Computer Information & Shopping

I have personally bean war driving in some small towns and have noticed a really disturbing trend. Roughly 9/10 routers in residential areas are left to their default configuration. Anyone who scans your area and sees "LinkSys" and "Open" is pretty much guaranteed to be able to snoop around or connect to the Internet via your Wi-Fi network. To give you an example of how wide open the bulk of peoples networks are, I drove around for one hour in my car with a Canary Wireless Wi-Fi HotSpotter HS10 and picked up over 40 open networks. Of those 40 networks roughly 30 of them were "open" and of those 30 open routers over half had LinkSys as their broadcast SSID!

There are so many different kinds of 802.11b & 802.11g Wi-Fi devices out there is difficult to give a concise "how-to" on securing each router. I won't even try to do so. However I will give in general terms what you should attempt to do with your router to help secure it from the "average" snooper. Wireless standards are always changing and becoming more secure and so are the technologies for breaking in to them. These tips should be considered good precautions and yes, security through obscurity.

Tip 1: Change your default password!
The most important thing you can do to help secure your home Wi-Fi network is to change your default password on your router! This is by far the single biggest concern you should have, if someone feels like it, they could go in as the administrator and lock you and all your devices out of your own wireless router. Be certain to follow rules for selecting a good password, don't use a weak password that could be guessed.

Tip 2: Turn off SSID Broadcasting
The SSID or Network ID is the name that is broadcast out to everyone. By turning on broadcasting people can easily see that your network "exists." Even if your network is secure it's a good idea to turn this off, why announce your wireless network to the world? The only disadvantage to turning this off is you must specify your SSID when you are setting up new devices on the network. Normally when you are broadcasting most applications can detect the connection on their own. So keep in mind when you are installing new PC's or devices you will have to manually point them to the correct SSID!

Tip 3: MAC Address Filtering
Most routers allow you to filter MAC addresses, or have an "allowed" list of MAC addresses. MAC addresses are a unique hardware address on each networked device. By creating and using a list of approved MAC addresses on your network you keep people from just coming in. This is like requiring an ID pass to enter a building. To find out your MAC addresses do the following from a command prompt: ipcfg (win9x), ipconfig (winNT/2k/XP), ifconfig (linux).

Tip 4: Know the limits of your network
If you have a Wi-Fi detector or laptop, walk the perimeter of your network so you know the physical limits of your wireless network. This will allow you to know if someone inside your "snoopable" area. Personally, I have some Hawking Wi-Fi Antennas that are directional, pointing from the front of the house backwards in to the house. My network doesn't broadcast far in the front yard, but quite far to the rear of the property. By knowing what the physical attributes of your network are, you can see if someone is obviously sitting in their car in front of your house or the next house down and investigate further (knock on their window?).

Tip 5: Use your routers built in Encryption
As I mentioned the Wi-Fi standards and security practices are always changing, however even if your Wi-Fi router is an older one, still to implement whatever encryption standard is available. The common ones are WPA and WEP. If you are really worried about your security then keep up with the latest models and update your firmware.

These tips will help your keep your network more secure, but nothing is ever bulletproof. If you have serious concerns about security, and broadcasting your private documents than consider going back to a wired standard or keep your private documents on a different medium (Process them on your PC, but store them on a USB Drive or burn the to a CD or DVD).

Ken Dennis - Ken.Dennis@Gmail.com
KenDennis-RSS.homeip.net