METHODS OF SECURING YOUR WIRELES

METHODS OF SECURING YOUR WIRELESS NETWORK

Securing your network means you can prevent others from sniffing at your data, and stop them from getting a free ride on your broadband connection. Most wireless routers come with default settings that make your network highly insecure. Vendors do this so you can get hooked up easily and quickly. But once you get connected, always close up the holes.

Here are some must-dos. I will use the Linksys WRT54G router as an illustration here. Other routers configuration maybe slightly different.

Step 1: Change the default settings

Using factory-default passwords is unwise. Once you logged into a router's configuration screen (usually using a browser window - refer to screen shot below), change the router password. This prevents intruders from accessing your router to wreak havoc.

Change your router's name (say from "WRT54G" to "test"), so you don't tell a potential hacker which router you are using (and it vulnerabilities).

Turn off features such as remote management. Unless you often configure your router while away from home, this is a tool that may open doors for hackers, if not used properly.

Step 2: Don't tell others you're here

Next, change your wireless network's name (also known as SSID or service set identifier). This may be "Netgear" or "Linksys", depending on your equipment manufacturer. Change it to something generic like "Singtel" or "test". Never name it after your apartment number - high risk!

To prevent others from seeing your network at all, tell your router not to broadcast the SSID. This means new PCs which want to join the network need to have the network name manually keyed in. Yes, more hassle, but it also means tighter security - your call!

Step 3: Turn on the encryption

Always encrypt your data. For 802.11b routers, you have to make sure WEP (Wired Equivalent Privacy) is turned on. For 802.11g routers, you can opt for the newer and improved WPA (Wi-Fi Protected Access) technology. Both will ensure that your data is not easily seen by a hacker.

WIth encryption on, your network PCs need a passphrase or encryption key to access data that is sent over the air. Some computers (like Macintoshes) will work with a simple passphrase (like "password123"), but others require you to enter the key itself (usually in the form "8BE7EE71B99". Have pen and paper ready when setting up your PCs.

Step 4: Let in only whom you like

To make things easy for end-users, many wireless routers will connect up whoever is in the vicinity and assign them an IP address. This is a bad security policy. Restrict this "auto" assigning of IP addresses by only allowing selected PCs to connect to the network.

Each PC's network card has a hard-coded identifier called a MAC (media access control) address. This means you can set your router to allow only PCs with certain MAC addresses.

Tell your router to scan the network for your home PCs and add them to the approved list. Be sure you include only the right PCs (and not your neighbour's).

Step 5: Fire up the firewall

The firewall is turned on by default on most routers. To be doubly sure, check that it is. Some routers ask if you want to "block unauthorized traffic from the Net" and this of course is yes!