Securing Your Wireless Network

Easy as 1-2-3

I travel a lot. Airports, train stations, hotels are all a way too common part of my day to day life. And these days, where I go, so goes my laptop computer. As those good people at Disney’s Epcot tell us, we live in a communication age, and I need a true and tried method of keeping in touch with the folks back home when I am on the road. I hate to take the laptop. Any one who has struggled to get one through security at the airport will understand why. But the alternatives always leave much to be desired. Pushing coins into the public internet phone in a London Tube station seems archaic and backbreaking, given the weight of those English coins. Telling a client that I’ll respond to his email in 2 weeks time when I return from a trip is unacceptable.

So I take the laptop; a little small notebook computer with email and internet and a wireless connection and not much else. What leads me to bore you with the details of my non-existent social life is what happens when I turn the laptop on. On my last trip through Boston’s Logan airport, waiting for a flight, I powered up the laptop expecting to find the airports public internet service (public but not free, $7.95 a day at the time of writing) and I did, but I also found over 20 other wireless networks, courtesy of my fellow passengers, all within a few yards of where a was sitting (according to my wifi manufactures specs). All of them unsecured and ready to be abused. I find similar scenarios at nearly all such places and in most cities and towns. Want a free ride on the World Wide Bus? Just power up the laptop and drive up and down the streets of your home town. Behind those drawn curtains in suburbia are thousand of little home grown wireless networks, wanting attention.

Now apart from the dilemma of whether I hand over $7.95 to some deserving internet company, this state of affairs raises a lot of issues for these unsuspecting network operators. Even if you are not worried by the possibilities that someone can hack into your network and steal your data, do you really want to let freeloaders such as myself piggyback onto a system which is being funded out of your own pocket? This can be an expensive proposition if your internet traffic has a monthly limit. Even for you lucky people with unlimited internet access, there are other consequences to an unsecured network. If a villain uses your open network for criminal activity, such as transmitting a virus or child pornography, the authorities may trace that activity back to your network and you’ll have some explaining to do.

So it makes sense to protect yourself and your friends in the web community by taking some simple steps to secure your network against unwarranted intrusion. In keeping with the times, I present a 3 step program to a more secure network. It’s quick, it costs nothing, and it’s easier than assembling those bikes you bought the kids for Christmas. As the instructions will differ from model to model, you may find it helpful to have your wireless network user guide handy and a small child who can understand it. PASSWORD PROTECT YOUR WIRELESS NETWORK

I don’t know why it is that manufacturers put these security features into their products and then set the factory default to off, but they do. Whether the wireless access is integrated into the cable or DSL modem or was added later as a router or access point, the fact is that most people do the least that they can to get it up and running and then stop there. If they have a wireless internet connection, they are happy not to rock the boat any further.

What this means is that, by default, any computer in the vicinity with a simple wifi card will be able to see your wireless network. In most cases they won’t even have to look for it. When they turn on their computer, there you are for all to see and use.

So the very least you can do is to make sure that no one gets into your network with out at knowing the password. The specifics of adding password protection will be explained in your user guide but it will be in the security section talking about such things as WPA-PSK 64bit WEP, 128bit WEP. Strictly speaking this is not password protection, but encryption. Communication between your network and the end computer is encrypted using the method and key provided. For an end user to successfully communicate with your network, they must use the same method and key. So this is essentially a password. All you have to worry about is in selecting an encryption method that is also available on the legitimate user’s computers. I’ve never known this to be an issue.

If you do nothing else, at least do this step and you’ll keep out all must the most persistent of hard core hackers. Like burglars, they’ll move on to easier prey down the road than to waste time.

MAKE IT INVISIBLE

So now you have added a very large degree of difficulty into hacking your network. But why stop there. Now when a hacker turns on your machine, he will still see your network but now it is password protected. Most people will move on, but some will see this as a challenge and try to break in any way. You may be of the type to say “bring it on”, but if you are not looking for this fight, why even tempt them. You can go one step further and make your network invisible to outsiders. Again, look in your user guide for specifics, but look for a reference to “Broadcasting”. When a Wifi enabled computer is turned on, it performs what is known as a “Site Survey”. That is to say it searches for networks in the area and makes a list of the network station ids (SSID). This search is a lot like that performed by your TV when it is searching for TV networks. If you disable broadcasting, this site survey will not detect your network and it will not be listed. This is not perfect and a hacker may still be able to guess at your site id, but knowing that a network is in the area and invisible, compared to having no network in the area at all, is a nifty trick that most are not capable of pulling off.

The invisible man effect also requires that a potential user knows your station id in advance and adds the network to the site list manually. It sounds inconvenient but the good news is this usually only has to be done the first time.

BECOME A HACKER

If you have done steps 1 and 2, let’s complete the exercise with one last task. Try to beat the bank. Turn on a wireless capable laptop or PC and see if you can break in. If you don’t have a wireless capable PC or laptop you can always call a friend but then why are you even bothering to set up a wireless network? If you carried out step 2, your network station id should not even show up in the laptop’s site survey, not even betraying the presence of the network to prying eyes. So far, so good; a potential amateur hacker can only guess if there is a network nearby and must then further guess what the station id is. But you know what the station id is already, so go ahead and follow the instructions for manually adding the network to the site survey list. If you have carried out step 1 successfully, the network will now be displayed, but as a private protected (as opposed to public) network. Our would-be hacker needs to use the correct encryption method and key, otherwise entry should be denied.

So you should now be secure from the machinations of people like me, trying to get something for nothing at your expense. Of course, if you all did this I would be forced to hand over my hard earned cash to service provider, so don’t all rush at once.

By now, you should have protected yourself from the kid across the street hijacking your network. In this essay, I have specifically addressed entry into your network through your wireless portal and how to protect that portal. This is of course just a small piece of the larger security picture. You should also be concerned about securing your internet connection and within the confines of your network, each computer attached to it. But I’ll leave those issues until later, after I’ve read my email.

Now which network should I log onto this time….?

Comments? Questions? Email Here

© HowtoAdvice.com

How to Advice .com