[X]   Directory of
Guides & Reviews

Beginners Guides
Motherboards by Brand
Weekly Newsletter
Archived Newsletters

+70 MORE Beginner GUIDES....
Beginners Guides: Securing A Wireless Network
Beginners Guides: Securing A Wireless Network - PCSTATS
Modern wireless networking products are inexpensive, simple to set up and very convenient. They are also full of holes... security holes, that is.
Filed under: Beginners Guides Published:  Author: 
External Mfg. Website: PCSTATS Jul 30 2007   M. Dowler  
Home > Reviews > Beginners Guides > PCSTATS

Securing a Router and Wireless Connection

There are several security measures you can institute on your wireless router to that will help to protect your network. Note that the following measures will require configuring your router through its built-in interface, so if you have not done this before, make sure you have the documentation handy, as there are too many varieties for us to practically detail the procedures for each device.

1. Change the default settings

This should actually be the first thing you do with your router. Every manufacturer ships their devices with a default username and password and a default SSID (System Set Identifier, used to identify the wireless network). These values are well known, and could easily be used to compromise your network. Change the username, password and SSID to whatever value you please, but don't leave them at their default settings.

On a side note, it is never a smart idea to name your wireless access point with a business name, or address. For example, both "Intel Internal" and "2200 Mission Blvd" are both very bad choices for a WAP SSID as it reveals to much about whose network may be behind the security measures (if there are any applied)... It's best to choose a non-identifiable name like "Lexicon" or "River."

2. Enable WEP

WEP or Wireless Encryption Protocol works by establishing a shared 64-bit or 128-bit key between the clients and the access-point, then using the key to encrypt and de-encrypt the data passing between them. This offers adequate security for a home network, where your primary concern is that your neighbors are not freeloading on your downloading.

To configure WEP, you must enable it on the router using the management console and on each wireless adaptor (using the management software that came with the card.), and designate a preshared key for the network, which must be entered identically on each system. This key is used to negotiate the encryption between the wireless clients and the router.

WEP encryption can be broken easily by someone with enough time and the correct software, but the mere act of enabling should still deter casual eavesdroppers so it is recommended that you enable it. For business environments, WEP should be looked on as a starting point for security only, since it is not adequate as a total security measure by itself. Consult the documentation for your wireless devices to find out how to enable and configure WEP on your network. Alternatively, business or enterprise networks should seriously consider moving their WLANs to WPA capable networking hardware as soon as possible, as this encryption standard is much more secure.

Most Wireless Access Points give you the option of choosing 64-bit WEP, or 128-bit WEP. Enabling WEP will slow down 802.11b data transmissions from 11MB/s to a degree, and enabling 128-bit WEP will further that on somewhat. For the home environment, 64-bit WEP is generally considered sufficient.

3. Mac Filtering

A MAC address (also known as a physical address) is a unique hardware identifier assigned to every network device. MAC address filtering involves manually entering a list of the addresses found in your local network (you can easily find the MAC addresses of your network adaptors by going to the command prompt on each system and typing 'ipconfig /all') and configuring the router to allow only these specific addresses to connect via the wireless network.

MAC address filtering is a good basic method of securing your wireless network. Its drawbacks are that it requires some initial manual configuration to obtain and enter the MAC addresses, and it can be defeated by using a network traffic capture program in conjunction with a wireless card. This is done by reading an 'allowed' MAC address from a captured packet, then using this address on a new network adaptor. It's unlikely that anyone would bother to do this to get into your home network, like WEP. Both methods are fallible, but vastly increase the difficulty for potential intruders.

< Previous Page © 2023 PCSTATS.com
Please respect the time and effort that went into creating each PCSTATS Beginners Guide, do not illegally copy. Thank you.
Next Page >


Contents of Article: PCSTATS
 Pg 1.  Beginners Guides: Securing A Wireless Network
 Pg 2.  Network Security vs. Wireless Security
 Pg 3.  Finding Intruders on a Network
 Pg 4.  Checking Ports and Workgroups
 Pg 5.  Checking Router Logs
 Pg 6.  Managing Network Shares
 Pg 7.  Personal Firewalls
 Pg 8.  Using Zonealarm
 Pg 9.  — Securing a Router and Wireless Connection
 Pg 10.  More Steps to Securing a WLAN
 Pg 11.  Disabling DHCP on a WAP
 Pg 12.  Wireless Protected Access: WEP Improved

Hardware Sections 

PCSTATS Network Features Information About Us Contact
PCSTATS Newsletter
Tech Glossary
Technology WebSite Listings
News Archives
(Review RSS Feed)
Site Map
PCstats Wallpaper
About Us
Privacy Policy
Advertise on PCSTATS

How's Our Driving?
© Copyright 1999-2023 www.pcstats.com All rights reserved. Privacy policy and Terms of Use.