Hester PC

We have all heard about the stories of spammers using open home wireless networks to fill the net with junk mail. Better yet the neighbor who doesn’t want to pay for their own internet. Even worse, having your internet shut off or becoming sued for downloading illegally items. Here are some tips to keep your internet more secure.

1. Change the ESSID (Network ID)

Changing the ESSID from the factory default limits the intruder from guessing what model of cable/dsl router or access point you are using. If your wireless says “Linksys” your a easy target.

2. Change the Default User and Password for the Settings

Please follow this. If your “Linksys” network is still using the password out of the box you’re not safe. It’s not a random password. They all use the same setup no matter when you bought the device. Someone could potentionally hijack your connection. Thus, separating you from your own paid internet. I have actually heard of a story first hand of this happening in my small town.

3. Use a STRONG Passphrase, Not a password

Passwords are most commonly names of pets, children, spouses, or even important dates. Most of these passwords can easily be guessed or researched. Also most names and words are used in “war dialer” style programs. These programs randomly pick a name or word to try to guess your password. Use a passphrase instead. Make sure you include capitals, numbers, and even a special character such as “!”. One example is Is0metim3sliket0digg! You can tell this passphrase is complex but broken apart can be understood.

4. Use Encryption

Use some form of encryption. Windows XP supports encryption, however non-standard it may be. (Not the common 64 or 128 bit) Encryption scrambles your information using a key. This key is only know by your pc and your wireless connectivity device. This makes it harder for someone to randomly sniff your information out of the air like credit card numbers when shopping.

5. Use WEP or Some Stronger Authentication

Using WEP uses a Passphrase to allow your computer to use the connection. Those who do not have the passphrase can not. We recommend using something other than WEP as this is easily hacked. If you know how to set up a complex EAP or CHAP configuration feel free. However WEP is more secure with encryption than nothing at all.

6. Turn off Network ID (ESSID) Broadcasting

If your wireless device is capable this helps tremendously. Wireless is harder to detect when this broadcasting is turned off. With this off your wireless will not be listed by many stumbler programs. Many people would assume there is no wireless within the area and move on. This also makes it more difficult to setup and connect even your own computers to the network.

7. Do a Site Survey

It might sound funny. Load a laptop up and run around the house, even outside to measure the signal. Why? Once you have this done you know the strongest and weakest signal points. Move the wireless device closer to the middle of the home. This keeps all computers with a good strong signal while keeping the signal outside at the street to a minimum. If the signal is too low the most anyone could do is see your network in existence.

8. Use MAC filtering

No, not the Mac built by Apple. MAC is Media Access Control. Each network card and device has a MAC address. This is like an id badge for your computer. If your computer is on the list, your in. If not, the wireless bouncer gets to keep you out in the cold.

9. Disable DHCP (Dynamic Host Configuration Protocol)

What the heck is DHCP? Sounds like a county police force. Really this is what sets the IP (Internet Protocol) Address to your computer. Like the MAC address, this identifies your computer. As the name implies, this is your id that your network and internet itself uses. Think of it having a first name and last name for the computer. For some the last name changes quite often depending on which network it is married to. Anyway, if this is turned off your computer can not get it’s new ip address or last name in this case. You will have to manually assign the last name to all the computers. The only problem, you MUST have unique ip addresses for each computer within the right range. Not easily done by all.

10. Use common sense

Do you think your going to be secure giving your wireless passphrase and settings to your neighbors? Just to show them how fast your new cable internet is going? No! It defies the whole point to security. You might as well leave the settings as open for all. Please don’t do this. Use common sense. If you still feel like someone is going to get into your computer? Go wired. Spend the money on cable instead of the wireless. It might be cheaper in the end. Especially if your using wireless for a distance of less than 3 feet to the cable/dsl modem.

Technorati Tags: Networking, Online Safety, Security, Tips