Interpreting Technology Logo

Wireless networks present security risks for users

Posted March 2nd, 2010 by Adrian Santangelo

Wireless networks are commonplace these days. They are so ubiquitous and inexpensive that almost anyone can set one up in a matter of minutes with $100 (or less) worth of equipment.

Today, laptops come with wireless capability built in. It’s the same story for gaming consoles such as XBox and Wii. Mobile phones now are so connected to the wireless signals that surround us, I don’t even carry a laptop anymore. The Netbook, a miniature laptop which does little more than access e-mail and the Internet, is designed to pick up on available wireless signals.

The widespread use of wifi introduces a security issue often overlooked by many home users and businesses. With many consumer electronics coming wifi-ready, it’s easier than ever before for someone with malicious intent to discover your unsecured network.

Though wireless hardware hasn’t changed drastically over the last few years, the software side of things has become very point-and-click friendly to set up. Many users simply plug it in and start using the network without giving much thought to security. Taking a few extra minutes to configure the security features of your wireless router or access point (WAP) is time well spent.

What should you do to protect yourself? The first two steps below are a must. The last two are recommended but create a trade-off between security and ease of use.

1) Secure the administrative interface. All routers/WAPs have an admin password that’s needed to log into the device before you’re able to modify any settings. Most devices use a weak default password or no password at all. Your first step when setting up the device should be to change the default password, preferably to something secure. Since you may not use this password often, be sure to record it in a safe place.

2) Enable wireless encryption. Most devices support a handful of encryption options. Each one comes with pros and cons, though explaining the differences would be an article in itself. In general, you should avoid “WEP” encryption unless you absolutely have no other choice. WEP has well-known weaknesses that make it relatively easy for anyone with freely available software to break right in. Some older devices only support WEP.

Some professionals will use WEP for ease of use and “compatibility,” though frequently this is just laziness or ignorance. WEP is still better than nothing, as long as you understand the caveats. By simply avoiding the temptation to skip setting up encryption altogether, you deserve a pat on the back.

It’s recommended to start with “WPA2” and see if the wireless clients support it. Anything that has come out in the last 2 or 3 years should support WPA2. Older devices might need a simple software update.

3) Disable SSID broadcast. Most wireless devices automatically and continually broadcast the network name, or SSID. This provides simplicity and convenience when setting up wireless clients, since locating the network is done automatically by the client. On the flip side, it also advertises your network to any device within range. Turning off the SSID broadcast makes your network invisible to the average user, though more advanced software won’t be fooled.

4) Enable MAC filtering. This is probably the best thing you can do for network access control. A MAC address is like a hardware fingerprint; no two are the same, and every network device has one. Enabling MAC filtering is like having a fingerprint scanner at the entrance, limiting network access to only approved devices. Even if a device knows your network name and password, it’s not getting in unless it’s on your list.

In order to use this filter, you’ll need to know the MAC address of every device that may access your device and enter it into the router or WAP. This can be inconvenient, especially with many clients or frequent changes.

This quick-and-dirty guide is by no means complete but should provide enough insight to avoid the common pitfalls of an open network. If this column leaves you with questions, please hit up your favorite search engine or e-mail me for additional information.

SHARE THIS!

Help spread the word about your experiences with Interpreting Technology. Click on your preferred social network below to share.

GET MORE INFORMATION!

Interpreting Technology is here to help you!