How do I secure my wireless network from hackers?

Question

I have a Linksys (wireless) router. What should I configure in the setup to make it secure from hackers.

- Tony

Answer

This question was answered on February 12, 2004. Much of the information contained herein may have changed since posting.

Wireless networking is one of the fastest growing sectors in the history of personal computing An inexpensive box that allows any computer within a hundred feet (or so) to connect to a network or share an Internet connection…such a deal!

Because a wireless router is more or less broadcasting a signal that can be picked up by anyone within range, it is crucial that proper steps are taken to reduce the chances of being exploited.

Notice I said reduce and not eliminate! The only totally secure system is one that is not plugged in or is turned completely off all the time (neither of which is realistic).

Complete security from hackers is nearly impossible, but having said that, the vast majority of wireless routers (a.k.a Access Points) are setup with no security measures in place at all.

We routinely see situations in both residential and commercial settings where a neighbors wireless access point is wide open to any outside user within range.

The main reason for this is that the person that setup the router/access point has left the settings at the factory defaults, generally because of a lack of knowledge.

On a recent visit to a friend’s house that was having problems with their wireless network, I was astonished to find no less than 6 other wireless networks that were completely open to access by their computer from within their house!

Every one of the access points was left at the default name or SSID (Service Set Identifier), the default channel (6) and the default security level (NONE!).

What was even more disturbing was that many of them were installed and setup by sub-contractors of major broadband Internet Service Providers that should know better.

The first step in creating some security of your wireless router is to change the SSID from the default (LINKSYS in your case) to something else. Use a combination of numbers and letters to make it harder to guess and don’t use your last name as that would just make it easier for a devious neighbor to know who they are attempting to exploit.

Also, change the administrator password and turn off the SSID broadcast option, which means your router will no longer be screaming “Here I am and here is my name! Come exploit me!”

WEP or Wired Equivalent Privacy is a much maligned security protocol but it does create another roadblock, which helps to diminish your chances of being randomly exploited by someone driving by your house WPA is a better security system and available in most newer wireless routers.

Look in the “Wireless Security” section of the router’s setup screens and activate either the WEP or WPA options If all of your wireless components are from the same manufacturer, use the highest possible setting If you are mixing products from multiple manufacturers, you may have to use one of the lower settings in order for the products to talk to each other.

Finally, advanced users can add “MAC address filtering” which only allows machines that have been cleared via their Media Access Control address (a unique identifier for each network card) to connect to the router.

The bottom line on wireless security is that you will likely have no idea if a neighbor or passerby is exploiting your network so don’t take it lightly. If you don’t know how to properly configure your router, find someone or pay someone who can!

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on February 12, 2004