# Wireless security?

## BK201

What is considered good security practice in terms of connecting to large wireless networks? My school has campus wide WPA2 access points and I'm wondering what I should be doing as far as security goes. Should I run a firewall? Iptables? Or are such measures unnecessary?

----------

## NathanZachary

What exactly are you wanting to know?  Are you meaning to ask whether or not your school's WPA2 provides decent security, or if you need to take additional security precautions?  It is always nice to know what is happening with regard to your network activity.  For that reason, a network monitor (snort, netcat) would be good.

----------

## Sven Vermeulen

Consider WPA2 for wireless networks as a way to secure the access between you and the access point on physical level. Nothing more. In other words, other people that have access to the network have the same level of access to your machine as if you are all connected to a switch on a wired network.

A firewall is a good choice, especially in case you think processes are attaching themselves to public ports on your system.

Other than that: keep your system up to date, configure only necessary services, keep required services that do not need network access on localhost, don't use root for daily activities, etc.

----------

## BK201

Well, for example, my desktop/lan sites behind a firewall (smoothwall). So I guess what I'm asking is, should I set up a personal scale firewall to block unwanted traffic on the laptop? I guess its not really necessary..

----------

## XQYZ

I guess it certainly wouldn't hurt setting up iptables. Especially if you are running any kind of network service while using the laptop (sshd, pulseaudio in network mode, apache, mysql, samba, nfs).

----------

## d2_racing

Indeed, running a firewall on a laptop can be a must nowadays.

----------

## Rexilion

The equivalent of the 'public' network mode in Vista is like doing this in Linux (assuming you are not running any servers):

```
iptables -P INPUT DROP

iptables -P FORWARD DROP

iptables -P OUTPUT ACCEPT

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
```

What it does, is that it only accepts connections that you have started (e.g. firefox starts visiting a site, then that site is allowd to communicate back is a requirement of course). Once the connection is broken, that site won't be able to connect to you anymore. Others, that try to connect (without you connecting to them (hackers!)) to you will be blocked immediatly. It's the same like enabling the Firewall without exceptions.

----------

## d2_racing

I use that kind of iptables rules :

http://www.gentoo-quebec.org/wiki/index.php/Utilisation_de_Iptables_pour_un_seul_ordinateur

----------

