There is more than one type of burglary that can affect your home. One involves kicking in the door; another involves compromising your computer. And if the intruder in this scenario has compromised your wireless network, you might as well have given them a key to the front door.
Just as home wireless networks can offer you the freedom to access your online data untethered to a physical connection, if improperly configured, that same wireless local area network (WLAN) gives that freedom to an attacker.
Fortunately, there are a number of steps you can take to make sure your wireless connection is as secure as possible.
Step 1: Avoid Default Passwords
Setting up a router and leaving the default password of the administrator account in place is what in technical terms we call a very, very bad idea. The guest account default settings should be changed as well assuming that has been enabled. Once that is taken care of, the next step is to come up with a strong password to replace the one you just removed. Much has been written about the importance of developing complex passwords in the past. If you need a few tips, start by making sure that you mix letters and numbers into the password so that the password itself is not an actual word. Stay away from birthdays, names, or anything that could be easily guessable.
Step 2: Consider Changing the Default SSID Name
The service set identifier (SSID) is the public name of your wireless network. Many times, manufacturers will use the same SSIDs for all their products. Though this does not directly impact the security of your network, if an attacker identifies a default SSID, they may be encouraged to try to attack it under the assumption that the network may also use a default password and be insecurely configured. While some argue for hiding SSIDs altogether, in truth this has little effect on security. The SSID is not a network password after all, and there are a number of tools hackers can use to discover it.
Step 3: Protecting Access Points With Encryption
Encryption is a must for protecting your wireless network. The best answer for your encryption needs is WPA2 (WiFi Protected Access 2), which is stronger than its predecessor – WPA – as well as WEP (Wired Equivalent Privacy), which preceded WPA and has been found to be riddled with security holes. Unlike other versions, WPA2 mandates the use of AES (Advanced Encryption Standard) algorithms for security. Though WPA2 is not supported by some older wireless cards and access points, try to go with the most secure option available whenever possible.
Step 4: Enable the MAC Address Filtering Feature
A media access control (MAC) address is a unique hardware identifier for your computer. By enabling MAC filtering, you can exercise more control over who can connect to your network by setting up a list of clients that will be allowed to join. Once it’s enabled, the router/access point will check the MAC address of any client that sends a request to join the network against that list. Those that are not on the list cannot join. This is not a solution for keeping an attacker off your network, as MAC addresses can be faked, so be sure to take other security precautions as well.
Step 5: Disable Remote Administration
Some wireless networking routers allow users to administer the router remotely from anywhere. If this is not absolutely necessary, there is no reason to keep this feature enabled. Doing so opens up a potential door to attackers who could exploit the situation to gain administrative access to your router over the Internet.
Remember, steel doors mean nothing if they are left open, so following a few basic steps should be step one in defending yourself from attackers.