It seems like when ever I get called out to set up a wireless network for someone there is usually two
or three other access points i see in the area around where i'm working especially apartment complexes.
A lot of times these access points are unsecured to where anyone can use them for free internet access
which is usually harmless enough unless they are downloading large files over P2P all the time or doing
other more severe illegal things.
So in order to help you make your wireless network more secure here are some help full tips.
The four easiest steps you can take to insure a more secure network are:
1. Change the default SSID
2. Change the default IP address
3. Change the default user name and password for Administrator access
4. Enable at least WEP level Encryption
What is SSID:
Service Set Identifier - This is usually set to the manufacturers name which is broadcast
from the access point and when a hacker knows what type of access point you have then
it makes it easier to break into that access point and gain control over the network devices.
Some advise to turn off this feature all together but i disagree it is help full to have you access
point broadcast a name just not the factory name i change the name to something else the
client chooses this way it is easier to know which access point you are connecting to in the
case of multiple access points broadcasting also it does aide in setting up multiple devices
across the network and keep them communicating correctly when they are set to look for
a certain SSID.
Change the default IP address:
All access points are accessed by an IP address typed into a browser address bar example
192.168.1.1 now hackers will usually try to get access to an access point by first trying the
easy methods using default IP addresses for various brands so by changing the default IP
address to something like 192.168.6.1 would make it a bit more difficult to gain access
just make sure that if you change this to write it down in case you need to log back into the
access point later to make changes.
What is the default Administrator user name and password about:
Every access point has a user name and password set by manufacture which is needed
to log in to the main configuration screen of the access point so you can manipulate the
settings. A hacker trying to gain access to an access point is going to try various default
user names and passwords to try to gain access by changing this it will make it more difficult
to gain access just make sure you right it down in case you need to go back later to make changes.
What is WEP:
Wired Equivalent Privacy by default WEP is usually disabled on almost all access points by
enabling it implements a basic level of encryption on the network by requiring a pass "key"
there are different levels of encryption from 64 bit to 128 bit on most access points. 64 bit will
encryption will require a pass key of ten characters and 128 bit will require a 26 character
pass key the higher level of encryption the harder it is to hack.
There are stronger levels of security such as WPA or WPA2 some older equipment may not
have those choices but should at least have WEP make sure to right down the key you use
you will need it to connect a device to you network.
By using the approach outlined above will not ensure that your network does not get "hacked"
but it will make it much harder to do and is much smarter than to have your network completely
unprotected and remember write down the settings you choose to use or if you have someone do
it for you make sure they write it down and give it to you I run into this all the time where i have to
reconnect a device to a network but the owner has no clue any of the settings or pass keys.
What kind of router should i get?
I have always preferred Linksys products by Cisco but basically any brand will work just make sure
you get something with external antennas the bigger the better and preferably ones that are replaceable
in case they get broke or you need extra range and want to change the antenna type all together. The
models without external antennas usually don't perform very well.
Also i would not get pushed by a sales person to buy the "N" type router which claim greater range won't
do any good if you are connecting to a B/G device and i just don't really see the "N" equipment catching on
it's more expensive and hasn't really proved it's claimed performance.
Here is another tip for the firewall section of your router make sure that "Block Anonymous Internet Requests" is checked as well as "Filter Ident" this is usually on by default but check...