Drive up and down any neighborhood with a Laptop and wireless network card and chances are very good there is an unprotected wireless network waiting for anyone to connect. Imagine the hacker or your neighbor who has been using your connection and possibly capturing all data being transmitted over the Network. Your Email, Bank and Credit Card account information vulnerable and out in the open for anyone to steal.
If this sounds like your home wireless network, it’s time you put security in place and lock out unwanted guest. Beyond the oblivious security measures, changing and disabling SSID broadcast, turning off your wireless router when not is use, these 5 tips will secure a home wireless network in layers, and give the boot to even the most seasoned professional.
Tip #1 – Do not use DHCP – Using DHCP is very convenient, especially for intruders. DHCP automatically hands out IP addresses to any who successfully connects to your Network. When disabled, every computer or device must be manually assigned an IP address. All computers, printers and devices on your network will need to be manually configured with static IP addresses. The threat of just handing out access is eliminated and you gain more control over who can connect to the network.
Also consider changing the router local IP address to something other than 192.168.1.1 that most wireless routers are configured by default. Use an address of 10.0.0.x for the router and for assigning IP addresses to devices on your network. Changes to the defaults set by the router manufacture will help keep intruders guessing and keep them off the network.
Tip #2 – Change The Router Default Password – While this may seems like the most logical task when setting up a wireless router, many people ignore changing the password. You will be surprised how many people think just using encryption on their wireless network will prevent someone from gaining access to your router. With router vendors using well known default passwords such as admin for Linksys, Dlink and Netgear, encryption will not stop intruder access to the administration interface and gaining access to more than just your Network.
Best practice is to change your password using a complex password. If your name is Joseph, you can easily mix alpha, numeric, and special characters to make a password you will never forget such as J0s3ph!r0ut3r*
Tip #3 – Implement The Strongest Form Of Encryption – This can potentially be the weak point of your Network, since wireless signals transmit over the airways. A hacker does not need to be connected to the Network to steal data. Use the highest encryption available. such as WPA-Personal or WPA2 with a long pass phrase mixed with alpha, numeric and special characters. Ignore anyone who advises you to at least use WEP, which is a very weak form of encryption.
WEP (wireless encryption protocol) is one of the earliest form of encryption and the easiest to break. You will be at risk by not upgrading to a better wireless router, that offers newer encryption technology. If you run a home business, or use online banking, there is no excuse to protect your self by making a small investment for security.
Tip #4 Enable MAC Filtering: A MAC (Media Access Control) address is a unique identifier, similar to fingerprints for people. MAC’s are assigned during the manufacturing of a network device, such as a network card or Wireless adapter. Enabling MAC Filter allows you to control which wireless-equipped Computers may or may not communicate with the Router depending on their MAC addresses and not allow any Computers that have not been added to the list.
Tip #5 – Secure your Computer – Gaining access to your home network from your router is not the only entry point that exists. The sites you visit and protocols used, if not trusted, can be an invitation to theft of identity.
What do I mean by protocol? An example of a protocol is HTTP, HTTPs, FTP, etc. When creating username and passwords on websites such as financial related sites should always use HTTPS. These sites may need to install Java applets or ActiveX controls which could contain malicious code that can create a backdoor into your network remotely.
Make sure the site is authentic by verifying the certificate used and never respond to emails that claim account information is needed. Avoid being tricked into thinking it is your financial institute or site where you made a credit card purchases. Antivirus and Spyware software should always be up to date as well as making sure your Computer has the latest patches installed.
Protecting your home today involves more than just deadbolts and alarms. With technology creeping into your house in the form of wires, cables and airways, securing your personal data today involves, information, knowledge and good common sense.