Wireless home networks can be dangerous. If not setup properly, you are exposing the files on your computers to any hackers and potentially setting yourself to be accused of criminal activity. You see, if people are going to do illegal things online, they’d rather use a connection that does not belong to them. It offers them an extra layer of protection against getting busted. However, it’s your IP address that gets recorded with such activity, and ultimately your door the police will be knocking on.

Now if you have an unsecured open connection, people will connect to it, either on purpose or by accident, and surf the web on your dime doing who knows what. This could lead to slow speeds on your broadband connection for you if too many people are on it. That is once side of it. The other side is the hackers that will try to get access to your router administration panel and from there try to gain access to your private files on your PC, or install keyboard loggers that record everything you type, just to name a few.Here are a few layers of protection that will ensure this does not happen to you.

1. Change the default username and password.

This seems like general common sense, but it’s surprising how many people do not do this. Just about all routers have a default out-of-the-box login. They’re usually very simple like “admin”. Just about all default login information, which varies from brand to brand, is known to hackers around the net. You can do searches and find complete lists. Don’t become a victim because you didn’t know how, or were too lazy to change your password.

All routers are different, so consult your manual or check the manufacturer’s website for specific instructions. However, it usually involves logging into the router through your web browser (with the default credentials), selecting the option to “change password”, typing something hard to guess but easy for you to remember into the box and hitting save. Pretty simple huh? While you’re there, you should also….

2. Change the default SSID.

This is the router’s ID. If you have a Linksys router, the default ID is “linksys“. This is what is used to identify your network and it can be virtually anything you’d like, but should not be any personal identifying information. For example, don’t use your name or house number as an ID. Whether you’ve got the only wireless access point or are one of many in your location, you don’t want to be the one that is matched up to an actual name, address or apartment number.

If you don’t change your router ID, hackers can’t really use it to get into your system if you’ve changed the router password and set an access key, however, it’s a good starting point for them. When they see routers that have the default factory settings, it usually means zero or little security. For example, if someone sees “linksys” while scanning for networks, you can bet they’ll try to exploit that one first. Chances are they’ll see if “admin” will work as the password. If it does, they’re into your router’s administrative settings and off to the races. It’s that simple.

3. Disable SSID Broadcasting.

You can easily disable the broadcasting of your SSID into the airwaves by simply shutting it off somewhere in the security settings of your router’s control panel. However, if you have a lot of wireless connections going, it’s probably best to leave this on and secure access with data encryption and an access key. If you have a setup where your desktop computer is plugged directly into the router, and you only use the wireless options on occasion with a laptop or another system in the house that connect wirelessly, then you’re giving yourself an extra layer of protection by only turning on the SSID broadcasting when you intend to use it.

4. Turn on Data Encryption.

All wireless routers have some form of “encryption.” It’s technology that scrambles data sent over your wireless networks so that they cannot be easily read by humans. There are a few encryption technologies that you can select from, ranging from WEP to WPA. WPA encryption is said to be more secure than WEP encryption. For the sake of simplicity, I always recommend the WPA Preshared Key setting. Select that in your router’s security settings, and then type in a shared key. This will become the key needed for computers to log onto your network.

For example, lets say you set your SSID/network name to orange. Then you go into the security area and enable WPA and give it a really good key/passphrase of scruffytuffybuffy2006@catshavefleas; something almost random but easy for you to remember. When anyone scanning for wi-fi spots your network (assuming you have SSID broadcasting enabled), they’ll see orange as one of the networks in range, along with a “Secured Network” message. If they tried to click onto it chances are they wont know your long passphrase key, so they’re denied and off to try another connection.

5. Watch where you place that router.

If possible, try to place your router somewhere near the center of your home. This will help minimize signal leakage outdoors. Placing the router near walls and windows will make the signal strength stronger outside. However, if this is not an option, then you’ll still be safe if you use the tips above.

6. Unplug it.

Some people leave their systems and networks running 24/7. For extra protection, unplug the router when it’s not going to be in use for a long period of time such as when going on vacation or even away for the weekend.

7. Keep an eye on the Firmware.

You should check periodically if you have the latest firmware. This can be easily done through the admin interface. You can also go to the website of the company that makes your router, look for the page for your specific brand and see if there have been any updates. Firmware is more or less the brain of the device. Many router manufacturers regularly upgrade the firmware with both new features and bug fixes.

MORE ON THE WEB

• Episodes 11 (Bad WiFi Security) and 13 (Unbreakable WiFi Security) of Security Now! with security expert Steve Gibson and host Leo Laport, has great information about into Wi-Fi security. You can listen to the shows or read the transcripts online.

This entry was posted on Sunday, February 26th, 2006 at 3:05 am and is filed under Privacy, Wireless. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.