Securing your home wireless network 101:
Summary at bottom...
To start off, unless your wireless equipment is brand new, go to the website (Linksys, Netgear, etc) and go to their support or downloads section and get the most recent version of firmware for your wireless router or access point, and install it per the vendor's instructions.
Next, change the default password on your wireless router. Don't make it anything obvious like admin. Next, turn on encryption. At least use WEP for minimal protection but the best is to use WiFi Protected Access, WPA or WPA2 PSK (Pre Shared Key) mode for home use. WEP can be broken easily by someone who knows how and has the right tools. Select a decent WPA passphrase that has at least a combination of letters and numbers, the longer the better, up to 63 characters.
Everyone always says "WEP is no good, it's too easy to crack" and that's true, but I usually say, "Oh, really? Have you done it?" just to be a wise-guy, and 99% of the time the answer is no. Because it's NOT easy for the average home user. I have done it and I like to say that WEP keeps your honest neighbors honest. But it will not hold back someone who has the right tools (all freeware by the way) and knowledge to break your key. So use WPA PSK, it's just as easy to configure as WEP. If you do use WEP (maybe if you have older stuff with no WPA or WPA2 support) then at least change your WEP key occasionally. By the way, selecting 128 bit versus 40 bit WEP will NOT really make it any more secure.
Also consider using MAC address filtering, so you can decide ahead of time which machines are allowed on your network. You do an "ipconfig /all" for example on your PCs to get the 48-bit (12 Hex digits) MAC/Physical hardware address, and then put that MAC address into your router's MAC filter list. Again, there are ways to defeat this with MAC spoofing, etc, but not without some effort and not likely with your average users/neighbors.
Also use other security features built into your product like stateful packet inspection (SPI) firewalls, etc. Check the manual or just click thru the config screens to see what's there.
Finally, don't be fooled into thinking that turning off SSID broadcast will make your network secure, it will not. That only supresses the SSID in the beacon messages and is not meant to be a security feature, it's more to prevent accidental associations. Still, it is a "best/common practice" to change your SSID to something other than the default and turn off SSID broadcast.
One last thing, even though a home router (wireless or not) can act as a hardware firewall, still absolutely run network security software on your end machines, such as McAfee security center for example. Or even freeware is fine, AVG plus ZoneAlarm plus AdAware/SpyBot, etc. Just make sure you have a software antivirus and firewall at minimum, preferably something other than the built in firewall in WinXP.
So in summary:
1. Update to newest firmware
2. Change default password on router
3. Configure WPA PSK with a good passphrase
4. Use MAC address filtering
5. Change SSID from default and do not broadcast it
6. Disable any type of remote administration
7. Enable any built-in firewall features
8. Block or filter unknown external (WAN) requests
9. Read the manual for your product for other security features.
10. Don't forget end host protection software.
2007-01-25 02:48:09
·
answer #1
·
answered by networkmaster 5
·
1⤊
0⤋
There are several things you can do, all through the web interface of the AP:
1. Control who can connect to the access point using the MAC filter feature. This way, only your wireless card will be allowed to use the AP.
2. In the wireless settings, disable SSID broadcasting. That way, if you don't know what is the name of the AP, you will not see it in the list of available networks.
3. In the wireless security settings, enable WPA. That way, all the communications will be encrypted, making it almost impossible for someone to get you user name/password just by monitoring network traffic.
2007-01-25 00:59:02
·
answer #2
·
answered by Danzel 2
·
0⤊
0⤋
just put a WEP, WPA, WPA-Shared Key password on the router.
This can be done from the routers configuration page. the page is access through your web browser. Depending on the model, that will tell you what address you have to go to in your browser. All that information should be in your instructions
2007-01-25 00:56:03
·
answer #3
·
answered by thunder2sys 7
·
0⤊
0⤋
set up a wpa key
here is a link i hope it helps has page on how to do ti http://www.microsoft.com/windowsxp/using/networking/expert/bowman_03july28.mspx
2007-01-25 00:51:15
·
answer #4
·
answered by mocho22 3
·
1⤊
0⤋
you can set up a password so that nobody can get onto your network without it.
2007-01-25 00:55:39
·
answer #5
·
answered by Tranuine 3
·
0⤊
0⤋