Other Products: Other products exist which may assist you in configuring your Router or AP for Encryption.
- Wireless Home Network Security by McAfee is touted as providing “Protection for your Wi-Fi network and data”, “Encrypts your personal information”, “Blocks hackers from attacking”, “Safeguards transactions sent over Wi-Fi”, and “Allows trusted friends and family to easily connect”
5.) Disable SSID Broadcast: This option will make it impossible for all wireless devices to see your SSID, and may prevent some applications or devices (including your own) from connecting at all. You should experiment to see if your devices and applications work with this option Disabled. If you find that your devices work readily with SSID Broadcast Disabled, this option will be the single best defensive measure you can take, and will greatly reduce or even eliminate your exposure to the outside world.
6.) Enable MAC Address Filtering: When you enable this feature, only those MAC addresses that you have previously manually entered into your Router/AP’s “allowable” table can access your network. This data is generally sent via plain-text mode during the initial handshake, so it can easily be discovered by use of a packet-sniffer and later forged by a clever hacker. The reality is that most hackers won’t hang around long enough to simply capture this info just so that they can break into your network. Additionally, when this method is used in conjunction with others suggested in this section, this feature can be quite successful in deterring most freeloaders.
7.) Experiment with the placement of your Router/AP: The final placement of your Router/AP in the center of your home/work space should minimize the chance of the signal reaching outside of its intended range. If the signal does not reach beyond the physical walls of your private building, then your physical security (door locks, etc) will greatly limit unauthorized access.
8.) Limit the number of available IP Addresses: Most Routers and APs provide a setting or option that allows the user to specify the number of available IP Addresses that are kept in the IP Address “pool”. Basically, if you only ever plan to have four computers hooked up to your network, then I recommend that you specify a range that starts at 192.168.1.100 and ends at 192.168.1.103. This way, if a hacker is able to get past the other security measures above (unlikely even for a determined hacker) and all of your computers are online, then your DHCP server will simply say “Sorry, all available IP Addresses are in use!”.
9.) Update your Router/AP firmware: Update your Router/AP firmware as often as possible to take advantage of any new security updates which might patch recently discovered vulnerabilities. Keeping your system up to date is very important process in the security field.
- Additionally, there are some “managed” hardware solutions which include a subscription of one or two years of free updates, and are usually found in the form of an Internet Security appliance. These are constantly updated by the managing authority, and keeping the device connected to the internet will ensure that any updates are automatically applied. Look for Product Reviews of these two Internet Appliances in the future!
- The Eli Internet Security Appliance is a fully managed solution, incorporating Firewall, Anti-Spam, and Anti-Virus, along with a Wireless B+G Router that includes a VPN Server.
- The Sonic Wall TZ 150 Wireless Appliance is a fully managed solution, which incorporates a Firewall, Anti-Spam, Anti-Virus, and Anti-Spyware in a Wireless B+G Router.
Read PART II "OUT IN THE MOBILE WORLD" here.
Read PART III "SECURING YOUR LAPTOP " here.
Follow us on Twitter!