Hardening Wireless LAN Connections Part 1 - Configuring Logging
(Page 8 of 11 )
Like with your firewalls, it can be extremely beneficial to configure your WAP for logging. The objective is for the logging to show you what is going on with the WAP, particularly in regard to unauthorized access attempts. Cisco and Linksys support conventional syslog. Dell does not support any logging facility.
For the Cisco Aironet 1200, you can configure logging to a syslog server at the Event Log | Notification Options screen, shown next.
For the Linksys WAP54G, you can configure logging at the Setup | Log screen, shown next. Simple enable logging and enter the syslog server to which events should be sent. When you are finished, click Save Settings.
Hardening Services
Not many services need to be hardened for most WAPs, with the notable exception of Cisco. The most common services you might run across are as follows:
- Simple Network Management Protocol (SNMP)
- Network Time Protocol (NTP)
- Dynamic Host Configuration Protocol (DHCP)
Configuring SNMP
Cisco and Linksys support using SNMP for management of the WAP; however, neither supports using SNMPv3. Also, both SNMPv1 and SNMPv2 have no security features. Therefore, if you do not need SNMP, you should disable it.
By default, the Cisco Aironet 1200 ships with SNMP disabled. However, you can enable this service at the Services | SNMP screen.
You can configure SNMP support for the Linksys WAP54G at the Advanced | SNMP screen, shown next. Simply enable SNMP, specify a read-only and a read-write community string, and enter the appropriate information in the identification fields. When you are finished, click Save Settings.
/ 8 
