Guidelines for Securing Your Wireless Network
Though your new wireless network allows you to have the freedom to surf the Internet anywhere in your house, it's also good news for your close neighbors, because some of them can now surf the Internet for free! Unlike a wired network, where you need to have physical access to a network point in order to gain access to the network, a wireless network extends beyond the four walls of your house.
Most wireless access points and routers provide a Web-based configuration program for configuring the wireless access point. Below are some guidelines for "securing" your wireless network:
Change the default SSID:
To improve the security of your home wireless network, change the SSID to a different name than the default. The SSID can be accessed from within these products' Web-based or Windows-based configuration utilities. Common examples of pre-defined SSIDs are simple names like "wireless," "netgear," "linksys," or "default." An SSID can be changed at any time, as long as the change is also made on all wireless clients.
Disable SSID broadcast:
By default, most wireless access points will broadcast the SSID to all wireless devices. This would allow anyone with a wireless network card that can detect the SSID you use to gain access to your network. This feature of Wi-Fi network protocols is intended to allow clients to dynamically discover and roam between WLANs. In a home Wi-Fi network, roaming is largely unnecessary and the SSID broadcast feature serves no useful purpose.
Use MAC address filtering:
MAC filtering is the process of configuring an access point with a list of MAC addresses that will be allowed or not allowed to gain access to the rest of the network via that WAP. Only MAC addresses that have been registered with the wireless access point are able to gain access to your network. You can usually locate the MAC address of your network card on the device itself.
Always change the default user name and password for your wireless access point:
Guessing the default user names and passwords for the wireless access points is a common practice for hackers to gain access to networks.
Turn off DHCP:
Consider setting the wireless router to assign static IP addresses to the machines on your home network and turn off DHCP.
Refrain from using the default IP subnet:
If you turn off DHCP, consider changing the IP subnet. Many routers use 192.168.1.0 for the network and 192.168.1.1 as the address for the router. It is easy for people to guess the IP addresses used and illegally gain access to the network.
Enable WEP:
It is disabled by default. WEP is not considered totally secure, but it is free and will provide an initial barrier. Purchase network adapters and access points that support at least 128-bit WEP. Some network adapters may only require a driver upgrade to increase to 128-bit encryption.
