Joined: 09 Feb 2008 Posts: 641 Location: Canada
|
Posted: Tue Apr 26, 2022 14:22 Post subject: Canadian Centre for Cyber Security - Wi-Fi security guidance |
|
I thought the group might find this of value. Cheers.
ref: https://cyber.gc.ca/en/guidance/wi-fi-security-itsp80002
This document is intended for organizations of all sizes, both public and private, using Wi-Fi.
This document provides awareness of the vulnerabilities that exist within networks that introduce or currently use Wi-Fi. It is important to consider Wi-Fi security as an integral part of network and infrastructure security as it is used to carry out critical tasks that often include sensitive and confidential information (e.g. trade secrets, personal information [PI], and copyrighted material). A network is only as secure as its weakest link and Wi-Fi is an easy target for threat actors to take advantage of.
In this document, you will find sections corresponding to the Cyber Centre’s recommended policies, technical controls, and security measures as well as additional considerations to ensure network-wide security. _________________ Location (urban) - 1x Linksys EA8500 (AP wlan0 & wlan1 enabled)
1x Asus 68u (Repeater Bridge w/VAP) - wl0 disabled
1x Asus 87u (Client Bridge) - wl1 disabled
Latest and greatest builds |
|
Alozaros DD-WRT Guru
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
|
Posted: Tue Apr 26, 2022 19:55 Post subject: |
|
Kali linux and some other distributions, come with free wifi and other network hacking tools, not to mention another ton of linux compatible free networking tools that come every day...
In general Wi-Fi security is smoken mirror...for a touch better try wpa3 or try wifi radius server, but even thou...WiFi protocol has its own caveats
if you become a target ...no way to hide... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913 |
|