For the average person wireless security can pose something of a headache.
With all the wireless security options on today’s routers configuring security settings on your WiFi networking products can be both time-consuming and counter-intuitive.
However, wireless security is essential, and your router or access point is the hub of your network so you really do need to start there.
Here are 7 simple tips to ensure that you have at least a basic level of security set up on your wireless router or access point.
1. Change The Default Administrator Log In
Nearly all modern wireless routers and access points can be accessed via a web interface, i.e. linksys wireless routers can be accessed via an ip address of 192.168.1.1.
Such a web interface allows the average user to make relatively easy adjustments to their router’s configuration.
However, these web addresses are well known to hackers, as are the default details for logging on and the associated password.
For that reason, it is highly recommended that you change your username and password immediately after setting your router up.
2. Change The Default SSID
All wireless access points and routers use a name, called an SSID, to identify themselves and their networks, for example a D-Link router has a SSID of ‘dlink’ by default.
As the majority of manufacturers tend to ship all their networking products with the same default SSID on all their products this proves to be a potential security issue.
If a hacker sees a router with a default SSID then this will signal to them the fact that the security on that router is poorly configured.
Therefore it follows that a hacker is much more likely to target a network operating under a default SSID.
When you first configure your router it is advisable, therefore, to change your SSIS to a new name, preferably one that doesn’t identify your name or location.
3. Don’t Broadcast SSID At All
The SSIDs I mentioned above are broadcast over the air at regular intervals.
This is so that wireless clients can connect to the network as soon as they come into range of the network.
Typically, this is a function that only has a use to business users and wireless hotspot areas.
For a home network it is not necessary as all the computers remain in a static location.
In such instances broadcasting the SSID just invites hackers to try their hands at getting into your system.
Therefore, if you have no need to broadcast your SSID then do not do so – disable that feature through your wireless router’s configuration screens.
4. Enable MAC Address Filtering
Each piece of equipment that you attach to your wireless network is identified via it’s own code known as it’s MAC address.
In order to communicate with these devices the access points and routers have to keep track of all the MAC addresses assigned to the devices that are connected to them.
A good router will allow you to restrict access to the network to only those MAC addresses that you specify.
This makes it much, much harder for other systems you haven’t specified to access your network.
5. Switch The Firewall On
Bit of a no-brainer this one but you’d be surprised how many people don’t do it – switch the router’s firewall on.
Most modern routers or access points have their own built-in firewalls which should be used in conjunction with your own software firewall.
Sometimes, though, I have seen routers shipped with the firewall disabled by default – make sure yours is turned on.
6. Choose Your Positioning Wisely
As any woman will tell you, getting your positioning right is essential.
WiFi signals travel through the air, hence why you can achieve a connection in multiple rooms in your property.
This also means that they can travel outside of your home,
Obviously, hackers can then take advantage of this fact in order to try to gain access to your wireless network.
By simply choosing a good location for your wireless router you can minimise the range your signal travels out to and hence decrease the likelihood of being ables to detect it.
7. Switch It Off!
When no-one in your home needs to connect to the network do you really need to have it switched on?
Whenever the network is not required for significant periods of time it may be a good idea to switch the network off.
Obviously this makes any kind of hacking attempt impossible.
{ 8 trackbacks }
{ 9 comments… read them below or add one }
Thanks for sharing these helpful tips I’m defiantly going to shut of the broadcast and look into the mac address settings.
I think people often forget that wireless networks are nowhere near as secure as wired ones.
Thanks to SSID I now know what SSID actually means.
Well done Scam thats an excellent article on wireless security.
SSID on a wireless network stands for Service Set IDentifier.
I’ve always wondered with network names what does SSID stand for?
Thanks Peter
Ha ha, I had a couple of people email me to ask that too.
I would imagine you are absolutely spot on Diablo.