Wi-Fi Security: Protecting Your Network
There’s nothing particularly complicated or scary about securing an internet connection. The majority of the hype is due to it being easier to sell a product that’s going to “protect” you if someone’s afraid.
The only thing you really need to be relatively safe on the internet is a decent firewall, up to date antivirus software, a secure Wi-Fi connection and a little common sense. Keeping up on the latest operating system patches doesn’t hurt either. There’s one great thing about using a router versus an access point or hub in your home or small office: the vast majority of routers have an integrated firewall that works very well.
If you’ve got up to date antivirus software (from Norton, McAfee, AVG, Panda, or another reputable antivirus company) then you’ve only got two things left to really concern yourself with: Wi-Fi Security and common sense.
By common sense I mean scanning the user agreements and paying attention while installing “free programs”, as they often come loaded with spyware and programs that will run in the background sending data about where you surf the net to data mining companies, or popping up ads while you use your computer. This also involves not opening email attachments from people you don’t recognize in emails, or messages that sound fishy on MSN asking you to visit a site or download a file. Toolbars for your web browser are especially notorious for being spyware infested.
Now we’re down to Wi-Fi security, which isn’t nearly as technical and confusing as it may sound. Wireless security is built on two main aspects, the first of which are encryption keys (WEP - Wireless Equivalent Privacy), which is basically a long string of (hexadecimal) characters. All you really need to understand is that to have a secure wireless connection you need to enable encryption on your router, and give each computer on the network the encryption key so they can communicate with the router. This will prevent anybody but a real hacker from accessing your network, and it will be a deterrent even for a real hacker, however encryptions can be broken with enough patience. The longer the encryption, the more time it will take to break.
If you want to make your wireless network extremely secure, you can enable MAC address filtering. Using this feature, you can tell your router to only accept connections from the network cards with the MAC addresses that you specify. Every network card has a unique MAC address burnt into the card, and this address cannot be changed. So by filtering MAC addresses and only allowing those addresses corresponding with network cards in your computer(s), you will be blocking anybody else by default, keeping snooping eyes blind. The only way this could be circumvented would be someone physically using a computer on your network or stealing a network card from one of your networked computers.
None of these methods are flawless, but for home and small office networks that don’t carry highly sensitive information they are generally as much as anyone would ever need. The worst thing someone can do is leave a wireless network wide open (on the default settings), with all the security turned off. I live in a college neighborhood, and I can turn on my wireless card and pick up 4 unsecured networks. I am not a hacker by any means, but with my minimal knowledge of networking I can do the following:
A) Login to the router and change settings, including locking out the people owning that connection from even accessing it
B) Snoop around the network and grab any shared files I might find useful
C) Use a program, such as a packet sniffer, to eavesdrop on network traffic and grab passwords, credit card numbers, or other sensitive information
D) Download anything using that network’s internet connection, including illegal materials that could get the people that own the internet connection in trouble
I can do all those things with a basic knowledge of networks and no real knowledge of hacking. All those things can also be easily prevented, simply by spending a few minutes and enabling security on your home or small business wireless connection.
Consult your manual to see if your router has special login procedures, but most commonly you can login to a router by typing into a web browser the following:
http://192.168.1.1
You’ll likely be prompted with a username and password box. Generally when a router hasn’t been setup, the default is no username and no password, or no username and admin for the password. Consult your manual for specifics on this.
From there you will look for the section on Wireless Security (WEP), and if you feel you need the extra protection, the section on MAC address filtering.
Unless you’re holding something on your computer extremely valuable that people know is there, look at security this way: You are one of thousands. You don’t have to be the most secure, just make your network a little tougher than those around it.
