|
G E T T I N G S T A R T E D
Frequently Asked Questions About Wireless Security >>
Tips for Securing Your Wireless Network >>
Links to Manufacturers' Router Documentation >>
Ask us a Question via e-mail >>
F A Q ' s A B O U T W I R E L E S S S E C U R I T Y
The best way to secure a wireless network is to change the configuration of your router to something different than the manufacturer defaults.
1. What can happen if it is left insecure?
Hacker can access your local network and sniff for data (passwords and files).
Hacker can access the web and do any illegal activity on your part.
2. What if I don't set a router password?
A hacker can disable your Internet connection and lock it with a password - you then have to figure out how to fix it. It can be fixed, but requires you to completely reset your router (see documentation for more info).
3. What if I don't disable SSID broadcast?
Hackers can drive by your home and pinpoint your wireless network, they can then connect to your network. With SSID broadcast off your network is not easily detected. Not disabling SSID broadcast is like leaving your front door open.
4. What if I do disable SSID broadcast but do not change my SSID?
Hackers can then assume you are using one of a few default SSIDs and log onto your network. During a recent war drive - almost 80% of the open networks located where using the default SSID. For example:
D-Link = default
Linksys = linksys
5. What if I don't enable WEP?
If a hacker is able to connect/compromise to your network, he can then sniff your packets right out of the air. These packets contain usernames, passwords, credit card numbers, etc. You will want to enable WEP.
6. I heard WEP can be broken. What of this?
WEP can be broken and WEP is not perfect. However to a hacker, WEP may be enough deterrent to move on. In a neighborhood with 8 open networks and 2 WEP protected networks, a logical hacker will ignore the WEP protected networks. Cracking WEP can sometimes take days and is getting harder for hackers as wireless equipment gets better.
7. Why 128bit WEP, it is so long?
The longer the key the more difficult it is to crack.
T I P S F O R S E C U R I N G Y O U R W I R E L E S S N E T W O R K
The following list of tips for securing your wireless network may require some basic configuration or knowledge of how to change settings in your wireless router and on your computer.
If you are unsure how to configure your router, we've provided a link to major manufacturers of wireless routing equipment links to download their documentation to secure your network. Click here to view list of manufacturers.
Use these icons as a reference for skill/knowledge level below:
| Skill | | Tip or Procedure |
 | | 1. When browsing the web, make sure your browser connection to the web server is encrypted. Encryption (SSL) is when the browser and web server create a secure connection. You can tell your connection is secure by looking for a yellow padlock on the bottom status bar of your browser. This means your info, credit card, etc. is protected. Only the server and your computer can interpret the encrypted data.
If the site does not display the SSL icon (yellow padlock in your browser), be hesitant of submitting personal or financial data through your connection. Maybe place order by phone or mail.
When in doubt, use a computer that is wired to the Internet (not wireless) and SSL encryption is enabled.
|
 | | 2. Change your router's administration password (to something unique, something beside the default password from the factory). If applicable, turn off "Remote Administration" in the interface.
Most routers offer an online control panel administration/interface to configure settings, refer to your equipment documentation for more info.
|
| | 3. From the online interface/administration, enable the 128bit WEP (Wired Equivalent Privacy) and select a key. A key is similar to a password but it is used as a unique identifier that encrypts the information.
Choose a unique and hard to crack key. Your last name or phone number would not be a good idea. But a random string of numbers and characters would be good.
|
| | 4. Change the SSID of your equipment. From the factory, the wireless unit will have a "default" name. If this is not changed, a hacker probably has a 1 in 4 or 1 in 5 shot at guessing it. If you make it unique (i.e. JimsNet55), it will be harder to get onto that network.
Also, disable SSID Broadcast. This means the router will not send out a signal telling other wireless devices what the SSID is of your equipment.
Both of the above can be done in the online administration/interface.
|
 | | 5. From the online administration/interface, limit DHCP to number of computers on the wireless network. If you have 2 systems, limit it to 2 DHCP clients. This way, it will not allow other users to log onto the wireless network.
|
| | 6. Change the IP range of your wireless router or DHCP Server/Router to a lesser known range.
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
|
| | 7. Enable MAC address filtering on your network. The MAC address is a unique series of numbers and letters assigned to every networking device. With MAC address filtering enabled, wireless network access is provided solely for wireless devices with specific MAC addresses. This makes it harder for a hacker to access your network using a random MAC address.
This may not be available on all wireless equipment.
|
L I N K S T O W I R E L E S S R O U T E R D O C U M E N T A T I O N
Click the following link to get to the Linksys download page. Here you will select your product by name or model number, then select your operating system. You will then see links to support documents, user guides, etc.
Linksys Documentation: Go There Now >>
Click the following link to get to the D-Link product page. Here you will select your product by name. You will then see links to support documents, user guides, etc.
D-Link Support: Go There Now >>
Click the following link to get to the Netgear support page. Here you will select your product type then model name. You will then see links to support documents, user guides, etc.
Netgear Support: Go There Now >>
Click the following link to get to the Microsoft Wireless support page. Here you will select from broadband support items.
Microsoft Broadband Support: Go There Now >>
A S K U S A Q U E S T I O N
Still have questions or need more information? Please e-mail us your questions/concerns at the address below. If you already have wireless equipment, please specify what brand and model you have as well as your operating system (i.e. Windows 98, Windows XP, Mac...).
Send inquiries to:
wireless@ctechinternet.com
|
|
