Securing Your Wireless Network

by Colin R on 07/16/2009 in Computers, Security, Security Info

Wireless connections are a great choice for home networking as they overcome the problems of portability and using PC’s elsewhere.

Because wifi uses radio waves to communicate, these are frequently strong enough to be seen by others in the vicinity. If you have not setup your security properly, then it is an open invitation to hackers.

Hackers already know this and search for stray signals and with the right information, they could access your networked computers and files. There are 75 per cent of WLAN users that do not have basic security features installed, while 20 per cent are left completely open with the default configurations.

It is recommended that when you setup your wireless router/access point always do this on a wired client (Desktop Computer wired to the Internet).

Hackers look for unsecured networks that use the default settings which usually offer little or no protection, so the first steps are to configure your router, usually through a browser.

You need to communicate with the router using its IP address, usually something like 192.168.0.1 and you simply type this into the address bar of your browser to open the router configuration. Your router has a preset login and password and these can be found in the user manual or at the vendor’s website, but frequently it will be something like ‘Admin’ and the password field left blank.

Routers are basically plug and play and many users leave the default settings as they are which offers very little in the way of security, as the vendors make it very simple to install within a few minutes.

Quite often, there is a series of sub-menu’s and you need to familiarize yourself with them. Most routers now offer WPA and WPA2 encryption. WPA-PSK uses a pre-shared key and you will be prompted to enter a pass phrase of 8 to 63 characters, using letters, numbers and symbols to make it strong, do NOT use words found in dictionaries and make it at least 20 characters in length. The router will use this to build an encryption key for you.

WPA2 is the safest version to use along with AES – Advanced Encryption Standard, which is one of the few that is approved by the US government. The weakest point of WPA and WPA2 is your pass phrase, so ensure that it is strong.

Router and Access Point Setup

1. Setup router/access point not to broadcast the SSID. The same SSID needs to be setup on the client side manually and block anonymous Internet requests or pings.
2. On each computer having a wireless network card, network connection properties should be configured to allow connections to Access Point Networks Only.
3. Computer to Computer (peer to peer) Connection should not be allowed.
4. Enable MAC filtering and deny availability to your wireless network for unspecified MAC addresses.
5. Mac or Physical addresses are available through your computer device network connection setup and they are physically written on network cards. When adding new wireless cards / computers to the network, their MAC addresses should be registered with the router/access point.

Do NOT use WEP – Wired Equivalent Privacy, as this can be very quickly hacked with a few simple tools that are readily available. All PC’s on your network also need to have WPA2 compatibility and most routers are also backward compatible for use with older machines. Check the vendors site for product updates for your router and wireless adapters.

Once your router is configured to use WPA2 encryption, you will need to setup your computers with the new settings.

1. Click Start then Control Panel and double-click Network Connections.
2. Right-click Wireless Network Connection and select Properties from the menu.
3. Select the Wireless Networks tab and under ‘Preferred networks’ you should see your network listed. Select it and click Properties and if you don’t see it listed, click the ‘Add’ button.
4. In the box labeled ‘Network name (SSID)’ enter your network’s name.
5. Under Network Authentication, select WPA-PSK and under ‘Data encryption’ select AES then under ‘Network key’ enter the same pass phrase you used for your router which you will have to enter twice to confirm it. Ensure that the checkbox labeled ‘The key is provided for me automatically’ is not marked, then click OK twice.

You will need to do this to each computer connected to your network, you can also restrict access by entering the MAC address for each computers device and allowing only those to connect to your network.

Simple steps that protect your network and stop others from hacking into your PC and using your connection. It takes a little while to set it up, but it is worth the extra time to increase your security.