You are the Weakest Link for your Wireless Home Computer Network

Computer security is a complex issue and it would take volumes just to explain all of the ins and outs, but if you take some precaution to secure your wireless home network. You'll have a basic understanding of this technology.

After your computer is on the internet typical procedures must be followed Anti-virus - Firewalls - WPA2, WPA, WEP or you'll be sorry when someone gets access your system. know this page is long, but please read it even if you don't read another page on this site, it's that important.

One definite thing about security, it's that we the citizens will make the same mistakes, over and over, again and again. It's something that hackers know and find irresistible.

I walked down a few streets in my neighborhood with a PSP (play station portable) and could not believe how many homes DO NOT have wireless security enabled networks... They should just give me the keys to their door.

Wireless security is an important part of your wireless home network without even getting into WEP (Wired Equivalent Privacy) there are certain things you can do to make your network secure and shut down the easy avenue for the hacker attacks.

No SECURITY system is completely bulletproof because people have to implement the security measures and we all make mistakes, but using WPA2 will be as close to complete protection as any wireless network can get for NOW.

New Wireless Products For Homes And Business Will Support WPA

Setting up security for those who don't have servers installed to support WPA, the WI-Fi alliance allows you to manually enter the keys to be used. These pre shared keys are nothing more then passwords or pass phrases entered into the configuration for the router and client, then WPA takes control...

The WPA for the non-server requires authentication so it keeps eavesdroppers out of your router then it starts up the key-changing rotation so keys mutate every few seconds, this makes even the smallest home or business wireless network secure

A dictionary attack can find your key. Short key word pass phrases can be hacked if you use a key less then 20 characters long and use common words.

Quick Tip: The fix.. Use longer PassPhrases without any real words involved upper and lower case - and even a number for letter substitution, same for user names and passwords.

You can go here to get a Ultra High Security Password from steve of GRC.com, this guy lives, breaths, and eats computer for breakfast. One of the most informative sites on the planet, but very technical to some.

Security Check List

Turn some type of security on. A little security is better then none Keep
the firmware updated for all routers and clients (you) that's why vendors provide
the updates.

Always change the SSID, because hackers know the standard one that are
shipped with the hardware. Don't leave this big hole in your wireless network

Change the SSID as often as possible, if your network doesn't use VPNs or WPA

Turn off the SSID broadcasts don't shout and say "Here's my network come
and take a look Use MAC address filtering (see MAC spoofing)

Place routers and access points out of reach If some one resets the router then
it reverts back to the manufactures default configuration and leaves a big hole in
your security "which is not a good thing"

Use a VPN for all wireless connections Upgrade all of your equipment to WPA,
or purchase the products with WPA already built inEnable WPA for ALL
devices not just some

Set A Ruse For Wireless War Drivers And Hackers

Turn on an old WEP-Enabled router by a door or windows for broadcast range out of your building and DON'T connect it to your wireless network. Hackers will spend their time trying to find your network via that device and probably look elsewhere.

Keep Your Windows Or Mac Operating System Updated

It must be updated regularly to keep up your computer defenses go to the start button > all programs > windows update. Install all security related updates and set to update automatically. Mac users can go to software update in you system preferences (OS X) or under control panel (OS 9)

Install A Firewall And Use It

Hackers can break into your computer if you don't have a firewall installed and working, it can warn you when you access the internet. If you don't have a firewall built into your wireless router you can download free firewalls from zonelabs.com

Install Anti-Virus Software

The anti-virus must be up-to-date to ensure that your hard drive and e-mail is virus free. You can download this free software from free.grisoft.com this software works well and it's free. Or you can use McAfee's paid internet security suite at mcafee.com, which ever one you chose you should run the software on a daily or weekly basis, or you can

Attack Spyware On Your Computer

Spyware can enter your computer when your online and reports your activities to companies or individuals trying to sell you something or maliciously trying to gain access to you PC.

Or use these excellent spy removal tools Ad-Ware from Lavasoftusa.com, again run this software often. An acronym for Wired Equivalent Privacy (Wep)

If your device supports WEP, enter a matching static "128-bit WEP "Key" On both your wireless gateway and wireless cards.

The keys must match otherwise you will lock yourself out of your own wireless network. If you enable WEP all your data will be encrypted as it travels through the air waves.

WEP is an encryption scheme used to protect your wireless data communications, it uses a 40 bit key.
When WEP is enabled-each station - client and access points has a key.

The key is used to scramble the data before it is transmitted through the airwaves. the data that's not scrambled with the appropriate key will be discarded - and never delivered to the host or your computer

To provide access control to your network and encryption security for every data transmission. To decode a data transmission, each wireless client on the network must use an identical 64 or 128-bit key.

There is no need to worry about everyday information. It is only in a more security sensitive environment that wireless might be considered security risk.

Common Security Practices For Securing Wireless Networks

Ever since 2001, the use of wireless networks has exploded both in home and corporate environments. By 2006, more than 80 millions wireless local area network (WLAN) nodes should be in the hands of residential and business users combined.

Securing WLANS has been a concern almost since their inception and while much progress has been made with the introduction of WEP and WPA, both have been shown to have their own weaknesses or implementation issues.

While 802.11i is said to improve upon WEP and WPA, it is not yet commercially available and it may prove over time to have its own weaknesses as well.

There Are Wireless Security Steps

That network administrators and home users alike may take to augment the security of their wireless networks, and discussing some of these steps is the purpose of this site.

None of these steps is intended as a replacement to WEP or WPA, but rather as a complement. Many of these steps do not apply to public hot spots, however, as it is generally the intent of the spot’s owner or operator to make access as easy and convenient as possible

Adapters and access point and other equipment all come with a default password and other settings - You should quickly change these values.

Leaving these default values unchanged, just invites trouble, remember this is your private network, but the airwaves are public and the door is open to anyone that's up to no good.

The Most Important Values To Change Are The SSID Short For Service Set Identifier

Make sure this setting is the same for all devices in your wireless network. A few things you can do to make your SSID more secure

Quick Tip:  Make it unique, Change it regularly, Disable SSID Broadcast

Also referred to as a network name because essentially it is a name that identifies a wireless network.

Is the unique name shared among all devices in a wireless network.The SSID must be identical for all devices in the wireless network. It is case-sensitive and must not exceed 32 alphanumeric characters, which may be any keyboard character.

Quick Tip: It is important to note, however, that using the manufacturer’s default SSID, makes it easier for hackers or individuals to identify the access point’s manufacturer and look for specific weaknesses that may be used to gain unauthorized access or deny others access.

Make Sure This Setting Is The Same For All Devices In Your Wireless Network

To insure Wireless security, I recommend that you Change It Now the default SSID to a unique name of your choice.

Disabling SSID broadcasting can be a useful security feature. However, when SSID broadcasting is disabled, Wireless site survey tools such as Windows XP's Zero Configuration utility will not function.

Disable the SSID broadcast until you have configured all of your wireless network clients.

Quick Tip: WPA2 encryption is recommended to increase the security of your wireless network. All Devices On Your Wireless Home Network Must Use The Same Settings As Your Wireless Router.

The SSID Is The Unique Name

Shared among all devices in a wireless network. The SSID must be identical for all devices in the wireless network. It is case-sensitive and must not exceed 32 alphanumeric characters, which may be any keyboard character. I recommend that you change the default SSID to a unique name of your choice.

SSID Broadcast

Disabling SSID broadcasting can be a useful security feature. However, when SSID broadcasting is disabled, Wireless site survey tools such as Windows XP's Zero Configuration utility will not function.

It is best to disable the SSID broadcast AFTER you have configured all of your wireless network clients.

This setting specifies the default 802.11b channel used by the Wireless LAN communication. Wireless clients will scan through all available channels searching for an Access Point.

An acronym for Wired Equivalent Privacy, WEP is an encryption
scheme used to protect your wireless data communications.

Security Conclusion

No system is completely secure. Just as the safest computer is locked in a keyless safe and not plugged in, the safest wireless network is the one that isn’t turned on. Next to that, combining several of the steps documented in this site should lead to a very secure network.

Many of the measures proposed here are totally insufficient by themselves to secure a wireless network, but combining them together according to the particular environment where the wireless network is deployed may begin to provide a secure access.

• SSID broadcast and MAC address filtering should respectively be disabled and enabled on the access point, while all clients (you) should be configured with their own static IP address in order to eliminate the need for a DHCP server on the wireless network.

• Most of these steps are easily bypassed by a determined hacker, but it is hoped their accumulation will frustrate most attackers in looking for an easier target, like your home wireless network

Cheers,
Jim Novak