http://www.dslreports.com/forum/r9320055 en Tue, 24 Nov 2009 10:48:42 EDT Tue, 24 Nov 2009 10:48:42 EDT http://www.dslreports.com/forum/remark,9320055 keith2468 : Nerd is 100% correct that no security standard or encryption algorithum will help if the default is for the equipment to be unsecured.

I'd also add that new security standards should require that the material enclosed with the approved device or software include relevant user education on security measures.

If there is one thing we can all learn from cracker attacks on M$ products it is that:

1. The default configuration must be safe.

2. Install scripts or a nag window should force or nag the user to replace default passwords with complex non-default passwords.

3. The user should be able to reduce security from the default as necessary, but there should be a warning that security is being reduced (with a link to an explanation and suggestions on what can be done to reduce the exposure).

Definitely wired is more secure than wireless, but some installations insist on wireless and we have to provide it.

Here is the BBR FAQ on secure wireless setup:
»Security »How do I secure a wireless network (wireless router)?]]> http://www.dslreports.com/forum/remark,9320055 Sat, 07 Feb 2004 21:19:28 EDT