Ctrl-Alt-Delete column in the People section of The Greene County Daily World published Wednesday, September 23, 2009 titled Make Sure Your Wireless Is Secure
Question:
How do I secure my wireless?
Answer:
There are five Wi-Fi networks in range of my computer. If a hacker wished, she could connect to two, and have free Internet access. With a little effort, she could get onto their computers to read emails, access banking and client information, and even copy or delete files! If lucky, she might access an entire network of computers. By the way, cable and DSL routers are just as insecure as wireless ones.
The Internet is one giant network. Anyone can find your router. If your router is unsecured, anyone can get into your computer and local area network. It would be wise to configure your router so hackers cannot get to you. If you make it difficult most hackers will leave for easier pickings.
I cannot possibly explain how to secure every router especially when everyone has a different network setup. Therefore, I will use general concepts. With the help of router documentation and Google, you can configure your router to be more secure. If not, your local computer shop will be happy to help.
The first step is to login to the router. Most routers use a web interface for configuration. You type the router address into your web browser. For example, you might type http://192.168.1.1 to reach the login prompt. Common router addresses are 192.168.0.1, 192.168.1.1, 192.168.1.100 and 192.168.10.1. Sometimes the address is located on the bottom of the router; otherwise, check the router documentation.
Immediately change the administrator username and password! Router manufacturers ship routers with default usernames and passwords. Change it to something easily remembered but not easily guessed like your father’s nickname and date of birth. Do not make life easy for hackers.
Change the default SSID name. When hackers see that one of the unsecured routers near me has the name “Linksys,” they know exactly how to break in. If the SSID were named “ABC123XYZ” it would make it harder for them to hack.
Better yet, turn off SSID name broadcasting. This is like having an unlisted number. It will not stop determined hackers but it makes it difficult to find your router. Write down the SSID name and tape it to the bottom of your router so you remember it later.
Do not use WEP encryption. WEP is a weak encryption method that almost any hacker can crack. Many routers ship with WEP enabled. Most users do not realize they should change to something more secure like WPA or WPA2. Some devices do not understand WPA forcing you to use WEP. However, when given a choice, use better encryption like WPA.
Reduce IP addresses to the number of devices you use. You do not need two hundred addresses when only two devices connect. Why offer unused addresses to hackers?
Change from DHCP to static addresses. It is harder to setup but it assures that only devices you allow get in. Even better, use MAC address filtering instead.
Finally, turn off ping responses. Hackers use ping to find routers. It is like telemarketers calling random numbers until they get someone to answer. Do not answer.
The online version of this article may be found at Ctrl-Alt-Delete.
Leave a Reply
You must be logged in to post a comment.