This episode has JJ Boyd, Justin Wilson and Myself(Greg Sowell). Andrew was unfortunately grabbing some much needed sleep.
We talk loosely about WISP security, bonding multiple connections across the internet, and Ubiquiti open lower frequency channels.
Talking points for the security section:
Securing border router
+ Router itself
+ • Disable unused services. Lock down administrative access. Put reflexive rules in place.
+ Access to publicly addressed assets inside
+ • Block external admin access. Put reflexive rules in place.
Securing towers
+ Protect from clients
+ • Towers should already be protected from outside access. Disable unused services. Lock down administrative access. Prevent clients from communication through tower.
+ • Encrypt backhauls. Potential impact to Aps should be pretty low.
Securing clients
+ Protect from clients.
+ • Disable unused services. Lock down administrative access.
+ • Encrypt to clients. Why not?
Securing administrative machines
+ Protect dude server
+ • Don’t install on local machine. Keep it secured on a machine you don’t surf the web from.
+ Protect admin machines
+ • Attempt to keep your work machine as clean as possible. Don’t be the source of the problem.
Links:
GregSowell training video on security.
Justin’s thoughts on encryption.
CIDR blocks by country.
Program to convert CIDR blocks to firewall entries for Mikrotik.
Client isolation(found in this document).
Ubiquiti 5Ghz UNII-2 FCC Approval!
Speedtest mini
Here’s the video:(if you don’t see it, hit refresh)
Leave a Reply