These days wireless networking products are so everywhere and low-cost that just about anyone can set up a WLAN in a matter of minutes with less than $100 worth of equipment. This widespread use of wireless networks means that there are dozens of potential network intruders lurk within range of your home or office WLAN.
Most WLAN hardware gotten easy enough to set up that many users simply plug in and start using the network without giving much thought to security. Nevertheless, taking few extra minutes to arrange the security features of your wireless router or access point is time well spent. Here are some of the things you can do to protect your wireless network:
1) Secure your wireless router or access point administration interface Almost all routers and access points have administrator password that's needed log into the device and modify any configuration settings. Most devices use weak default password like "password" or the manufacturer's name, and some don't have default password at all. As soon as you set up new WLAN router or admission point, your first step should be to change the defaulting password to something else. You may not use this password very often, sure to write it down in a safe place so you can refer to it needed. Without that, the only way to access the router access point may be to reset to factory default settings which will wipe away any configuration changes you've made.
2) Don't broadcast your SSIDMost WLAN access points and routers automatically (and continually) broadcast network’s name, or SSID (Service Set IDentifier). This makes setting up wireless clients extremely convenient since you can locate WLAN without having to know what called, but it will also make your WLAN noticeable to any wireless systems within range of it. Turning off SSID broadcast for your network makes invisible to your neighbors and passerby (though it will still be detectible through WLAN "sniffers").
3)Enable WPA encryption instead of WEP
802.11's WEP (Wired Equivalency Privacy) encryption has well-known weaknesses that make relatively easy for a determined user with the right equipment crack the encryption and right of entry to wireless network. A better way to protect your WLAN is with WPA (Wi-Fi Protected Access). WPA provides much better protection and also easier to use, since your password characters aren't limited to 0-9 and A-F as they are with WEP. WPA support is built into Windows XP (with the latest Service Pack) and virtually all modern wireless hardware and operating systems. A more recent account, WPA2, is found in newer hardware and provides even stronger encryption, but you'll probably need download an XP patch in order to use it.
802.11's WEP (Wired Equivalency Privacy) encryption has well-known weaknesses that make relatively easy for a determined user with the right equipment crack the encryption and right of entry to wireless network. A better way to protect your WLAN is with WPA (Wi-Fi Protected Access). WPA provides much better protection and also easier to use, since your password characters aren't limited to 0-9 and A-F as they are with WEP. WPA support is built into Windows XP (with the latest Service Pack) and virtually all modern wireless hardware and operating systems. A more recent account, WPA2, is found in newer hardware and provides even stronger encryption, but you'll probably need download an XP patch in order to use it.
4) Remember that WEP is better than nothing
If you find that some of your wireless devices support WEP encryption (this is often the case with non-PC devices like media players, PDAs, and DVRs), avoid the temptation skip encryption entirely because in spite of its flaws, using WEP still far superior to having no encryption at all. If you do use WEP, don't use an encryption key that's easy to guess like string of the same or consecutive numbers. Also, although it can be a pain, WEP to work.
If you find that some of your wireless devices support WEP encryption (this is often the case with non-PC devices like media players, PDAs, and DVRs), avoid the temptation skip encryption entirely because in spite of its flaws, using WEP still far superior to having no encryption at all. If you do use WEP, don't use an encryption key that's easy to guess like string of the same or consecutive numbers. Also, although it can be a pain, WEP to work.
5) Use MAC filtering for access control
Unlike IP addresses, MAC addresses are unique to specific network adapters, by turning on MAC filtering you can limit network access only to your systems (or those you know about). In order to use MAC filtering you need to find (and enter into the router or AP) the 12-character MAC address of every system that will connect to the network, so it can be not convenient to set up, especially if you have a lot of wireless clients or if your clients change lot. MAC addresses can be "spoofed" (imitated) by knowledgeable person, so while it's not guarantee of security, it does add another hurdle for possible intruders to jump.
Unlike IP addresses, MAC addresses are unique to specific network adapters, by turning on MAC filtering you can limit network access only to your systems (or those you know about). In order to use MAC filtering you need to find (and enter into the router or AP) the 12-character MAC address of every system that will connect to the network, so it can be not convenient to set up, especially if you have a lot of wireless clients or if your clients change lot. MAC addresses can be "spoofed" (imitated) by knowledgeable person, so while it's not guarantee of security, it does add another hurdle for possible intruders to jump.
6) Reduce your WLAN transmitter power
you won't find this feature in all wireless routers and access points, but some allow you lower the power of your WLAN transmitter and thus reduce the range of the signal. Although it’s usually impossible to fine-tune a signal so precisely that won’t leak outside your home or business, with some trial-and-error you can often limit how far outside your premises the signal reach, minimize the opportunity for outsiders to access your WLAN.
you won't find this feature in all wireless routers and access points, but some allow you lower the power of your WLAN transmitter and thus reduce the range of the signal. Although it’s usually impossible to fine-tune a signal so precisely that won’t leak outside your home or business, with some trial-and-error you can often limit how far outside your premises the signal reach, minimize the opportunity for outsiders to access your WLAN.
7) Disable remote administration
Most WLAN routers have the ability to be remotely administered via Internet. Ideally, you should use this characteristic only if it lets you define a specific IP address or limited range of addresses that will be able to right of entry the router. Otherwise, almost anyone anywhere could potentially find and access your router. As rule, unless you absolutely need this capability, it's best to keep remote administration turned off. (It's usually turned off by default, but it's always good idea to check.)
If you need any further assistance regarding help to secure wireless network , please visit http://www.livetechcare.com/
No comments:
Post a Comment