Computer Security: Wireless Networks

Wireless networks dramatically increase the versatility and usefulness of computers. I have one at home that allows four computers to share two printers and a high-speed internet connection. It works great! The technology has made them so inexpensive and easy to set up that almost anyone can do it – even those who may be completely unaware of the security risks. And that is the problem.

For example, I can access three different wireless networks from the living room of a relative’s house. Only one of those networks belongs to him. The other two belong to neighbors who do not understand the first thing about network security.

The range of a wireless network can easily extend from your house well into the houses of those living nearby. Anyone within range of your unsecured wireless network could easily use it to access the internet, which makes your network run more slowly. But, that is insignificant compared to what else he could do. With just a little time and effort, a knowledgeable person could even monitor every web page you visit, read everything you print on a networked printer, access the files on your unprotected computers, and even record every credit card number you use to make an on-line purchase.

Home Wireless Networks

Network security is an oxymoron. No network can be completely secure. If your data is interesting or valuable enough, someone will eventually find a weakness and exploit it. Fortunately, most of us are not worth that kind of concentrated effort and we can easily reduce our risk to an acceptable level, simply by using the built-in features that come with modern networking hardware.

The default settings for most home networking equipment create an open, i.e. not secure, network. I hope you are convinced by now that it is worth the effort to change the security settings on your equipment. I cannot list the details of how to do that on every possible system, but there are three things you can easily do by reading the manual and following its instructions.

FIRST: Change the SSID (Service Set IDentifier) or ESSID (Extended SSID). This is the name of your network. Then disable the SSID or ESSID broadcast. When you broadcast your SSID, any computer with a wireless network card knows there is a network nearby. If that notification is disabled, most people will not even be aware that you have one. It is important to change the name, because some people have equipment that will detect your network anyway. If they do, you want to keep the specifics about it as secret as possible. They will know what equipment you are using by the manufacturer’s default SSID, and this makes it easier for them to access your network. Use a network name that does not make your network appear interesting and will not identify you as the owner. “Home” or “Network” may be good choices.

SECOND: Change the default administrator password. If your network is detected, and the equipment is correctly identified, the default password will give an intruder complete access to your system. Make it hard for someone to guess.

THIRD: Turn on your encryption protocol. This will keep most people out of your network. There are methods of cracking encryption codes, but they usually require at least a few hours to accomplish. There are two types of encryption in common use. One is WEP (Wired Equivalency Privacy), which is found on older networking equipment. The newer one is WPA (Wi-fi Protected Access), which is much more secure. Use WPA if possible.

Public Wireless Networks

These are often found in hotels, truck stops, coffee bars, etc. By their very nature these are not secure networks. Anything you do on a public network can be monitored. Use them only for casual surfing. Never conduct any financial transactions or access confidential email messages on these networks. And, finally, make sure your computer has firewall software installed and turned on.