How can I secure my wireless network?

Many people setting up wireless home networks rush through the job to get their Internet connectivity working as quickly as possible. That’s totally understandable, but it’s also quite risky.

Today’s Wi-Fi products don’t help the situation as configuring their security features can be slow and non-intuitive, right out of the box typically they have little or no security pre-configured in order to “help” get you up and running ASAP.

The risks of an open wireless network include having people share your internet connection which may seem innocent enough but consider anything they do traces back to you, for example if they do anything illegal it will appear as if it was you …scary stuff. It also means your internet will probably run slower because they are also using your connection, your bandwidth usage may skyrocket causing your internet service provider to charge you for the extra usage. And of course they will have access to your entire local network and even possibly allowing them to take over your computer.

The recommendations below summarize the steps you should take, in order to importance, to improve the security of your home wireless LAN.

  1. Change Default Administrator Passwords (and Usernames)
    At the core of most Wi-Fi home networks is an access point or router. To set up these pieces of equipment, manufacturers provide Web pages that allow owners to enter their network address and account information. These Web tools are protected with a login screen (username and password) so that only the rightful owner can do this. However, for any given piece of equipment, the logins provided are simple and very well-known to hackers on the Internet. Change these settings immediately.
  2. Turn on (Compatible) WPA / WEP Encryption
    All Wi-Fi equipment supports some form of “encryption.” Encryption technology scrambles messages sent over wireless networks so that they cannot be easily read by humans. Several encryption technologies exist for Wi-Fi today. Naturally you will want to pick the strongest form of encryption that works with your wireless network. To function, though, all Wi-Fi devices on your LAN must share the identical encryption settings. Therefore you may need to find a lowest common demoninator setting.
  3. Change the Default SSID
    Access points and routers all use a network name called the SSID. Manufacturers normally ship their products with the same SSID set. For example, the SSID for Linksys devices is normally “linksys.” True, knowing the SSID does not by itself allow anyone to break into your network, but it is a start. More importantly, when someone finds a default SSID, they see it is a poorly configured network and are much more likely to attack it. Change the default SSID immediately when configuring your LAN.
  4. Enable MAC Address Filtering
    Each piece of Wi-Fi gear possesses a unique identifier called the “physical address” or “MAC address.” Access points and routers keep track of the MAC addresses of all devices that connect to them. Many such products offer the owner an option to key in the MAC addresses of their home equipment, that restricts the network to only allow connections from those devices. Do this, but also know that the feature is not so powerful as it may seem.