It’s common nowadays to see people sitting in a park and computing, or at their local Starbucks, tapping away on their keyboards. At home, people are taking advantage of the freedom from cables and wires that a wireless network brings.
But along with that freedom come dangers. After all, wireless is really just radio waves, which don’t just go between your laptop and your network, they go all over the place, just waiting to be plucked from the ether by someone with just the right device and bad intentions.
This Special Report covers home users. Small Businesses face increased risks that come with an increased number of users with increased access to the businesses’ hardware.
The dangers fall into 2 categories – Data Security and Bandwidth Stealing both of which can be solved with the same steps.
At first there was only one provision for restricting wireless access, WEP (Wireless Equivalent Privacy). WEP, however, has many vulnerabilities
Now there’s also WAP (Wireless Application Protocol), which is newer technology and more secure, if you follow the basic steps.
As with almost any technology, the landscape is always changing. New security systems challenge the hackers. They respond with new hacks, which are respsponded to with new security. It’s a never-ending dance.
However, by taking the following simple steps you will greatly reduce your vulnerability, at least for now. Consult the documentation that came with your wireless network hardware and software to see exactly how to implement these steps.
- Don’t use the default Administrator Password
This is the most-often ignored and most basic step. Your Wireless Access Point is shipped with either a default administrative password, or no password at all. Be sure to change this before you you use your WAP for the first time. It should be a password that you will not forget, but would not be easy to guess.
One easy trick is to substitute numbers for letters, for instance the number 3 for the letter E, and the number 7 for the letter T. So the word “gadget” becomes gadg37. Of course you will want a longer password, because the longer the password, the harder to crack. And remember to use boh UPPER and lower case.
Most of the default administrative passwords are well known to the hackers. After all, all they would have to do is check the default password on THEIR wireless devices!
- Replace your default WAP’s SSID
Your Wireless Access Point will have an SSID – a “name” that was given to it at the factory, typically “Linksys” or “default. ” Obviously, these are well known in the hacker community, and the fact that most wireless networks have never had this ID changed makes them more vulnerable.
- Stop Broadcasting Your SSID!
By their very nature, wireless networks broadcast their availability so that wireless cards in devices can find them. But just because it broadcasts it’s presence does NOT mean it has to also broadcast it’s SSID. For a hacker to connect to your network, he has to know your SSID. There’s no sense in just giving it to him!
- Encrypt your transmissions
Right out of the box, your wireless network will send your data completely unencrypted. That means that hackers can capture your data and easily read it. Older networking hardware uses WEP 128-bit encryption when enabled, but newer WPA encryption, now built into most hardware is far superior. It should be required on all your wireless computers and devices.
WPA (Wi-Fi Protected Access) encryption, which includes both scrambling and authentication is much more secure than WEP.
All your wireless computers should use MAC Addressing MAC (Media Accessing Control NOT a MacIntosh computer) is an unique hardware address you should assign to your wireless computers so that your Wireless Access Point will only allow these specific computers to connect to your wireless network.
To find your computer's MAC address, click Start>>Run. In the Open box, type CMD and click OK. At the prompt, type IPCONFIG /ALL and press Enter. Scroll down and write down what is listed as “Physical Address. " It will be something like 00-00-00-00-00-00.
Enter this address in your router's management program. This won't keep determined hackers out, but it makes things more difficult. It might be enough to encourage them to go elsewhere.
- Keep your network and computers updated
As with any software, your Wireless Access Point manufacturer will update the drivers and software to close vulnerabilities and improve performance. By keeping up to date you can stay ahead of the hackers.
- Can you use secure connections?
Nowadays may ISPs will provide SSL and other secure services. Check with your ISP and use these services where available.
- Keep your Operating System and Security Software up to date and patched
Your security software includes anti-virus, anti-spyware, anti-adware and anti-Browser Helper Object software up to date, as well as keeping your Operating Software patched.
- Remember that public hotspots are NOT Secure
Whenever you are using a public hotspot, be aware that you are extra vulnerable. Try to NOT do your banking or other critical computing at public hotspots. You are much better off connecting over a dialup connection than in an insecure environment.
© Steve Freedman, Archer Strategic Alliances, 2005 All Rights Reserved
Author of “Help! Something's Got Hold of My Computer and It Won't Let Go!"
A PC Security eBook for Newbies, Skilled Users and Wizards Archer Strategic Alliances