Securing a Linksys Network

The market for wireless networks continues to experience substantial growth as access to broadband service expands and the technology itself becomes less intimidating. Wireless components are widely available, relatively uncomplicated and affordable.

The heart of a wireless network is the router. This device allows multiple remote computers equipped with 802.11 wireless adapters to connect to the internet simultaneously and provides freedom and flexibility to move within the signal area without disrupting the service.

Linksys is a division of Cisco Systems and is an industry leader in the development of home and office networking solutions. Linksys offers a wide array of networking products including a variety of routers, adapters, modems, range expanders, bridges, networking software, and other accessories.

The actual installation of a Linksys home or office wireless network is relatively straight forward. Once the actual hard wired cabling between the router and the modem is installed, remote computers with an 802.11 adapter will recognize the network and offer a point

and click option for connection.

Unfortunately many home and small office administrators neglect a critical aspect of the process in failing to secure the network from a potential unwanted intrusion. The consequence of ignoring implementation of these critical security measures can often be severe.

An unsecured network is essentially an open invitation for bandwidth thieves and serious computer criminals. Without protection, the network will be detected by anyone with a wi-fi capable computer within the signal range. Connection is only a matter of a few mouse clicks, and the intruder can share the same network with the computers in the home or office.

In its most innocuous form, these broadband burglars simply tap into available connections to use the Internet without having to pay for it. There is no direct damage suffered by the network except for the possibility of degraded download speeds as well as additional bandwidth usage charges if the service is metered.

However, there are far more serious possible consequences for the unsuspecting unsecured network administrator who experiences a sophisticated malicious attack. Adept technophiles or “hackers” as they are sometimes called, can disrupt an operating system, download illegal material, plant viruses, and steal bank account or credit card information, all hidden behind the IP address of the victim.

Criminal activity will be traced back from the Internet Service Provider to the individual account holder. Depending on the severity of the cyber crime, the innocent victim can potentially find themselves spending significant time and resources restoring their computer system, finances, identity, and good name.

Having established that network security is an absolute necessity, it is important to recognize that software based firewalls on individual computers will only protect that specific computer and not the network itself. To secure the entire structure of the network from unwanted intrusion, security measures must be employed from within the router.

The two primary methods of securing a Linksys router are through the Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) protocols. Although it is somewhat less complicated to install for the novice user, WEP is a far less secure method of protecting wireless networks than the more recent WPA.

A combination of improving computer speeds along with software technology has made WEP’s use of a single encryption key relatively easy to unlock. WPA encoded systems employ unique and constantly changing encryption keys for every computer logged into the network, and therefore make it far more difficult to compromise. All current Linksys routers support WPA.

The most relevant question is “How do I make my unsecured Linksys secure?” The specific steps for securing a Linksys router differ

from model to model, but generally follow these guidelines.

1) Access the router through the internet browser. Enter the following in the address window and hit enter: http://192.168.1.1

2) Enter a user ID and password. If this hasn’t been modified, the default password is “admin”

3) Click on the “Wireless” Tab and then the “Wireless Security Tab” just below in the second row

4) In the Security Mode box, select WPA2 Personal. If there are additional boxes for selecting WPA2 and disabling other encryption methods, do so. WPA2 is the most recent and secure version of WPA.

5) Enter a unique and substantially long Personal Key using an unpredictable combination of numbers, letters and characters. Make certain you write this key down and store it in a secure area.

6) Select AES for Encryption Algorithms

7) Click on the Save Settings button

8) For each remote computer, right click on the internet access icon in the taskbar. Highlight the desired internet connection and right click. Then click on the properties option and then the security tab after the dialogue box opens. Select WPA2, AES and enter the network security key. This should result in connection to the network and then the internet.

If ultimately any of the remote connections fail, try changing the encryption algorithms to TKIP in the router security settings and in the network dialogue box on all of the remote computers. There have been isolated claims of connection issues with AES, specifically with Windows Vista.

If securing the system with WPA proves difficult or impossible, employing WEP as an alternative involves almost identical steps and is compatible with virtually any wireless router and 802.11 access card. When implementing WEP, select the 128 bit, 26 hex digit option and create a key using a unique alpha numeric combination. It is important to remember that although WEP is vastly superior to an unsecured network, it should only be used if WPA is unavailable.

There are additional measures that can be employed in a comprehensive network security approach. In particular, changing the password under the “Administration” tab is also recommended. However, the fundamental question of how I make my unsecured Linksys secure, always starts with the implementation of either WPA or WEP.

Bright Hub offers a number of informative articles on network security including the following:

http://www.brighthub.com/computing/smb-security/articles/1204.aspx

http://www.brighthub.com/computing/smb-security/articles/24417.aspx

http://www.brighthub.com/computing/enterprise-security/articles/61557.aspx

http://www.brighthub.com/computing/enterprise-security/articles/61557.aspx