français
Deutsch
español
italiano
A guide to securing a wireless network
/wedata%2F0027822%2F%2Favatar-1307051190.jpg){kind=avatar}
Don Manley
The growing popularity and availability of wireless access to the internet has made having secure networks more important than ever before and yet conversely, because of the plug and play type set-up of Wi-Fi networks, Wi-Fi security is often overlooked. Below is a guide to some of the security options available.
/wedata%2F0027822%2F2011-08%2FWide-Range_3.jpg)
Securing your router
Strong network security is meaningless if a hacker can simply log onto the administration page of your router and disable it. Most routers use very common default passwords such as 12345 or admin. Make sure that you change this to something more secure. Disabling the SSID broadcast will make it necessary to know of the networks existence and its name to connect. This has obvious advantages, but can still be overcome by a hacker with the proper equipment. Lastly, disable the remote administration feature of the router, if applicable, unless it is absolutely necessary and can be configured to only accept administration from certain IP addresses.
WEP, WAP, and WAP2
WEP, WAP, and WAP2 encryption, all generate a series of passwords that are used to secure your network. The passwords will be found on your network administration page and need to be noted and provided to any computer on the network. Of the three, WAP and WAP2 are the most secure, as they monitor password integrity and have a larger character base for their passwords, but WAP2 may not be supported by older hardware or operating systems. Similarly, it will be necessary to use WEP in certain situations as not all wireless devices support WAP encryption. If that is the case, be aware that while WEP is better than nothing. Obviously, it is recommended, if it is the only option, it has well-known weaknesses and a hacker with the right equipment can bypass it.
Other options
MAC Filtering Unlike IP addresses, which are generic and generated whenever needed, each MAC address is unique to a specific machine or more specifically, its network adapter. Due to this, MAC filtering can limit access to your network to only machines that you have specifically specified. Unfortunately, finding and entering the MAC addresses of all your equipment can be inconvenient, especially with a large group of users or high turn-over. It should also be noted that it is possible for a determined hacker to "spoof" a MAC address. Reduce power Lastly, and least ideally, you can simply reduce the power of your WLAN broadcast. This adds security by the simple expedient of being harder to detect, but also reduces network performance.
/wedata%2F0024444%2F2011-06%2FThree-office-workers_4.jpg)
/wedata%2F0028228%2F2011-07%2FSilicon-Beach-Training---IT-Training.jpg)
/wedata%2F0029265%2F2011-06%2Fmy-new-laptop.jpg)
/wedata%2F0016195%2F2011-05%2FA-little-diagram-of-an-IP-Address-IPv4.png)