LOCKING DOWN YOUR WIRELESS NETWORK

17. February 2007, 22:19 | by WD Milner | Full Article |

Most wireless routers and access points are totally insecure out of the box. While fixing that situation only requires a few minutes, it is easy to become lost in the sometimes confusing options of the router’s management tool menus. To help ease the process, the following guide will help you secure your wireless network.

Where possible connect to your router via ethernet to do your setup right at the start. Most routers have web based interfaces and can be managed by any browser equipped computer on the network. The router is normally accessed by typing its IP address into the browser’s address field. If you do not know the IP address, you can (in Windows) go to Start - Run and enter ipconfig /all in the field. Under various flavours of *NIX you can use ifconfig and other tools.)The address will be shown as the “Default Gateway”. You will also need the username and/or password from the user manual or by searching the net for the model number of your particular router.

Once you can access the management interface of your router, the first thing to do is change the administration password you just used to access the router. This is typically under System Settings or similar heading. The next step is to turn on encryption. This is usually listed under Encryption or Security. This will generally slow your connections but is well worth the performance hit. WPA or WPA-PSK is currently about as secure as it gets for consumer grade wireless. Set a new WPA key and configure the client machines to use the new key. The version of WPA you use will depend on the capabilities of the client devices in use on the network.

It is also recommended to change the SSID from the default (usually the manufacturer’s name, eg. “linksys”). Use an ambiguous SSID that is unlikely to attract attention from an unwanted wireless sniffer. For even tighter security you can turn SSID broadcasting off entirely.

A last step is to enable MAC to limit access to those computers whose MAC address you specify. While a MAC address can be spoofed, turning this feature on will enhance security. Using this feature will require adding the MAC address of each machine you wish to be able to access the network to the router’s list of permitted addresses through the management interface. The MAC address for a machine can be found using ipconfig in a manner similar to that for determining the IP address mentioned above and is listed as “Physical Address”.

Your router should now be reasonably secure so far as accessing the wireless node portion. This lockdown is not a replacement for a firewall which should be run between a wireless access point and the network proper, but part of a sound, layered approach to securing your network.

- 30 -

Categories: ,
Keywords: wireless,wi-fi,networks,secuity,wpa,mac,ssid

Comments


 



Textile help
 
* Indicates a required field.

As a SPAM prevention measure, comments are moderated and will be posted once vetted.

 

Article & Comments


Comments are not enabled for all articles or documents.

Article Navigation
|

Categories

Business
Communications
Electronics
Entertainment
Environment
Government
Internet and WWW
Miscellany
Music and Audio
News
Photography
Privacy
Psychology
Security
Society and Culture
Stage and Screen
Technology
Theology
Tips and Tricks
Web Design
Web Site


The Birches - Milner.ca Support Child Safety Online

 

 
 
 Help to FIGHT spam!
 • 
  •
•••