Kane’s Computing World

Wireless networking is really catching on, and with the cost of wireless equipment coming down in price, the convenience and ease of wireless networking is within reach of most people.  With the rise in popularity of wireless networking, however, comes an increased risk of security problems. Since all the data on a wireless network is carried by radio waves (ie. through the air), hackers don’t need to physically connect to your network to steal data, or to use your network for illegal activities; all they have to do is be within range: parked in a car in front of your house, for example.  To combat this, there are some simple steps that should be taken to secure your wireless network which I have listed below.  If you need assistance securing your wireless network, please contact us.

1. Change the default password of your router/gateway
   Most routers are managed through a web-page interface to which you log in.  The router comes from the factory with either a default password or no password at all!  These passwords are commonly known (i.e.. Linksys routers have a default password of “admin”).  You should use the router’s management utility to change the default password on your router to a strong password only you know.

2. Change the default SSID/ESSID of your router/gateway
   Most routers broadcast something called an SSID (Service Set Identifier) or ESSID (Extended Service Set Identifier).  These act like beacons which, in effect, broadcast to everybody within range, “Hey, I’m a Wireless Network-Connect Here!”.  In a public hotspot (i.e.. hotel, bookshop), this is entirely appropriate and lets the hotspot’s patrons connect easily.  In a private wireless network, this only encourages snooping, unauthorized network usage or worse. Use your router’s management utility to create a unique SSID.

3. Disable SSID/ESSID broadcasting
   The next step after creating a unique SSID, is to disable SSID broadcasting; in effect turning off the beacon announcing the presence of your wireless network. This puts your network into cloaked  or  stealth mode Again, this is done through your router’s management utility.

4. Enable Encryption
   Encryption further protects your data while it’s being transmitted.  There are a number of different encryption schemes (WEP, WPA, WPA2) that are in use. You should enable the strongest encryption that your network devices support.

5. Enable MAC filtering
   Every device that connects to a wireless network has a unique identifier called a MAC address (Media Access Control). Enabling MAC filtering through your router’s management utility allows you to specify which devices are allowed to connect to your network.  This should be enabled and the MAC address of each device that you wish to allow access to your network should be specified.

So if I do all these things, I hear you ask, my wireless network will be hackproof, right?  Well, unfortunately, wrong.  A determined hacker with the right tools can defeat each of these precautions.  Then what’s the point of going through all this, you ask?  It makes your network a harder target.  Faced with your protected network, most prospective attackers would rather move on to a wireless network that does not use the same protections.  Also, by erecting these barriers, anyone caught breaking into your wireless network will not be able to claim they “accidentally stumbled into it”.

These tips constitute the minimum steps necessary to protect a low-traffic home wireless network.

This entry was posted on Saturday, February 17th, 2007 at 4:13 pm and is filed under Security, Wireless. You can follow any comments to this post through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Bookmark this post: