Basic steps
There are several encryption and authentication mechanisms that
we can use to secure a wireless network. By observing a few simple
steps, we can keep our wireless networks safe:
- Change the default Administrator username and password Turn on
WiFi Protected Access (WPA/WPA2) or Wired Equivalent Privacy (WEP)
Encryption, and use a strong passphrase for WPA/WPA2, and a strong
encryption key WEP;
- Update your firmware if your device currently does not support
WPA Disable the broadcast of your service set identifier (SSID), or
change your default SSID to a generic name;
- Turn off the wireless network when not in use. Reduce the
transmission power of your wireless network to prevent external
parties from accessing your wireless network.
Advanced steps
If you are already familiar with the basic step above, you might
also wish to adopt some additional steps to improve your network
security. The procedures for securing wireless networks are usually
found in the manuals that come with your wireless devices. It is
also common for manufacturers of wireless devices to provide
information that guides you to secure your network through simple
instructions.
Every brand has its unique features and workarounds and every
network service provider their own procedures and protocols for
connecting to their networks. Thus, your device manufacturers and
your service providers are the best sources of help in resolving
your wireless security and connection issues.
- Using Wired Equivalent Privacy (WEP). WEP is a standard feature
on most wireless routers. However, it should be used in conjunction
with other LAN security mechanisms such as authentication and
Virtual Private Networks as it is insecure by itself. To strengthen
WEP encryption, use a longer key length and change the keys as
often as possible. To enable encryption for your device, refer to
the owner's manual, then configure your wireless network devices
with the proper information to access the network. If possible,
upgrade all your wireless devices to WPA. If any device on the WLAN
remains on WEP, all WPA devices will fall back to the weaker WEP
encryption. WEP is nonetheless better than nothing and will keep
casual snoopers and novice hackers out of your WLAN network.
- Using Wi-Fi Protected Access (WPA and WPA2). This is an
encryption and authentication system that comes as a security
feature in the latest wireless network devices. It provides good
security through the use of passphrases that are longer than the
typical six to eight character passwords we normally use. WPA work
by distributing different security keys to each user, changing the
keys dynamically over time. All new wireless devices support WPA.
As for WPA2, a stronger encryption method is used, as compared to
that used in WPA. To enable WPA on your router or access point,
refer to the product manual. Once enabled, you will need to
configure all the other wireless devices with the proper
information to access your wireless network.
- Disabling broadcast of Service Set Identifier (SSID). SSID
refers to a unique identifier which differentiates one WLAN from
another, and enables access points and devices connected to a
specific WLAN to associate with each other. However, as the SSID is
broadcast over the WLAN it does not provide any form of security.
To enhance wireless security, disable the broadcast of the SSID.
For legacy devices that do not have the “disable”
feature, change the default SSID to a generic name (one that cannot
be used to identify you) every few months. The SSID can be changed
manually by using a browser to access the configuration settings of
the wireless access point.
- Deploying Secure Socket Layer (SSL). SSL is a security protocol
widely used on the Internet to secure online transactions, such as
online banking, purchases and communication. Wireless devices such
as Smartphones and Pocket PCs rely on SSL features supplied with
operating systems such as Windows Mobile to secure online
transactions conducted on the device. When SSL is enabled, the
identity of a website is validated and a 128-bit encrypted
connection is created for sending private data. An encrypted SSL
connection is indicated by a “https” prefix in the URL
and a ‘lock’ icon at the bottom of your browser.
- Using Stateful Packet Inspection (SPI). This is a basic
firewall feature that is included in most standard wireless
broadband routers. It allows only legitimate data into your
network. However, this type of security simply controls incoming
traffic, and wouldn’t be able to prevent attacks from
innocuous web browsing, spyware, adware or Trojan horses.
There are several encryption and authentication mechanisms that we can use to secure a wireless network. By observing a few simple steps, we can keep our wireless networks safe:
1. Change the default Administrator username and password Turn on WiFi Protected Access (WPA/WPA2) or Wired Equivalent Privacy (WEP) Encryption, and use a strong passphrase for WPA/WPA2, and a strong encryption key WEP;
