  Wireless Networking Security - Securing your Wireless Network Modern wireless networking products are inexpensive, simple to set up and very convenient. They are also full of holes... security holes, that is. Wireless networking is now firmly entrenched in the home computer market, and that means that the people buying the products cannot be assumed to have any form of expertise in IT. Ease of use and security tend to be mutually exclusive. Unfortunately, the only way to make a complicated appliance like a wireless router fool proof is to use default settings that will not require the user to change a single settings on any of their other wireless hardware. By extension, this means that any wireless device can connect to said router using default settings. Change the System ID Devices come with a default system ID called the SSID (Service Set Identifier) or ESSID (Extended Service Set Identifier). It is easy for a hacker to find out what the default identifier is for each manufacturer of wireless equipment so you need to change this to something else. Use something unique- not your name or something easily guessed. Disable Identifier Broadcasting Announcing that you have a wireless connection to the world is an invitation for hackers. You already know you have one so you don't need to broadcast it. Check the manual for your hardware and figure out how to disable broadcasting. Enable Encryption WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access) encrypt your data so that only the intended recipient is supposed to be able to read it. WEP has many holes and is easily cracked. 128-bit keys impact performance slightly without a significant increase in security so 40-bit (or 64-bit on some equipment) encryption is just as well. As with all security measures there are ways around it, but by using encryption you will keep the casual hackers out of your systems. If possible, you should use WPA encryption (majority of older equipment can be upgraded to be WPA compatible). WPA fixes the security flaws in WEP but it is still subject to DOS (denial-of-service) attacks. Change the Default Administrator Password This is just good practice for ALL hardware and software. The default passwords are easily obtained and because so many people don't bother to take the simple step of changing them they are usually what hackers try first. Make sure you change the default password on your wireless router / access point to something that is not easily guessed like your last name. Changing the keys periodically is more difficult, because it requires sending out information about the new keys to users and that can be a security problem in itself. But changing keys periodically can help keep your LAN secure, so consider getting a procedure into place to do it. Restrict Unnecessary Traffic Many wired and wireless routers have built-in firewalls. They are not the most technically advanced firewalls, but they help create one more line of defense. Read the manual for your hardware and learn how to configure your router to only allow incoming or outgoing traffic that you have approved. Patch and Protect Your PC's As a last line of defense you should have personal firewall software such as Zone Alarm or Norton Internet Security and anti-virus software installed on your computer. As important as installing the anti-virus software, you must keep it up to date. New viruses are discovered daily and anti-virus software vendors generally release updates at least once a week. You also must keep up to date with patches for known security vulnerabilities. For Microsoft operating systems you can use Windows Update to help keep you current with patches. DTCS offers complete IT solutions for companies of all sizes. We can maintain your network, desktops, servers and technical assets, so that you can concentrate on your core business. Contact Us today and let us help to master your technologies. |
|