Wireless Network Security
The term wireless network security sounds too technical for many home and small business users, so they often ignore it. But securing a wireless network against intruders is really quite simple and it's very important. You wouldn't leave your home's front door wide open while you are out, or a loaded gun on its front porch. Leaving a wireless network unsecured can be equally foolhardy... |
How to Secure Your Wireless Network
The key to securing a wireless (wifi) network is the router. And surprisingly, all wireless network routers arrive from the factory with no effective security enabled. If you just plug in the router and configure your network, a child can access your wireless network. Sometimes even the routers that are installed by techs from your ISP are left wide open. You must take positive steps to secure the wireless network, or you may leave the door to your computer wide open to invisible intruders. Here are some basic steps that beef up wireless network security significantly:
Change the router's default administrator password. The default (factory supplied) password is blank, "admin" or "password" on many manufacturers' routers. Hackers know that, so they try these first. Lists of default administrator passwords for hundreds of popular wireless routers are readily available online. Read the router's user manual and change the administrator's password to something obscure. Do not use any publicly available word(s) such as family names, street address or Zip code, etc. Hackers are skilled in divining obvious passwords.
Turn on wireless encryption. Encryption scrambles the data transmitted between the router and the devices that use it so that only devices which have the decoding key for the encryption method used can access the wireless network. Even if spies intercept the radio transmissions of encrypted data they cannot make sense of it without the key. Routers ship with several forms of encryption built in; choose the strongest (hardest to break) encryption your router and the devices that connect to it support. When creating an encryption key, use at least a dozen random letters and numbers instead of something short and obvious.
Change the default SSID (Service Set IDentifier). The SSID is the name of your wireless network that shows up in a list of available wireless networks. Knowing the name of your network doesn't help hackers break into it, but a manufacturer's default SSID such as "linksys" or "NetGear" indicates that you're lax about security and worth probing further. You can even set your router to not broadcast its SSID, so your network will be invisible to unsophisticated seekers.
Turn on MAC Address Filtering. A very strong wireless network security technique called MAC Address Filtering is a bit more complicated to set up and manage, but worth the effort if the devices authorized to connect to your wireless network don't change very often. Every digital device has a unique alphanumeric identifier hard-coded into its circuitry: the MAC Address. (Don't be confused here... a MAC address has nothing to do with your operating system, be it Mac OS or Windows.) Wireless routers can detect the MAC addresses of devices that try to connect to them. You can set up a filter list of MAC Addresses and specify "only these MAC addresses are allowed to connect to my network." You can also blacklist specified MAC addresses so that their connection attempts are rejected while others are accepted.
Logging in to the Router
The first step to securing your wireless network is logging into the wifi router. In most cases, you can enter http://192.168.0.1 or http://192.168.1.1 in your web browser to connect to the router. If you don't get a login prompt, you can find your router's address by using the ipconfig command at a Windows command prompt. Look for the "Default Gateway" line, and you'll find the router address there. On a Mac, select System Preferences from the Apple menu, then select Network. Select Ethernet, click Advanced, then click the TCP/IP tab, and the router address is displayed.
Every router is different, so I can't give specific instructions here for modifying the security settings discussed earlier in this article. Consult the manual, do some Googling, or call your ISP's help desk if you need assistance once you're logged into the router.
Wireless network security keeps others in your vicinity from leeching off your WiFi internet connection. You don't want a wifi moocher slowing down your connection by downloading porn or running a file sharing service on the sly. Securing your wireless also keeps hackers out of your network and its attached computers, protecting you from identity theft. It can also prevent cyber-criminals from using your computer as a zombie to launch spam and denial of service attacks. Setting up proper security should be the first thing you do after hooking up a wireless router.
Do you have something to say about wifi security? Post your comment or question below...
|
|
Share this article with friends! |
|
Posted by Bob Rankin on 28 Sep 2010
| Need More Help? Try the AskBobRankin Updates Newsletter. It's Free! |
 |
Prev Article: Geekly Update - September 27 2010 |
The Top Twenty |
Next Article: Windows Keyboard Shortcuts |
 |
|
Link to this article from your site or blog. Just copy and paste from this box: |
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter |
||
|
Copyright © 2005
- Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google. |
||
Article information: AskBobRankin -- Wireless Network Security (Posted: 28 Sep 2010)
Source: http://askbobrankin.com/wireless_network_security.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Free
Most recent comments on "Wireless Network Security"
Posted by:
Dwight
28 Sep 2010
This is great information. I was able to log into my wireless router and found that my USER NAME and PASSWORD were both common and simple. I then followed your instructions and was able to change these settings to a very secure private selection. Thank you so much for this article!
Posted by:
Jim Harrison
28 Sep 2010
MAC filtering is useless as explained to me by some white hat consultants I talked to recently. MACs are broadcast in the clear and easy to spoof they say. (These guys were good too! They gave a demo of what they found at a local Panera Bread and also what they found at our site (including cell phones!). MAC filtering in theory sounds good, but for an experienced hacker, worthless.
PS - thanks for the years of internet advice. I go way back to your Access the Internet by email publication before we had web at work. Helped a lot!!
Posted by:
LINDA
29 Sep 2010
Do you think this is how my address book was hijacked? I have Microsoft Essential Security downloaded and have also downloaded a couple of malware programs and STILL (as of today), someone is sending out email to my address book. I am at a loss to know how to remedy this. Thanks.
Posted by:
Dwight
30 Sep 2010
For Linda..re:e/mail address book spammed...I remember reading a topic here recently in reference to what you're saying. Perhaps, Bob, you can steer her to that article. It had something to do with changing the FROM address as well.I immediately changed my PASSWORD to my e/mail and that was the end of it. (It had looked as though I had sent those messages when in fact I did not)..By the way, this is what can happen when people send out mass e/mails under CC and use the actual e/mail address of others rather than just a name. I HATE that!. Hope Bob can help you.
EDITOR'S NOTE: Change the password often, and protect it!
Posted by:
Ron007
11 Oct 2010
Yes Jim H, MAC filtering (and changing or hiding SSID) can be bypassed by "1expert" attackers, but ...
Using each one provides an additional layer of security, "protection in depth", by filtering out "script kiddies". Script kiddies are attackers who have no real hacking skills they just used "canned" attacks.
This recent article:
http://www.cnn.com/2010/TECH/innovation/08/20/super.passwords/index.html
explains why you need to go with complex passwords longer than 8 char. Be paranoid and go longer than the suggested 12 char too. The encryption password is something that people (especially home users) tend to "set and forget". Make it much longer, say 20+ char, so you don't have to be concerned about advances in applying "cloud" power to hacking passwords.
Posted by:
Dwight
04 Dec 2010
Hello Bob...I just love your tips etc. I look forward to every one!
I have a wireless security question. Today my friend came over with here laptop. She wanted to use my internet. I said "sure" cause I know her well. She did this: on her laptop she connected to ALL UTILITIES, then we saw my name there along with several others who are in the area using their internet (Hmmmm? I wondered). then she clicked on MY name, and when it asked for a NETWORK_KEY she simply put in my phone number and connected MY internet to HER laptop - no problem. I was astonished. That would mean any one who knew my phone number to use my internet for ANYTHING they liked; such as illegal stuff!!. My question is, how do I prevent this from happening with someone else?. I have a VERY strong password on my Linksys router which I thought would prevent this. Obviously not. So what would I need to do Bob to prevent this. How dod I get rid of my phone number and replace with a strong password?.
Thank you very very much Bob. As I said, I keep every mail you send and look things up, but this I couldn't find. I did use one mail/update to reset my Linksys password in September/10.
EDITOR'S NOTE: Sounds like your wifi key really is your phone number, and that your ISP does that as part of their router setup. Note that the password to login to your router is not the same as the wifi key.
Posted by:
WALE
23 Apr 2011
i bought a new router tplink and two deck top hp system with window xp and two tplink adapters for the systems. After setting up, the systems could browse internet but could not see the shared files of each other. Please HELP!!!