Tips for Setting up and Securing Home Wireless
The ease and convenience of setting up wireless Internet access has allowed and encouraged many to use this technology at home. While most Wireless Access Points (WAPs) or Wireless Access Routers that can be bought today do a fairly good job of securing the most basic aspects of your home network, a little education, planning, and setup time will allow you to feel more secure in turning on your device and using it for any of your computing needs.
The first thing to understand is the differing technologies used for wireless. All wireless devices fall into the 802.11 standard with the most common versions being A, B, and G.
Each of these uses the same unregulated 2.4 GHz range. This may look familiar as it is the same range used by many cordless phones. This can cause interference for both your wireless phone and your wireless computing devices.
The A/B/G versions are each a bit different, but for the scope of this article you will probably be using the B or G standard.
Make sure that your wireless devices and WAP are of the same version.
Here are some basic tips to help keep your wireless data a bit more secure. Bear in mind that anything that is broadcast can be intercepted and decoded.
Disable the SSID broadcast.
Each WAP uses what is called an SSID to tell everyone that can see the signal its name. This is commonly set to some factory default that should be changed as soon as you set up your device. This is also the first place you can start protecting yourself.
Any WAP you purchase should allow you to disable the broadcast of this SSID. Why do this? Simple. It is much harder for someone to gain access to something that isn't broadcasting its existence to the world. You will need to remember the SSID for connecting your computer to the access point.
Change the default Administrator password for the WAP.
Each WAP has a default administrator password. Too many times someone can break into your system by simply using a list of common administrator passwords that are set at the factory.
Try to pick a very hard, very complicated password using letters, numbers, and special characters.
Don't worry about having to remember it as you shouldn't need to get into your WAP too often to work on it. Just write it down in a safe place and you should be ok.
Turn the Encryption on.
Encryption offers a layer of security to the traffic that is broadcast back and forth between your computer and the WAP. Many common forms of encryption include WEP and WPA.
WEP uses a predefined "key" that is a series of letters and numbers to authenticate you and your computer to the WAP. Again, like passwords, the more complex the better as you will only need this as you first set up your wireless connection for the first time.
WPA is more secure than WEP but may not be supported on your device. Read the owners manual for what is available and how to configure both the device and your computers to use WPA.
Keep your device updated.
Vendors periodically update what is called the firmware for devices. This often includes new features as well as fixing bugs. You should be able to download firmware updates (plus instructions on how to install them) from the vendor's website.
Put your WAP in a good spot and adjust the signal strength.
Before deciding on a final location for your WAP, move it around and see which location gives you the best coverage for your home.
Keep in mind that you want to cover as much as possible without a lot of bleed. Bleed refers to the wireless signal that leaves your home and is visible to anyone with a wireless device in the area. Too many times I have sat at someone's home and connected to other WAPs in the area because everyone just turns the broadcast power all the way up, or never bothered to turn it down. Remember that if someone can see the signal, you have already exposed yourself to possible attack. Wardrivers (people whose hobby is to find WAPs) will love you for it.
Use MAC address filtering.
Each network and wireless device has what is called a MAC address. This is a unique hardware address that identifies a device. MAC addresses look something like AA-00-1F-BC-96-EB. Enter these into your WAP to ensure that only the devices you want to allow can connect.
You can find the MAC address of your device by several methods. The easiest is to:
- Open a command prompt (for Windows users, click on Start --> Run, then type in cmd and click OK).
- In the window that pops up, type ipconfig/all and press Enter.
- Lots of data will show up on your screen. What you want is the Wireless Network Adapter Physical Address. It will look like the example from above (AA-00-1F-BC-96-EB).
- After copying this down, type exit and press Enter to get out of the command prompt.
These few precautions, while they may seem daunting, typically take less than 20 minutes to set up for all of your devices and the WAP. They will help protect you from the theft of your data and your wireless signal while giving you more piece of mind.
If you have any further questions, please contact the Service Desk.