Last edited 07/05/2004 Back to Wireless Networks
Thinking about joining the Wireless revolution, and free yourself of all that restrictive blue CAT5 cable that chains you to the one spot? You're all set to enjoy new found wireless freedom...or are you?
You need to make sure that your Wi-Fi setup is secure as possible. Below are some techniques that you can employ to help keep your wireless connectivity as secure as possible.
Wi-Fi Security
Password: As soon as things are up and running, change the user name and/or password. Most hackers get in because this step is commonly ignored.
WEP: This is a type of data encryption that allows you to protect information going back and forth over your wireless network. A better solution is to use WPA instead as it can provide stronger protection. While neither are bullet-proof, they both provide a layer of protection from the casual wardriver (wardriving is the term used to describe driving around with a wireless notebook running software such as NetStumbler, and seeing if you can break into the wireless networks you encounter).
Firmware: Make sure to get the latest firmware installed just as soon as you hook up the new WAP/Router. There are generally important security updates and patches that need to be installed to keep your wireless network secure.
SSID: Be sure to change the default SSID to something new. Never leave this as the default as you are just inviting problems otherwise.
MAC Address ACL: Turn on and use the MAC Address Access Control List. This makes it much more difficult to hop onto the wireless network as it only allows specific MAC addresses to use it. Another feature is that if someone tries to clone your MAC address, you will know as the network performance will become unstable and difficult to use. If this happens, it could be a possible attack and appropriate steps taken immediately.
DHCP: Try to avoid using this in favour of using manually assigned IP addresses if at all possible. If someone is trying to infiltrate your network, they may attempt to assign themselves an IP number via DHCP. If this seems overboard, then consider limiting DHCP leases to the number of PCs you have in the office/Home.
Firewall: Make sure all of your notebooks/PC's are using an up to date software firewall. The important point here is to keep the Wireless Access Point OUTSIDE of the firewall. This holds true for both hardware and software firewall solutions.
Please bear one point in mind; if you're dealing with sensitive trade secrets or sensitive legal information that must remain secure, do not consider moving to a wireless network. As fun and useful as Wi-Fi is, it will never be as secure as a wired network.
If you require a qualified data cabler to install a wired network, Don McDougall of Zip Cable Pty Ltd is the person we use. I've known Don for about 15 years now, and he is the one we use for all our client's work (I met him originally when he did the cabling for the company I worked for back in the '80s). You will pay a fair price, and receive a top quality job in return. His details are HERE.