Securing Your Wireless Home NetworkTara Swords
Wireless networks (WiFi) allow people to connect computers in different parts of their home so they can work, play, research or email from any room. But the next time you do your online banking from the sofa or email from the porch, consider this: Is anyone else looking at the data you’re sending through the air?
Unless you take precautions, your neighbors -- or even hackers lurking nearby --might be watching your every online move.
“An open and unsecured network can be accessed by anyone within range and, further, if communications are not secure, it's possible someone with malicious intent could intercept emails or even view private files and records,” says Danielle Yates, communications director of the Internet Education Foundation.
There are weak points in home WiFi networks. Here's how to strengthen them
1. Give your network a unique ID The service set identifier (SSID) is the name you see when you look for available wireless connections with your laptop. Most wireless routers power up with a default name for your network, such as “linksys” or “default.” The problem with leaving your SSID set to its default name is that other people in your neighborhood might do the same thing -- so you can’t be sure that the network you’re surfing is your own.
Scott Lowe, author of Home Networking: The Missing Manual, says this is particularly dangerous if your computer is set to share files with other computers. “If you join the wrong network and you do have things shared," Lowe says, "you open up your computer to anybody else on the network.”
Changing your SSID is simple: Check the manual that came with your router or visit the Web site of its manufacturer for instructions.
2. Turn on data scrambling Most wireless routers are now capable of encrypting -- or scrambling -- the data they send and receive. The data is encoded when it's transmitted through the air, and your computer and your router have unique "keys" to unlock and decode the data you receive. To someone snooping on your network without the encryption key, the data you send and receive looks all jumbled.
Different routers, however, offer different types of encryption. There are three kinds in use today: Wi-Fi Protected Access 2 (WPA2), Wi-Fi Protected Access (WPA), and WEP. WPA2 is the most secure and WEP is the least. “WEP can be cracked within seconds now, and there are free tools that can do it in a heartbeat,” Lowe says. “WPA takes quite a bit more work than that." WPA2, however, is the strongest level available.
Check with your router’s manufacturer to find out what type of encryption your router supports. When you buy a router, it should say on the box if it supports WEP, WPA or WPA2.
3. Filter out computers that aren’t yours Once you turn on data encryption, your network will allow other computers to join only if they have the correct key. A media access control (MAC) address filter adds another layer of security by creating a list of specific computers that are allowed to join the network. Think of it like a bouncer at an exclusive party: If your name isn’t on the list, you can’t get in (even if you know the name of the host).
Every device that can get on the WiFi network has a unique MAC address. You can choose which devices to admit by creating a whitelist on your MAC address filter -- your PC, your spouse’s laptop, maybe a wireless print server, etc. The filter blocks any other computers
Turning on the MAC address filter isn’t hard, but all routers work differently so consult your router's manufacturer.
4. Use separate logins If a few people use your computer, give them each a separate login. “My kids have a non-administrative account on my computer,” Lowe says. “So if anybody does happen to hack into the computer when the kids are online, they will only have access to the kids’ stuff.”
No amount of security is impenetrable, but these basic measures can help secure your WiFi network -- and your reputation. “If you don’t secure your wireless traffic, people can sit close to your house and get your bank account numbers as you’re logging in to your bank account, or hijack your connection to do illegal things, like download child pornography,” Lowe says. “That puts the innocent people at risk because it will be their connection that’s associated with this illegal activity.”
Copyright (c) 2010 Studio One Networks. All rights reserved.