Nine tips to secure wireless home network

BANGALORE, INDIA: The advent of Wi-Fi has made our lives simpler and easier. Wireless Networking (Wi-Fi) has made it so easy for us to use the computer, portable media player, mobile phones, video game and other devices anywhere in the house without any wires to clutter around.

Traditional wired networks made it extremely difficult for anybody to steal the bandwidth but with wireless technology, users are at high risk. Others in neighboring building can access wireless connection if the connection is not secured. And in the recent wake of time when lots of crimes have been committed by hackers hacking the innocent users account details, secured wireless connection becomes even more important.

Apart from decreasing speed and increasing internet bills, unsecured connections have lot of complications on security of a user. So what do we need to do in order to ensure security while browsing?

Here is a low down on it.

1. Change Default Administrator Passwords

Manufacturer provide WEBUI (WEB Page) to enter into device configuration page, these pages are protected with a user name and password, Default username/password provided by vendor needs to be changed so that authenticated user can only login for parameter change.

However, for any equipment, the logins provided are simple and very well-known to hackers on the Internet. Users need to change these settings immediately.

2. Turn on Encryption

Wi-Fi device supports encryption. Encryption technology scrambles messages sent over wireless networks so that they cannot be easily read by humans. Several encryption technologies exist for Wi-Fi networks.

Make sure to pick the strongest as well compatible encryption that works with your wireless network and supported by client machines too otherwise you won’t be able to connect all your client machines through wireless. Commonly used Encryption type include WEP/WPA/WPA2 etc.

3. Change the Default SSID

Access points and routers use a network name called the SSID. Manufacturers normally ship their products with the same SSID set in entire range of wireless products from factory. For example, the SSID for ABC devices is 'ABC'.

While knowing the SSID alone does not allow others to break into your network, it is a start. More importantly, when someone finds a default SSID, they see it is a poorly configured network and are much more likely to attack it. Change the default SSID immediately when configuring your wireless network.

4. Enable MAC Address Filtering

Each IP enabled device possesses a unique identifier called the physical address or MAC address. Access points and routers keep track of the MAC addresses of all devices that connect to them.

You can restrict your wireless network to only allow devices on your network for you have entered the MAC address. Normally Access point and router supports 8~20 MAC filter list, Edimax router and Access point support up to 20 set of MAC address under wireless configuration.

5. Disable SSID Broadcast

In Wi-Fi networking, the wireless access point or router typically broadcasts the network name (SSID) over the air at regular intervals. This feature is unnecessary, and it increases the likelihood someone will try to log in to your wireless network as network is openly seen by others, by disabling SSID broadcast, router SSID cannot be detected and one can connect if SSID to known. Setup has to be done manually from client machine.

6. Do Not Auto-Connect to Open Wi-Fi Networks:

Connecting to an open Wi-Fi network such as a free wireless hotspot or your neighbour’s router exposes your computer to security risks. Although not normally enabled, most computers have a setting available allowing these connections to happen automatically without notifying the user.

This setting should be disabled except specific situations.

7. Assign Static IP Addresses to Devices:

Most home networkers use dynamic IP address by enabling router DHCP. DHCP technology is indeed easy to set up. Unfortunately, this convenience also works to the advantage of network attackers, who can easily obtain valid IP address from your network DHCP pool. Turn off DHCP on the router or access point, set a fixed IP address range instead, and then configure each connected device to match.

Use a private IP address range (like 10.0.0.x) to prevent computers from being directly reachable on the Internet.

8. Enable Firewalls (On Each Computer and the Router):

Network routers contain built-in firewall capability, but the option also exists to disable them. Ensure that router's firewall is turned on. For extra protection, consider installing and running personal firewall software on each computer connected to the router.

9. Position the Router or Access Point Safely:

Wi-Fi signals normally reach to the exterior of a home. A small amount of signal leakage outdoors is not a problem, but the further this signal reaches, the easier it is for others to detect and exploit. Wi-Fi signals often reach through neighbouring homes and into streets, for example.

When installing a wireless home network, the position of the access point or router determines its reach.

Try to position these devices near the centre of the home rather than near windows to minimize leakage. Reduce RF output power in case still good amount of signals are detected

outside home.