By Rex Davis, Operations Director, ITRC
Wireless networks have attained a de facto presence in home and small business environments during the past few years. The ever increasing ability (digital phones, personal handheld devices, gaming consoles, etc.) to connect to the Internet via a wireless node has propelled the wireless network router to a place of common acceptance in the home. The convenience brought to users by the wireless connection is often significant. So too is the increased risk of hacking if the wireless network is not secured properly. Below are some considerations to improve your security when operating a wireless network:
Wireless Setup: Wireless routers are often supplied with default settings that allow a user to quickly create an operating wireless network. Users need to become familiar with the router setup, and verify that the settings are applied for appropriate security, especially if the user did not do the initial installation setup.
Important Default Settings: The factory default user name and password for access to most routers is well known publicly, and can easily be found by doing a web search. So is the default SSID. Resetting a router to the factory default settings is usually no more than depressing a back panel switch with a paper clip and rebooting the router. Here are some points that should always be checked:
- Always reset the administrator password (and the administrator user name, if possible).
- Always reset the SSID to a new name. Disable remote management of the router, unless you really do need to change router settings from a remote location.
- Ensure that the router firewall is enabled and that wireless encryption is enabled. If at all possible, use one of the newer standards, such as WPA2, or WPA, which are much harder to decrypt/hack than the earlier WEP standard.
- See that a software firewall is running on each computer in your network, both those with wired and wireless access to the network.
Additional Security Measures: The measures above should be done in all wireless network installations. Below are some actions that can be done if you have a more serious need for securing your wireless network:
- Use a MAC address access list. All wireless clients have a unique “MAC” address number, which is specific to that particular unit. Many routers have the ability to restrict access to a list of known MAC addresses. This restriction is not a “save all” method, since MAC addresses can be faked by some types of hacking software.
- If possible, locate the router in a central part of the home or business. A wireless router in a second story window will be accessible from several hundred yards away, or even further if a directional antenna is being used by the interloper.
- Instead of letting the router assign IP addresses automatically to the intended clients (DHCP), set the router to accept a small range of static IP addresses. Then configure each intended wireless client with a fixed (static) IP within the range you chose.
- Turn the router off when you will be away for an extended time. Most routers will reboot in a minute or two.
Choose a qualified supplier: There are many companies that build or rebrand wireless routers. ITRC believes it is worth your time to check online to see if the router model you are considering provides a thorough user manual. You should be able to download a PDF user manual that is thorough in explaining the setup and operation of your intended purchase. Ultimately, your network security will depend upon both the features available in your wireless router and clients, and the choice of appropriate settings to secure the network.
Defend your computers: A secure wireless network will do little good if your client computers are open to viruses, malware, pop-ups, and other threats that can be imported through your firewall by ordinary web browsing and email. Antivirus and personal firewalls must be enabled. Operating system and antivirus programs must be updated automatically with patches and new virus definitions. An infected computer can allow system takeover, keystroke logging, and other hacking from within your network.