Internet Safety: Securing Your Wireless (Wi-Fi) Network

Source

Wireless ADSL is one of the alternatives out there for people who can't get a fixed line installed for whatever reason. It's also cheaper in general because there's less in the way of installation costs, and generally the monthly fees paid over to your ISP are less as well. It's better in some ways than 3G, because in my experience you'll be hard pressed to find a suitable uncapped 3G option (you might find one but it'll more than likely have a ridiculous fair use limit with throttled speeds thereafter), whereas that task is easy with Wireless ADSL. And of course it's more convenient because like 3G, it allows for mobility, unlike a fixed line.

But using a wireless network does pose security risks, and isn't as secure as 3G or a fixed line. If left unsecured, someone can easily piggyback off of your network, and from there steal your bandwidth (making tasks like loading pages, viewing videos, downloading, etc. take longer), run up your monthly bill, and worst of all, monitor traffic on your network, sniff passwords that you enter on websites, and even hack in to devices on the network and steal sensitive information. They could even use your connection to do illegal things, and you would more than likely end up in trouble for it!

This article will attempt to cover most of the things you can do to make sure that your wireless network is as safe to use a possible.

Change the router password

Routers come with default passwords, which should be changed as soon as possible. The default passwords for every manufacturer can easily be found in a public database.

Source

Enable network encryption

You should enable encryption on your network. WPA2 (Wi-Fi Protected Access) is the standard nowadays and has been for some years. You’ll also have an opportunity to set a password for your network here.

Make sure to use a strong password for both your router and network. Make a long password comprised of numbers, letters (lower and uppercase) and special symbols or punctuation marks if supported. Never use personal details as a password. Using a weak password will mean that the encryption can be easily cracked. See here for more on creating strong passwords.

Source

Disable the SSID broadcast

There are different thoughts on this. Some recommend that you disable the SSID (Service Set Identifier) broadcast as it will mean if a casual user scans for your network, he or she won’t find it. But others suggest that determined hackers can still pick it up with tools that they use, so there’s no real point in disabling it.

Others say that by changing the name you at least stop others from inadvertently or accidentally connecting to your network, and that by changing the SSID name, you’ve at least shown to those who might try to intentionally hack into a network that you aren’t a complete novice – they’re going not going to waste as much time with someone who has properly secured their network, instead opting to target those who haven’t a clue as to what’s going on, as it will be easier for them.

It's recommended that you don't use personal details in your SSID name.

MAC filtering

Every device has a MAC address. You can find it out by entering "ipconfig /all" in your command prompt if using Windows, and from there you can add that MAC address to a list of accepted or approved devices that can connect to your network.

MAC addresses can be spoofed however, if the hacker finds out what it is, and he/she can simply change the MAC address of the device they intend to use to piggyback on your network. This is why you should check your list of MAC addresses periodically to see that all is in order.

IP address restriction

You might be able to limit the number of IP addresses assigned by your router, so even if someone comes along and they know or managed to guess/crack the password for your network, they wouldn’t be able to connect because the router has been instructed to only provide as many IP addresses as there are devices in your home that can connect to the network.

Source

Limit the signal

You can try to put the router in various places, like under the bed, in order to limit the signal. The ultimate goal would be to restrict the signal to your house only. If not, that signal can reach as far as 100 metres, which could mean all the way down the block in your neighbourhood.

One can also try to place tin foil on the antennae of the router to restrict the signal.

The signal can be reduced to 802.11g instead of 802.11n or 802.11b.

Anti Wi-Fi paint can be used to stop Wi-Fi signals from leaving the house, and to stop Wi-Fi signals from getting in too.

Disable remote login

Most routers have this option disabled by default. You should make absolutely sure that it is when you first start using it, and then every now and again as well.

Router worms can force their way in if this option is enabled, particularly if the username is known -- then it isn't hard to crack the password. If you must use remote login, only do so temporarily and then when you're done, turn it off again. Don't leave it enabled permanently.

Disable wireless administrating

If someone were to guess/crack the router password, they could easily change all of the security settings that you’ve implemented, so you want to try and limit who has access to these settings, and you can do by disabling wireless administrating, which means you’ll have to use a LAN cable.

Disable 'File and Printer Sharing'

This can be useful when you have devices on the same network, and you want to share information between them the easily. But hackers can exploit this so it is better to turn it off, especially when using a public Wi-Fi hotspot.

You should also make sure that specific settings on your PC/laptop are disabled, and that you keep all software updated.
You should also make sure that specific settings on your PC/laptop are disabled, and that you keep all software updated. | Source

Disable laptop adapter when not using network

You can elect to disconnect from the network when not using it. This will prevent your computer from connecting to another network without your knowledge, and in the event that someone does piggyback on the wireless network in your home, your device won’t be connected to it, so it limits the damage that can be done to you personally.

Switch off router when not using network

You should ideally switch off your router when not using it, as this means that nobody will be able to pick up any signal, and you save on electricity.

Encrypt private folders and files

You should come up with passwords for your folders and files, so even if someone were to piggyback on your network after cracking the network password, and hack in to your device, you can restrict what they are able to access on your device. This is especially necessary when using public Wi-Fi spots.

If you want to be extra careful, then back up the files to a flash drive or external hard-drive. If you don't want to carry these extra items around with you when traveling, then you might consider a cloud storage service.

HTTPS provides authentication of a website and prevents eavesdropping.
HTTPS provides authentication of a website and prevents eavesdropping. | Source

Use HTTPS

You should always use HTTPS. This is especially true when doing anything important online, like email or banking.

You can even get addons for your browser that force HTTPS. If a website doesn’t use it for whatever reason, then reconsider using it. I’ve seen email services that don’t use HTTPS and I would be reluctant to use them at all. Gmail not only allows you to sign in with a secure connection, but gives you the option to encrypt all communications within that account.

Using a VPN creates a secure tunnel for traffic to pass through.
Using a VPN creates a secure tunnel for traffic to pass through. | Source

Use a VPN

Using a VPN (virtual private network) is recommended for using public Wi-Fi spots or otherwise unsecured wireless networks.

Beware of using free solutions. Rather opt for a paid one, seeing as the free ones have no transparent means of monetization, so one must assume that they might well use the information that is passing through the encrypted tunnel they provide for nefarious purposes.

Upgrade router firmware

Periodically check to see that your router's firmware is up to date. You can do this by comparing the firmware version displayed from the router's dashboard to the version on the manufacturer's website.

Update all your software regularly

Keep Microsoft Windows up to date, and all of your software you have on your device to prevent malware injection, which could lead to sensitive information being stolen later on. This includes your software firewall and anti-virus software. Don’t forget to do regular scans!

Which of these is most important in securing a wireless network?

  • Change the router password
  • Use encryption and set a network password
  • Disable SSID broadcast
  • Change SSID name
  • MAC filtering
  • IP address restriction
  • Limit the signal
  • Disable remote login
  • Disable wireless administrating
  • Disable 'File and Printer Sharing'
  • Disable laptop adapter when not using network
  • Switch off router when not using network
  • Encrypt private folders and files
  • Use HTTPS
  • Use a VPN
  • Update all software regularly
  • Upgrade router firmware
  • All of the above!
See results without voting

© 2015 Anti-Valentine

More by this Author


4 comments

Jacobb9205 profile image

Jacobb9205 13 months ago from Gloucestershire

Thank you for the advice! Much appreciated!


Aliur 18 months ago

Great advice. :)


Patkay profile image

Patkay 18 months ago from Nairobi, Kenya

Thanks for sharing these important tips of securing a wireless network. I am sure they will help many.


advicequeen1 profile image

advicequeen1 19 months ago from EASTCOAST

good advice badly needed

    Sign in or sign up and post using a HubPages Network account.

    0 of 8192 characters used
    Post Comment

    No HTML is allowed in comments, but URLs will be hyperlinked. Comments are not for promoting your articles or other sites.


    Click to Rate This Article
    working