Having an open wireless network can be a
security risk as it may allow anyone who is close enough to your router
(e.g. a neighbor or someone war driving) access to your network. To make your home wireless network more secure consider the below suggestions.
Tip: All of the steps below will require access to the router setup, and we also recommend configuring wireless security over a computer with a wired connection to the router if possible.
Close the network
If
you have never been prompted for a key, password, or passphrase when
connecting to your wireless network it is an open network, meaning
anyone close enough to your router could connect to it and browse your
network. To enable security, open your router setup screen and look for a
Wireless Security section. The picture shown an example of a Linksys router setup in the Wireless and Wireless Security section.
Select the wireless security method of either WEP or WPA (we suggest
WPA as mentioned later) and enter the passphrase to generate the keys.
After enabling security on the router, any wireless device that wants to
connect must have the key in order to connect to your network.
Change default password
Make sure the router password is not still set to the
default password. If the password can be guessed this could give someone
access to the router setup, which could allow them to change your
router settings, including viewing any security keys.
If available use WPA, not WEP
Many routers today will offer two different security schemes: WEP and WPA.
We recommend WPA security, since it is more secure than WEP. However,
for compatibility with some older devices such as gaming consoles, TiVo,
and other network devices may only be able to use WEP, and WEP is
better than no security.
Disable remote administration
When enabled, remote administration allows anyone
close enough to your router to view or change your router settings. If
you never plan on remotely administrating your network, e.g. wireless
connecting to the router, we recommend disabling remote administration.
With routers that support this option, it is often disabled through the
Administration section.
After disabled, the router settings can still be changed using any computer connected to the router using a network cable.
Change the default SSID name
The SSID
is the name that identifies your wireless router. By default, many
routers will use the name of the router as the default SSID, for
example, Linksys routers use 'Linksys' as the SSID. This is a security
risk since it identifies the brand of the router and would let any
attacker immediately know what exploits to use.
Tip:
When naming the router do not use your family or any other identifiable
information. For example, if the SSID contains your families last name
it can identify by any neighbor.
Enable router firewall
Many routers also have their own firewall
that can be enabled. If available, we also suggest enabling this
feature as it helps add an extra layer of security for your network.
Disable SSID broadcast
To help make finding your wireless network easier wireless routers broadcast
your SSID, which means anyone looking for a wireless router could see
your SSID. To help make it more difficult for someone to find your
network when browsing for a wireless network you can disable the SSID
broadcast feature. However, when disabling the SSID broadcast it will
require that you manually enter your unique SSID when wanting to connect
any new device to your network.
Enable wireless MAC filter
The Wireless MAC filter feature only allows a wireless device to connect to your router if the MAC Address
has been entered into the filter list. This can make connecting new
devices to your network more difficult, but improves the overall
security of your wireless network.
Tip:
A quick and easy to set this up is to connect any wireless device you
want on your network to your router before enabling wireless MAC filter.
After each device has successfully connected, open the DHCP
client table, often found in the Status or Local Network section. Each
device that has connected to your router thus far is seen and can be
copied into a notepad and pasted into the Wireless MAC filter section of
the router Security section.
Additional information
- How to protect myself while online.
- See the router definition for further information and related links.
No comments:
Post a Comment