Wireless Network Security

Although it is relatively easy for SOHO (Small Office/Home Office) and home users to set up their own Wireless networks, the default settings on a WAP (Wireless Access Point) usually come with no security configured.

As a result, if you leave these settings as they are, then this WLAN (Wireless Local Area Network) you are creating can leave you open to hackers who want to compromise your computer and/or steal information from it.

As a result it is essential that you take the necessary steps to secure your Wireless network.

Why do you need wireless security?

In a traditional wired network you need to have physical access to the network. You either need access to a cable that is already connected to the LAN, or be able to attach a cable to say a patch panel or switch port that will create a new physical connection for you.

With a wireless network, however, you have a radio signal that permeates the very air around us. Because of the broadcast nature of WLANs, it is far easier to access this sort of network, especially when the signal is usually powerful enough to emanate outside of a building and so potentially provide network access to those outside.

Another benefit of a cabled network is that the transfer of data between computers remains within the wires themselves. Contrast this with a Wireless network, in which the data is now easier to intercept and/or corrupt.

As a result you need to secure your wireless network in the following ways:

* Request user authentication to prevent unauthorized access to your network.
* Use data privacy to protect the integrity and privacy of the data being transmitted.


How do you secure your Wireless network?

1. Change the SSID When you configure your WAP change the default SSID (Service Set IDentifier). Don’t pick something that easily identifies you, like your name, street address, etc. Instead pick something complicated that is difficult to guess and is made up of a mixture of letters and numbers e.g. m6jvUm9mHuQfA4h5tgCH

2. Disable SSID broadcasting In addition, make sure your WAP isn’t configured to broadcast your SSID. Although this is not a secure method of protecting your network, it does mean your WLAN is not so openly available to intrusion.

3. Configure WPA or WPA2 To authorize access to your Wireless network you should choose a security setting of WPA-PSK (Wi-Fi Protected Access Pre-Shared Key) or better yet WPA2-PSK if available.

Although Windows XP supports both of these security methods, you still need a wireless adapter that supports WPA as well.

NOTE: WEP (Wired Equivalent Privacy) is the earlier attempt to secure wireless connections and it is not secure enough. If this is all your WPA has to offer then you should either upgrade the firmware on it, if this will then give you WPA, or purchase a newer device.

You also need to choose a password for WPA-PSK. Like your SSID, this too needs to be complicated and so not easy to guess.

4. Restrict access based on MAC authentication Your wireless network adapter has a physical address called a MAC (Media Access Control) address. You can take advantage of this by configuring your WAP to only allow access to those MAC addresses you want to give access to your network and so restrict which computers can get connected. Although a MAC address can still be spoofed, this is yet another obstacle to deter the casual hacker.

5. Change the administrator account/password Your WAP will come with a standard administrator account and password. So anyone who has bought the same device will know what these are. Change the password to one that isn’t easy to guess and if possible change the name of the administrator account as well.


Summary

A Wireless network is a great way to get Internet access without having to lay down cabling, but out of the box these are completely insecure.

With the threat of hackers, viruses and spyware unlikely to go away you must secure your Wireless network if you want to keep your computer and the data on it safe.