Securing Your Network
What's most disheartening to security experts is that enabling wireless security is incredibly easy. All 802.11b or 802.11g routers on the market today offer security options. Most, if not all, manufacturers explain how to enable security and some, like D-Link, go as far as providing a setup wizard that includes security options when you first access the router.
There are several ways to secure your wireless network all of which can be done together to prevent unauthorized network access:
-
Turn off broadcasting of your SSID. The "Service Set Identifier," or SSID, is a broadcast message notifying every device within range of your network's presence. All wireless routers have the option to turn off broadcasting your SSID. This is by far the easiest way to prevent drive-by crackers from accessing your network. While your data is still not encrypted, most wardrivers won't know that you have a network and as a result, won't try to access it. Some computers or wireless cards have problems connecting to wireless networks that don't broadcast the SSID so there is a small possibility that this may not work for everyone.
-
Change the default settings of your router's Web-based administration. While changing your admin login won't stop anyone from intercepting your wireless traffic, it will prevent them from changing your settings. Most wireless routers allow you to change your admin name and password. While you're at it, change the name of the SSID. If someone detects your SSID as being named "Linksys," they can assume that your default username is "admin" and your default password is "admin" because that is the way Linksys networks are setup at the factory. If anything, changing your default setup will show a wardriver that you at least know something about setting up a wireless network.
-
Enable WEP or WPA encryption. WEP (Wireless Equivalent Privacy) or WPA (Wireless Protected Access) are ways of forcing users to enter a password, which is encrypted, before they can access a wireless network. WEP is the most common and for determined crackers, has been proven to be "hackable". But, the time and energy it takes for someone to break into a WEP protected network will discourage most threats. WPA is so far uncrackable and is offered on most newer WiFi devices.
-
Allow access based on MAC address. A MAC address (Machine Access Code) is a unique number that every network-enabled device can be identified by. Most wireless routers will allow you to set up access based on MAC addresses, allowing access to only those computers or devices which you have entered into the table. This can be more time-consuming but will certainly prevent all but the most well-equipped crackers from accessing your network.
Part of the problem of unsecured wireless networks can be traced back to the manufacturers. Most retail WiFi products are shipped with all security options turned off by default. Since they work fine out of the box, many users may not feel a need to look more into the setup options. However, all such devices come with pretty good instructions and there is no excuse for not reading the product manual.
An unencrypted wireless network is not just a security risk to the owner of the network, but potentially to everyone else on the Internet. Once someone has anonymous access to a wireless network, they can do whatever they want on the Web with total anonymity. Do yourself and your fellow Net citizens a favor and take the steps to secure your network.
RSS Feed