7 Steps To A Secure Wireless Network
Wireless networks, often abbreviated to “Wi-Fi”, allow PCs, laptops and other devices to “talk” to each other using a short-range radio signal. However, to make a secure wireless network you will have to make some changes to the way it works once it’s switched on.
The signal of any short-range radio transmission can be picked up by any device in range that is tuned to the same frequency. This means that anyone with a wireless PC or laptop in range of your wireless network may be able to connect to it unless you take precautions.
If this happens then your network and PC are vulnerable to any or all of the following:
Freeloaders – Most wireless networks are used to share a broadband Internet connection. A “Freeloader” may connect to your network and use your broadband connection without your knowledge or permission. This could have an impact on your own use. You may notice your connection slows down as it shares the availability of the Internet with more users. Many home Internet services have limits to the amount of data you can download per month – a “Freeloader” could exceed this limit and you find your Internet bill charged for the extra amounts of data. More seriously, a “Freeloader” may use your Internet connection for some nuisance or illegal activity. The Police may trace the Internet connection used for such activity it would lead them straight back to you.
Eavesdropping – As information is transmitted an “eavesdropper” may connect to your wireless network and view all the information as it passes by. This is entirely undetectable by the user as the “Eavesdropper” is only listening not transmitting. Such sensitive information as bank account details, credit card numbers, usernames and passwords may be recorded.
Hacking – Even when the security features of a wireless network have been switched on unless these features are set-up correctly then anyone in range can hack in to the network. All home wireless network routers have a standard username and password for the administration of the network. All a hacker has to do is go through the list of standard usernames and passwords until he gains access. A hacker may then use your network for any of the above or gain access to your PC – your firewall may not prevent him because, as he is connected to your network, he is within the trusted zone.
Most wireless network equipment, when it comes out of the box, is not protected against these threats by default. This means you have to configure the network yourself to make it a secure wireless network.
How to secure a wireless network
Although all wireless equipment marked as 802.11 will have standard features such as encryption and access control each manufacturer has a different way it is controlled or accessed. This means that the advice that follows may seem a bit technical because we can only tell you what you have to do not how to do it. You should read the manual or help files that came with your equipment in order to see how to make a secure wireless network.
1. Use encryption. This is the bedrock of any secure wireless network and means that the data that passes over the wireless can only be decoded with the correct system of encryption and the correct password. Currently there are three methods of encryption for wireless networks usually referred to by their acronyms: WPA2, WPA-PSK and WEP. Each method can only be used if all the equipment on the network has the capability. As WPA2 is the most recent method of encryption, unless you have recently obtained the latest PCs, laptops & network device you probably will not be able to use it. WPA-PSK is the next best and is available on most hardware. If you are using older access points and network cards, you may find that you can only use WEP. Each method requires a “key” (a word or phrase used to make the encryption work). Make sure you use a word or phrase that would not be easily guessed. For example, don’t use your address as the key.
2. Set up your network infrastructure as “access point” and not “ad-hoc” or “peer to peer”. These last two (ad-hoc and peer-to-peer) mean that network devices such as PCs and laptops can connect directly with each other without going through an access point. You have more control over how devices connect if you set the infrastructure to “access point” and so will make for a more secure wireless network.
3. choose an obscure name for the network – This important tip to having a secure wireless network is probably not used by about 99% of home users. The technical term for the name of the wireless network is “SSID”. The default SSID is usually the name and model of the wireless router or Internet provider e.g. NetgearDG834G or Sky9091. If you leave the SSID like this it makes hacking very easy so change the SSID as soon as you set up your network. Don’t use your address, house name or family name these are too easy to guess.
4. Switch off the SSID broadcast. This tip goes hand in hand with No3 in creating a secure wireless network. This means that anyone wishing to connect to your wireless network must know its SSID i.e. the name of the network.
5. Change the name and password of the administration user for the wireless router but don’t forget to make a note of what you change it to. A secure wireless network will have an admin user ID that is difficult to guess and a strong password that uses letter and numbers.
6. Unplug the wireless router whenever you are going to be away from home (or the office). It’s also a good idea to set the time that the network can be used if the device allows it. For example, in an office you may not want to unplug the wireless router at the end of every day so you could set it to only allow connections between the hours of 7:30 AM and 7:30 PM.
7. Use MAC filtering If your wireless router or access point allows it, MAC filtering easily adds one more layer to make your wireless network secure. Every network card (the device installed in PCs and laptops that connect it to a network) has its own unique code, called a “MAC address”. In Windows XP you can see the MAC address by right-clicking on the network connection, choose “status” and then the “support” tab. In the support window click on “details”. The code labeled “physical address” is the MAC code for that network connection device. Make sure it’s the wireless network connection you select as the LAN connection will have a different MAC address. Most wireless routers or access points allow you to list the MAC codes that you wish to use the network. This means that you must grant permission to any PC or laptop that wants to connect to the network.
If you can put all seven of these tips in operation you will have a very secure wireless network.