How to secure your wireless network
Most of the wireless access points and routers these days don't come with security turned on by default. If your wireless network is not secured in some way then someone can connect to your network and use it to do anything from sending spam to downloading files over the internet. It's even possible to steal your ISP username and password if your router is set to the default settings, which can allow someone to access your email.
Every manufacturer has different methods to do the following, for more information please consult your user manual.
Change the admin password and turn off remote management
Your wireless router's default password should be changed immediately. Even with remote management disabled anyone who approaches your wireless LAN with a wireless card is "behind" your firewall, not in front of it. So, if you have a Linksys router and the password is still 'admin,' someone sitting in China can't get to it from the Internet, but they certainly can from your back yard or the room next door. And once they do that, they can edit the settings on your router and even steal your ISP username and password (on some routers). Change the password, and turn off remote management (which will only prevent people managing your router from the Internet).
Change the default SSID
Wireless access points and routers all use a network name called the SSID. Manufacturers normally ship their products with a default SSID set. For example, the SSID for Linksys devices is normally "linksys." By having a default SSID it shows the world that your network is probably not well configured and they're more likely to attack it. Change the SSID to "Jones Family Network" or something more abstract that has no meaning to anyone, but something you can remember.
It is also possible to disable SSID which makes it harder for your average computer user to connect to your network, but will not stop any hackers. There may also be some effect on wireless network performance if your SSID is hidden (see "Debunking the Myth of SSID Hiding" - icsalabs.com).
- Wireless forums
For help on how to secure your wireless network
- Wikipedia: Wireless Security
In depth article on wireless security, including different wireless attacks.
- Slashdot: A Look at the State of Wireless Security
A whitepaper on the state and future of wireless security.
Enable WPA encryption
If your access point or router supports it, it's a good idea to enable WPA on your network. This encrypts any data sent across your network from your laptop/PC to your access point/router. This stops wireless hackers (sometimes referred to as War Drivers) or anyone else from connecting to your network without a password.
The best setting for most people is to use the WPA Pre-Shared Key setting (wording may differ). Enter a password that is at least 10 characters long using numbers, letters and symbols. It's a good idea to write this password down somewhere, but if you lose the password then it can be reset by connecting to the router by USB or ethernet (depending on model).
Older network devices may not support WPA and may have WEP in place of it. WEP has been depreciated as it has been deemed to be insecure and does not protect as well as WPA.
A MAC (Media Access Control) addressis a quasi-unique identifier attached to most network adapters (network cards, routers etc). This allows network adapters to be identified by networking equipment. By turning on MAC filtering on your router you can stop unknown people from connecting to your network.
This is not always fool proof as MAC addresses can be "spoofed" by attackers. It's also a hassle to setup as you need to add each computer to the filter list. There's also a good chance that you can lock yourself out of your own network if you enter your own MAC address incorrectly!
Reduce your WLAN transmitter power
If you're using your wireless network in a small area you probably don't need to be blasting your network into surrounding buildings and the street. On some wireless routers there is the option to lower the transmitting power used by the wireless networking device. This may be something you have to play with if you decide to use it as there's no way of knowing how which power level to set for your situation.
Enable firewalls on all computers
Treat all wireless networks as insecure, much as you would the internet. This will help stop malicious users from accessing your computer if they do manage to connect to your network.
If you are connecting to a public wireless network try to avoid using services that send your username and password in plain sight (clear text) such as FTP, POP3, SMTP and IMAP. Other uses can snoop on the network traffic and steal your passwords.