tocol (WEP) and Wi-Fi Protected Access (WPA). Don’t use WEP — it’s not nearly as safe as WPA. In fact, the biggest security breach in history was caused because a store owned by The TJX Companies Inc. used WEP, which allowed hackers to break into the network.
Bad guys don’t target just big, corporate networks. If you have a Wi-Fi network at home or in a small office, intruders may be after you, such as casual “war drivers” who troll city streets, looking for unprotected wireless networks.
It may not just be malicious attackers who cause problems. If you don’t change the defaults of your wireless network, a neighbor with the same router make and model might accidentally connect to your network, stealing your bandwidth or reconfiguring your router and network without your knowledge.
Fear not, though. There’s plenty you can do to protect yourself. In this article, I’ll show you how.
Before you do anything else, change the administrator password on your router. Every model of router comes preconfigured with a standard password, and hackers know this. So it’s exceedingly easy for someone to hop onto your network, gain full control over its administrative rights and wreak havoc.
your network’s name, and if people know what your SSID is, it’s easier for them to find your network and connect to it. Your router broadcasts its SSID, and that broadcast tells passersby there’s a network there. It also gives out the name.
So, if you turn off SSID broadcasting, you’ll go partway toward keeping casual users from seeing your network. But doing that, by itself, won’t necessarily solve the problem. Even if you stop broadcasting your network’s name, people might still be able to connect to your network. That’s because manufacturers generally ship their wireless routers with the same generic SSID; for example, Linksys routers all have the SSID Linksys by default. So, even if you stop broadcasting your SSID, intruders can easily guess your router’s name and log on.
To solve the problem, first change your SSID’s name, and then hide it. That way, passersby won’t see it, and they won’t be able to guess it either.
If you take only one step to protect your home or small office network, it should be this: Use encryption. Wi-Fi networks are incredibly convenient — and incredibly easy to spy upon. All that data going out over the air among your PCs and between your PCs and the Internet can easily be snooped on by anyone nearby using simple, off-the-shelf software such as packet sniffers.
There are two encryption Wi-Fi
standards: Wireless Equivalent Pro-
There’s another way to protect your wireless network: Tell it to allow only certain computers to connect, and ban all others. To do that, you’ll filter by media access control (MAC) addresses, which are in essence IDs for wireless adapters. Every piece of networking hardware has a unique MAC address. So you’ll be able to tell your router to allow only specific MAC addresses onto the network and keep all others off.
This simple precaution can go a very long way toward keeping you safe: Simply turn off your router when you’re not using your network. If you’re off at work all day and no one’s home, why keep your router running? The same holds true for when you sleep or are away from your house for another reason. The less time your wireless network is available, the less likely it is to get hacked.
You can never be too safe, and so even if you’ve taken all this advice, it’s a good idea to check your network to see if intruders have made their way in. And if you haven’t taken all this advice, that’s all the more reason to check.
—Preston Gralla
References:
Archives