Equivalent Privacy is not perfect and unbreakable, but the level of security it
provides is better than none, and cracking the 64bit or 128bit RC4 encryption
algorithm can take a long time. As far as most users need be concerned,
computers without a valid WEP key will be excluded from network traffic,
safeguarding not only internal network data, but also your bandwidth.
Belkin's software is pretty straight forward and allows the user to choose
from 64 or 128-bit WEP, set their own passphrase and if necessary
manually enter four different encryption keys. As I understand it, the keys will automatically
generate if you type in the passphrase alone, and only one key
at a time will actually be used to encrypt data.
it is important with the Belkin wireless equipment to set
the WEP and passphrase on the wireless AP first, and then on
the computers wireless network adaptor. You will see the WAP manager loose
connection to the wireless AP, so to reconnect you then change the settings on
the computers network adaptor - do it the other way around and
your changes won't make it over to the wireless AP.
Rename the SSID
SSID stands for Service Set
Identifier and this is basically like the group name on internal wired networks.
If you have multiple wired networks it is important that all of the clients
be on the same naming convention so they can roam around easily and gain access
to the network group.
Again, when you are changing the
settings on the wireless AP it is important to set those first, and
then change the SSID on the computer. With the Belkin equipment the
computer will momentarily loose the connection to the wireless
AP once the settings have been made, but will regain it just as soon
as the computer is configured to match. Since there is no web or hardwired
connection to the wireless AP, everything must be done through
Belkin's two pieces of software (one for WAP, and the other for network
the SSID of the Belkin WAP is an important aspect
because most users tend to either leave this at the default "WLAN" (which is
publicly known and can potentially allow unknown users access to your WAN),
or enter in their company, address or personal name. Renaming the SSID so that
"ANY" or "WLAN" are not specified is the first major step, but if someone were
wardriving and saw our wireless network labeled as ACCOUNTING they might be
inclined to try and hack in. There wouldn't be much point to this as far as we
are concerned, but if your companies SSID was "INTEL" I'd bet a lot of other
people would be keenly interested.
Use MAC address filters
Every single network adaptor
has something called a MAC address. MAC stands for Media Access Control and this
alphanumeric series is unique for every bit of networking equipment. Filtering
MAC addresses means that you can tell the Belkin wireless AP what addresses it
will allow to connect. Basically this is like saying which serial numbers are
allowed to have access to your WLAN. This is not a full proof way of securing a
wireless network as some network adaptors allow the user to change MAC
addresses, but it works will in conjunction with the other measures we've
Reset the default WAP password
Finally, the most basic way
to protect your wireless network, and keep settings from being altered is to
change the default password on the Belkin F5D6130 from "MiniAP" to something
less well know. One of the nice things about this particular wireless AP is that
if you forget the password down the road you can reset the unit and start fresh
without too much hassle.
All of the wireless AP changes
can be made from the wireless manager, and once you have made them your data
will be in a much safer state as it flies through the airwaves to a distance of
about 300ft (indoor radius).