While setting up wireless home networks many people rush through the job to get their Internet connectivity working as quickly as possible. That’s totally understandable. But, it’s also quite risky as numerous security problems can result. Here is a brief top ten safety guide on how to secure WiFi wireless home networks:
One: Change Default Administrator Usernames and Passwords
Most routers or access points come enabled with a default set of username/password combinations. These combinations are well documented and available online for hackers to use. If a hacker can access your device’s administrative pages they can modify the configuration and control all aspects of your device. These username/password combinations can be changed from the administrative panel.
Two: Turn on WPA / WEP Encryption
All Wireless devices support some form of encryption. Encryption technology scrambles messages sent over the air and ensures that they cannot be intercepted by hackers. Several encryption technologies exist for wireless communication today. WPA is the strongest commonly available encryption technology for home devices, however, WEP can also be used.
Three: Change the Default SSID
Access points and routers all use a network name called the SSID. Manufacturers normally ship their products with the same SSID set for all routers. For example, the SSID for Netgear devices is normally “NETGEAR”. The Default SSID can be changed from the administrative panel and should be set to something unique.
Four: Enable MAC Address Filtering
Each wireless device possesses a unique identifier called the physical address or MAC address. Access points and routers keep track of the MAC addresses for all devices that connect to them. Wireless routers offer the option to key in the MAC addresses of your home equipment so as to restrict the network to only allow connections from those devices. It ensures that rogue users cannot connect to the wireless router without using advanced MAC spoofing techniques.
Five: Disable SSID Broadcast
The wireless access point or router typically broadcasts the network name (SSID) over the air at regular intervals. This feature was designed for businesses and mobile hotspots where wireless clients may roam in and out of range. For the home user, this roaming feature is unnecessary as it increases the likelihood of an unauthorized gaining access to your home network. Fortunately, most wireless access points allow the SSID broadcast feature to be disabled by the network administrator. Your SSID name can be manually inputted into your devices.
Six: Do Not Auto-Connect to Open Wireless Networks
Connecting to an open wireless network such as a free wireless hotspot or your neighbor’s router exposes your computer to security risks and attacks. Although not normally enabled, most computers are configured to allow automatic connections, without notifying the user. This setting should not be enabled except in temporary situations.
Seven: Assign Static IP Addresses to Devices
Most home wireless devices use dynamic IP addresses, which are randomly assigned by DHCP servers. Unfortunately, dynamic IP allocation also works to the advantage of network attackers, who can easily obtain valid IP addresses from your network’s DHCP pool. Turn off DHCP on the router or access point, set a fixed IP address range instead and then configure each connected device to match. Using a private IP address range (like 10.0.0.x) prevents computers from being directly reached from the Internet.
Eight: Enable Firewalls On Each Computer and Router
Modern network routers contain built-in firewall capability, which can be easily disabled.
Ensure that your router’s firewall is turned on. For added security, consider installing and running personal firewall software on each computer connected to the router.
Nine: Position the Router or Access Point Safely
Wireless signals normally have a wide radius, extending out of homes. A small amount of signal leakage outdoors is not a problem, but the further this signal reaches, the easier it is for others to detect and exploit. Wireless signals often reach through neighboring houses and into the streets. When installing a wireless home network, the position of the access point or router determines its reach.
Also Read: Top 10 Internet Safety Myths Debunked
Try to position these devices near the center of the home rather than windows to minimize leakage. Many routers allow you to reduce the range of your router’s signal from the administrative panel.
Ten: Turn Off Network During Extended Periods of Non-Use
Shutting down your network when not in use will most certainly prevent outside hackers from breaking in. While impractical to frequently switch off and on the devices, at least consider doing so during travel or extended periods of downtime.
If you own a wireless router but are only using it wired (Ethernet) connections, you can also sometimes turn off Wi-Fi on a broadband router without powering down the entire network. When it comes down to the real security issue, your business will need to decide if a MPLS network, or something similar is required.