Q. I own a wireless router in my home. How do I secure it from attacks?
A. If you are a network professional, there are dozens of settings you can implement on a wireless router to make it more secure. Unfortunately, most home users are not network gurus, so the options within the router’s setup screens can be confusing and overwhelming.
Six settings can be easily implemented to help make your wi-fi setup much harder to crack, snoop or poach.
No. 1: Disable the SSID – The SSID is the Service Set Identifier. This is the router’s human-friendly name, such as Starbucks, MyRouter, or NOIC. The SSID can make connecting PCs, tablets, and phones to a wireless network easier, especially if there are numerous active wi-fi networks nearby. But SSID broadcasting is a convenience, not a necessity. Wi-fi networks work just fine without it. Disabling SSID broadcasting makes it harder for casual snoops and wi-fi freeloaders to find and attack wireless networks.
That said, disabling SSID broadcasts will not stop attacks by knowledgeable hackers, who can sniff out wi-fi networks by various methods, regardless of whether a router is broadcasting its SSID. Simply disabling SSID broadcasts is in no way a viable means of securing your router. But when combined with other security techniques, it can help protect your wi-fi setup from any level of hack attack, whether by an amateur or an expert.
No 2: Change the router’s administrator password – Secure access to the router's setup menus with a long, unique, high-quality password. Use a password even another machine would have a hard time guessing, such as using the word balloon but spelling it Ba1100n or the word possible spelled as P055!b1e.
No 3: Change the security key – A default key may have come with the router, but it should be changed immediately. As with the router’s administrator password, choose a key that is long, unique, and of high-quality to prevent unauthorized connections to your router. A good key might be a sentence such as We love the Cubs! but spelled as W310v3th3Cub5!
No. 4: Change the encryption strength to WPA2 – Currently, the strongest encryption available is WPA2 (Wi-fi Protected Access, version 2). WPA2 will keep the bad guys from snooping data you send and receive over wi-fi. Don't use WEP (Wired Equivalency Privacy), which today's hacker tools can crack in minutes, or WPA, which fell to hackers back in 2008.
No. 5: Disable WPS – WPS (Wireless Protected Setup) is an automated setup technology included with many routers. Hackers can use WPS as a back door into your setup.
No. 6: Apply MAC filtering – Every wireless NIC (network interface card) has been assigned a MAC address (Media Access Control) by its manufacturer. Think of a MAC address as the social security number of that very NIC in your machine. If your family has six wireless devices, then type the MAC address from each device into your router. Now, only those six devices can connect to the wireless router. This will make it harder for unknown or unauthorized devices to connect to your router.
No comments:
Post a Comment