Or login with:
Posted January 25, 2010 by RandomTask in How To
If you are like most modern internet users you want the convenience of a wireless network in your home (or small office). Let's face it's a lot easier to simply turn on a wireless router, install or activate wireless cards and hope online - than run network cables.
This wireless convenience however, leaves your network open to vulnerabilities that a traditional wired network doesn’t have. The signals that allow you easily work without wires can easily pass through walls, and allow others to not only use your internet connection, but may also allow them to access your network as well - and thus any information stored on your computers.
Before you start covering your wall with aluminum foil or throw out your wireless network components take a few and utilize the following steps to secure your wireless network.
1) The first thing I do is change my wireless router or access points default password. This will help reduce the likelihood that someone will be able to change your setting later; besides changing default passwords is always a good security practice. Choose something that is relatively long, random and combination of numbers, upper and lower case letters, as well as special characters. (e.g. !,@,#,$,%,^&,* ) The trick is to create a password which can be remember by you but not easily guessed by others.
While you are at it - disable all remote administration of the router or access point. This will eliminate the ability for anyone who isn't on the local network to make changes to the router or access point’s settings.
If you need help change the default password a good place to check is either manufactures website - or your ISP if they have provided or set-up of the equipment for you. You can also hit the forums here at EMDx and ask for help.
2) Keeping what was just mentioned in mind the second step I follow is to change the default password for access your wireless network. This is the first step in keeping unwanted people off your network.
3) Make sure your wireless network is using the latest encryption. While WPA is the current standard some equipment still has the option to use WEP which is no longer considered secure. You can adjust these settings in your router or access point’s administration panel
Usually this is where most people stop. However there is a lot more securing that can be done.
4) All wireless routers and access points broadcast an SSID(Service Set IDentifier). This is what shows up as the name of the network. 2WIRE923 or Hilton935 would be an example of what you might see. It’s really up to you whether or not you change this. For what I am about to recommend I'd suggest that you do change to something you can remember at a later date.
Most WLAN access points and routers automatically (and continually) broadcast the network's SSID. This makes setting up network clients (the devices you wireless content to your network) extremely convenient, since you don't need to know what your network is called to access it.
The down side is anyone within range your wireless network can see it. Turn off your SSID and your network will become "invisible" to your neighbors or passers-by. The network can still be detected with "sniffers" - but will basically not exist to the average user. This setting can be adjust in the router or access point’s administration panel.
You will need to know the name of the SSID to connect to your network. Don't worry though, you can save these settings so you won’t have re-enter them every time you connect.
5) Consider MAC Address filtering to control access to your wireless network. A MAC address is unique to the specific adapters. Choosing to only allow specific MAC addressed devices to connect will greatly increase your control over who can and can't access your network.
In order to use MAC Address filtering you need to find and enter into the wireless router or wireless access point the 12-character MAC address of every system which will be connecting to your network wirelessly.
This can be little inconvenient to set-up - and this especially true when you have a large number of wireless devices to connect to your network; however it is a pretty significant increase in security. It must be stressed that this by no means a way to make your network 100% secure. MAC Addresses can be "spoofed" - or falsified by a knowledgeable person; it does however add another hurdle for a potential wifi intruder to jump.
If your wireless clients change often this may option maybe out of the question - but for most users it’s quite workable.
6) While not available on all wireless routers or access points, some do allow you to lower the power your router or access point’s transmitter. Reducing the power supplied to the transmitter can reduce the amount of the wifi signal which broadcasts outside of the building your wireless network is in. It’s virtually impossible to completely stop the some of the signal from being broadcast outside of your building – however with a little fine tuning it is possible to reduce the amount transmitted outside – while keeping a proper connection in side.
Hopefully this has been a little helpful. If you need additional help hit up the EMDx forums
- Happy Computing
This wireless convenience however, leaves your network open to vulnerabilities that a traditional wired network doesn’t have. The signals that allow you easily work without wires can easily pass through walls, and allow others to not only use your internet connection, but may also allow them to access your network as well - and thus any information stored on your computers.
Before you start covering your wall with aluminum foil or throw out your wireless network components take a few and utilize the following steps to secure your wireless network.
1) The first thing I do is change my wireless router or access points default password. This will help reduce the likelihood that someone will be able to change your setting later; besides changing default passwords is always a good security practice. Choose something that is relatively long, random and combination of numbers, upper and lower case letters, as well as special characters. (e.g. !,@,#,$,%,^&,* ) The trick is to create a password which can be remember by you but not easily guessed by others.
While you are at it - disable all remote administration of the router or access point. This will eliminate the ability for anyone who isn't on the local network to make changes to the router or access point’s settings.
If you need help change the default password a good place to check is either manufactures website - or your ISP if they have provided or set-up of the equipment for you. You can also hit the forums here at EMDx and ask for help.
2) Keeping what was just mentioned in mind the second step I follow is to change the default password for access your wireless network. This is the first step in keeping unwanted people off your network.
3) Make sure your wireless network is using the latest encryption. While WPA is the current standard some equipment still has the option to use WEP which is no longer considered secure. You can adjust these settings in your router or access point’s administration panel
Usually this is where most people stop. However there is a lot more securing that can be done.
4) All wireless routers and access points broadcast an SSID(Service Set IDentifier). This is what shows up as the name of the network. 2WIRE923 or Hilton935 would be an example of what you might see. It’s really up to you whether or not you change this. For what I am about to recommend I'd suggest that you do change to something you can remember at a later date.
Most WLAN access points and routers automatically (and continually) broadcast the network's SSID. This makes setting up network clients (the devices you wireless content to your network) extremely convenient, since you don't need to know what your network is called to access it.
The down side is anyone within range your wireless network can see it. Turn off your SSID and your network will become "invisible" to your neighbors or passers-by. The network can still be detected with "sniffers" - but will basically not exist to the average user. This setting can be adjust in the router or access point’s administration panel.
You will need to know the name of the SSID to connect to your network. Don't worry though, you can save these settings so you won’t have re-enter them every time you connect.
5) Consider MAC Address filtering to control access to your wireless network. A MAC address is unique to the specific adapters. Choosing to only allow specific MAC addressed devices to connect will greatly increase your control over who can and can't access your network.
In order to use MAC Address filtering you need to find and enter into the wireless router or wireless access point the 12-character MAC address of every system which will be connecting to your network wirelessly.
This can be little inconvenient to set-up - and this especially true when you have a large number of wireless devices to connect to your network; however it is a pretty significant increase in security. It must be stressed that this by no means a way to make your network 100% secure. MAC Addresses can be "spoofed" - or falsified by a knowledgeable person; it does however add another hurdle for a potential wifi intruder to jump.
If your wireless clients change often this may option maybe out of the question - but for most users it’s quite workable.
6) While not available on all wireless routers or access points, some do allow you to lower the power your router or access point’s transmitter. Reducing the power supplied to the transmitter can reduce the amount of the wifi signal which broadcasts outside of the building your wireless network is in. It’s virtually impossible to completely stop the some of the signal from being broadcast outside of your building – however with a little fine tuning it is possible to reduce the amount transmitted outside – while keeping a proper connection in side.
Hopefully this has been a little helpful. If you need additional help hit up the EMDx forums
- Happy Computing
English (US) 