Wireless Network Security Checklist
I have a wireless router, with several computers and game consoles in my home connected to wifi, but I'm worried about the security of the wireless network. How can I make sure that nobody can secretly access my computers through a wireless connection?
Checklist: Is Your Wireless Network Safe?
The purposes of wireless security is to keep unauthorized parties from using the wireless Internet access that you pay for, and to keep unauthorized parties from accessing the computers on your wireless network. For home and small business wireless network operators, "unauthorized parties" are usually not mastermind cybercriminals but casual freeloaders.
Your wireless network's range is a few hundred yards, at most. That means the people most likely to "hack" into your WiFi network are your neighbors and transient passersby. Fortunately, it does not take much to deter such gate-crashers. A few easy, free tweaks to your WiFi router's settings are enough.
- Change the router's default username and password. The default login credentials for most WiFi routers are well known to hackers, and gaining access to the router enables them to do anything they wish. Note that this is NOT the same as the password one must enter to connect to a wifi network.
- Lock down your wifi with a password. Enable user authentication so that only persons who have a secret password can connect to your WiFi network. Authentication relies on encrypting the wireless signal so that only those who have the password can decrypt and use it. Several kinds of encryption are built into most routers. Steer clear of WEP which is an older and weaker form of encryption that hackers can break. The WPA protocol with RC4 encryption, or the WPA2 protocol with AES encryption is recommended. (Geeky side note: WPA with TKIP encryption is crackable.)
- Choose a really good password. Make your wifi passwords long or random so that they are difficult to guess or hit upon with "brute force" password-cracking software. A strong authentication key is at least 12 characters long and includes a random mixture of upper- and lower-case letters, digits, and special characters such as the underscore. Most devices will remember an authentication key, so the user only has to type it once.
- Change the wifi password occasionally. If any user no longer needs access, i.e., if you fire an employee or throw your brother-in-law out of your house, changing the wifi password will block them from your wireless network.
- Don't advertise yourself. Set your router to not broadcast its SSID - the network name that identifies your wireless network, i.e., "Linksys", "SmithFamily" or "123Main". Then your network won't show up in the list of "available networks" that casual freeloaders browse to find open wifi networks.
- Use MAC address filtering. MAC addresses can be used to allow and disallow specific devices (computers, iPods, smartphones) on your wireless network. A MAC address (which has nothing to do with Apple Macs) is a unique string of hexadecimal numbers embedded into almost every digital device, akin to a Social Security Number. A router can be configured to allow only devices from a list of specific MAC addresses on a network, or to block specific MAC addresses and allow all others.
- Be stingy with IP addresses. Limit the range of IP addresses that can be issued by your router's DHCP server. If only three computers in your home or office are authorized to use the wireless network, don't leave a dozen or more IP addresses available for the DHCP server to issue to whoever drives by.
To modify any of these wifi security settings, you first have to login to the router. Most commonly, you can enter http://192.168.0.1 or http://192.168.1.1 in your web browser to connect to the router. If you don't get a login prompt, enter the ipconfig command at a Windows command prompt. Look for the "Default Gateway" line, and you'll find the router address there. On a Mac, click the Apple, then System Preferences / Network / Ethernet /Advanced / TCP/IP tab, and the router address is displayed.
Unfortunately, I can't give specific instructions for changing the security settings, because there are so many types of routers, and the interface for each is different. A bit of Googling or your router's user manual should help you find the right place to make each change to the wireless security settings.
None of these techniques are fool-proof, but taken together they will add layers of security to your wifi network, and keep you safe from hackers looking to take advantage of soft targets.
Do you have something to say about wireless network security? Post your comment or question below...
This article was posted by Bob Rankin on 23 Dec 2010
|For Fun: Buy Bob a Snickers.|
The Top Twenty
Digital Photo Image Management
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Wireless Network Security Checklist (Posted: 23 Dec 2010)
Copyright © 2005 - Bob Rankin - All Rights Reserved