Another major consideration when designing a wireless security scheme is the point of access to the wired network. Without securing the access point, most of your plans for securing clients are done in vain.
Unfortunately, the procedure for securing this access point will differ depending on which brand of WAP is in use. What follows then are just some very general considerations to look for, using examples from a wireless router that's used to share out your author's broadband Internet connection.
Every wireless device will have some way of managing its default settings. In the case of my wireless router, this is done with an HTML interface. To access the device settings, I connect to the Website running on the internal interface's IP address. I type http://192.168.2.1 into my Web browser, and get a login page that looks like what you see in Figure 10-13.
Figure 10-13. Accessing the management interface of the wireless access point (WAP).
Enter a username and password. Here's one security configuration that can easily be forgotten about. A good many of the wireless routers out there today have not had the default administrator user names and passwords changed, which means you can hack into them by using passwords like admin, password, or just by leaving the space blank. I suggest that changing this password be the first order of business when configuring WAP security.
Next, look to set the device's security settings by changing the SSID and the network key settings. There's usually a button somewhere that lets you turn off broadcasting of the SSID. There's another that will prevent the device from accepting "ANY" as the SSID. As mentioned, these are a couple of quick and easy security measures that will prevent the casual user from connecting to the network. Other tabs will let you configure encryption settings for the access point. Refer to your router's documentation for further information.