How NOT to Secure Your Wireless Network

Page content

Use the Factory Default Settings

Assuming that your access point manufacturer has your “back” should not inspire confidence in you. You need to take responsibility for your purchase and learn how to change some of the defaults. Make sure you change the default Service Set Identifier (SSID) and administration password. Wireless access points are easy enough to hack in when not secured properly – leaving the access point set to the manufacturer defaults is not a good idea. Don’t forget to use a complex password consisting of upper and lower case characters, numbers and symbols.

Set up Your Wireless Access Point as an Ad Hoc Network

Setting up your access point to operate as an Ad Hoc network isn’t a good idea. This is like having a block party where you provide the drinks and food and let loose. Don’t set your access point to operate as an ad hoc network. This means anyone within range of your wireless network can connect without authenticating and can end up using your bandwidth for whatever they want – potentially putting you at risk if they decide to do something nefarious.

Protect Your Network with WEP

Although WEP does offer wireless encryption and it’s better than using an ad hoc network or using system defaults, it’s well known that the protocol can be cracked within minutes using easily found tools on the internet. Most devices made within the last few years will support better methods of encryption – WPA or the much more secure WPA2. Don’t use WEP unless you have no other options… even then, it’s probably a better idea to just plunk down some cash and get an upgrade.

Use a Weak Encryption Key with WPA or WPA2

It’s good you’re using a better encryption method than WEP, but you chose a weak encryption key. Just because the encryption is better doesn’t mean the key can’t be cracked…. Always use strong passwords and keys – at least eight characters while including upper case, lower case, numbers and symbols.

As an example, a six character password using upper and lower case and numbers can be cracked by brute force within about ten minutes using a normal modern computer. By comparison, an eight character password using the same criteria and computer would take approximately twenty-five days. Toss in symbols and an eight character password will be pretty tough to crack in a reasonable amount of time.

Read more about picking the right password in this article.

Use MAC Filtering

First off, MAC filtering takes time to set up. You need to jot down a twelve character address for each PC on your network and enter these codes into the access point. Sounds like fun. The bad news is that it’s extremely easy to sniff MAC addresses that are authenticated to an access point and then spoof your MAC address to connect. MAC filtering offers very little security. Don’t waste your time and don’t get fooled into thinking this will increase your security.

Disable SSID Broadcasting

The Service Set Identifier (SSID) is your network’s name and broadcasting it enables people to find and connect to it. In theory, that includes the bad guys and, consequently, it’s often recommended that SSID broadcasting be disabled. But it’s a bad idea. Not only will disabling the broadcast make life more difficult for the people you want to be able to connect to your network, it may also decrease your security. Read our article Why You Shouldn’t Disable Your SSID Broadcast to find out why.

Having a Secure Wireless Access Point Equates to Having A Secure Network

Just because you followed good security practices when you set up your wireless network, you can’t relax and neglect securing your computer(s). Every component of your network should be properly secured – your home router, access point, printers and especially any computers you have. At the very least,

  • Make sure passwords are complex (upper, lower characters, numbers, symbols, 8 characters or longer)
  • Firewalls are installed and enabled
  • Security software such as AntiVirus and AntiMalware are installed
  • Be sure all of your devices have the latest security updates applied from the manufacturer

See our article How to Secure Your Wireless Network for more advice.

Be sure to check out Top 3 Free Spam Filters for Windows, The Top Five Free Wireless Security Tools, The Top 5 Free Network Monitoring Tools, The Top 5 Free Port Scanners, The Top 5 Free Penetration Testing Tools and Top Ten Free Security Tests.