Wireless "Home LAN" Security
by Mary J. Clark
One of the greatest dangers a driver faces is the illusion of security imparted by the homy familiarity of the vehicle's cabin. Routinely, en route to work, we see drivers chatting on cell phones, tending their grooming, and performing other tasks better suited to places not hurtling along at 70 MPH. What has this to do with wireless home LAN security? Everything. Because we are deploying networks in our homes, where letting down our guard is part of the sweetness of being there, we may not be as vigilant about security matters as we need to be.
Along with the fantastic opportunities the Internet and wireless advances bring us, come sneaking threats. Because they use radio waves, unprotected Wireless LANs (WLANs) are especially vulnerable to hackers. Without security measures in place, others can "piggy-back" on your Internet connection. This can slow down your Internet performance. Further, whatever intruders view will be traceable to your unique IP address: a chilling thought in and of itself. If your wireless system can be penetrated, attackers can implant, directly on your computer, malicious programs such as spyware or Trojan horse applications. Online fraud or even identity theft may follow.
Fortunately, most new systems contain everything you need to set up a secure system. You simply have to agree to enable them during installation. Be sure to change the default SSID. Use something you can remember, but that an intruder could not readily guess. Enable encryption. If your router and all of your wireless adapters support it, use Wi-Fi Protected Access (WPA - http://www.webopedia.com/TERM/W/WPA.html) encryption with a preshared key. Otherwise, enable WEP - http://www.webopedia.com/TERM/W/WEP.html (Wired Equivalent Privacy) encryption. This is like installing a dead bolt on the front door of your home. If you have it, use WEP for data and authentication. Change WEP keys periodically. (Beware, however, that depending on your situation, you may need more advanced encryption than WEP provides.)
Other tips for securing your WLAN include the following:
- Use secure file sharing practices, sharing only what you need to share. Keep file sharing turned off whenever possible. Do not use TCP/IP for file and printer sharing.
- Install and activate personal firewalls. (You may also want to keep your files in access-protected directories.)
- Keep your operating system updated with security patches; update your virus protection software regularly.
- Secure your wireless router/Access Point (AP). If your AP/router has a feature that shuts off the ability to administer your Access Point from wireless clients, UCit recommends that you use it.
- Use MAC address based Access and Association control.
- Use VPN (Virtual Private Network).
- Turn off SSID broadcasting.
Shared Wireless Access Protocol (SWAP) - we'll save that for another article, another day. Now, where did I put that mascara and cell phone?
(You may also want to see Securing the Traveling Laptop.)
|
