1. Install a Firewall A firewall helps
protect your PC by preventing
unauthorized users from gaining access to
your computer through the Internet or a
network. It acts as a barrier that checks
any information coming from the Internet
or a network, and then either blocks the
information or allows it to pass through
to your computer.
2. Change the Administrative Password
on your Wireless Routers Each
manufacturer ships their wireless routers
with a default password for easy initial
access. These passwords are easy to find
on vendor support sites, and should
therefore be changed immediately.
3. Change the Default SSID Name and Turn
Off SSID Broadcasting This will require
your wireless client computers to
manually enter the name of your SSID
(Service Set Identifier) before they can
connect to your network, greatly
minimizing the damage from the casual
user whose laptop is configured to
connect to any available SSID broadcast it
finds. You should also change the SSID
name from the factory default, since these
are just as well-known as the default
passwords. NOTE: Even though the SSID is
disabled the SSID is included in the data
packets that are transmitted and is easy
to discover.
4. Disable DHCP For a SOHO network with
only a few computers, consider disabling
DHCP (Dynamic Host Configuration
Protocol) on your router and assigning IP
addresses to your client computers
manually. On newer wireless routers, you
can even restrict access to the router to
specific MAC addresses.
5. Replace WEP with WPA WEP (Wired
Equivalent Privacy) is a security protocol
that was designed to provide a wireless
computer network with a level of security
and privacy comparable to what is usually
expected of a wired computer network.
WEP seeks to establish security by
encrypting data transmitted over the
wireless computer network. Data
encryption protects the vulnerable
wireless link between clients and access
points. Once this measure has been taken,
other typical wire computer network
security mechanisms such as password
protection, end-to-end encryption, virtual
private networks (VPN's), and
authentication can be put in place to
ensure privacy. Unfortunately, WEP is a
very weak form of security that uses
common 60 or 108 bit key shared among
all of the devices on the network to
encrypt the wireless data. Hackers can
access tools freely available on the
Internet that can crack a WEP key in as
little as 15 minutes. Once the WEP key is
cracked, the network traffic instantly
turns into clear text – making it easy for
the hacker to treat the network like any
open network. WPA (Wi-Fi Protected
Access) is a powerful, standards-based,
interoperable security technology for
wireless computer networks. It provides
strong data protection by using 128-bit
encryption keys and dynamic session
keys to ensure a wireless computer
network's privacy and security. Many
cryptographers are confident that WPA
addresses all the known attacks on WEP.
It also adds strong user authentication,
which was absent in WEP
No comments:
Post a Comment