Saturday, May 2, 2015

How do I secure my home network?

It's easy to lock a deadbolt on your front door when you leave for the day, but how do you know if your home network is secured?

At home, most of us use a modem and a line from an Internet Service Provider (ISP) to connect to the Internet. Whether we use a cable modem (i.e., we subscribe to Comcast), a DSL line (via phone) or, more rarely, a satellite link, this modem provides our primary link to the Internet.

Typically, we configure our various computing devices within the home to connect to the modem wirelessly. For those intermediary connections, like laptops, smart phones, iPads, TVs, ROKUs, etc., we connect a wireless ("Wi-Fi") router to the modem. Sometimes the wireless adapter component is built into the modem.

Because your Wi-Fi network is available to any other human holding a device within range that can 'see' your home network, you need to secure it.

The three most common mistakes made that leave your Wi-Fi vulnerable to attack are:
  1. Not changing the default Wi-Fi network name, also known as the Service Set Identifier (SSID), and not disabling broadcasting the SSID. If you don't do the latter, your neighbors and anyone driving down the street can see your network name on their wireless computing device. Anyone who can see the network name can attempt to connect to it. Change the default name so the bad guys can't guess your SSID based on that router box that you put out in the recycle bin at your curb.
  2. Not changing the default administrator user name and password that is pre-set on the router. Typically, this is configured by the manufacturer to be admin/admin and is accessible through an interface that you use to configure your router settings called the administrator console.
  3. Not using strong encryption to secure the data transmitted over your wireless network. Too many unsuspecting users are still using the weakest protocol of all, WEP, instead of one of the stronger encryption protocols like WPA/WPA2. There is a huge difference in security between WEP and WPA encryption algorithms.
Those are the fundamentals. Even if you change just those configuration settings on your wireless router, you're way ahead of the bad guys who are trying to hack into your home wireless network.

How do you configure these three things on your router, and implement more security features? It's really quite simple. Using any web browser on your desktop, simply perform a web search (e.g., via Google) on your router manufacture name and model. A simple query on www.Google.com, for example, might be "secure LinkSys router," if you own a wireless router made by LinkSys. Better yet, search the model number: "secure linksys wrt54g," for example. 

Or, visit the manufacturer's web site and download the manual associated with your particular model. A quick Google search will get you to the manufacturer's web site (e.g., http://www.linksys.com/us/).

The user manual describes how to connect to your router directly, log in as the administrator, disable SSID broadcasting, enable strong encryption, and change the administrator login credentials (the administrator login name and password). A savvy user will not only change the default administrator password to a strong password, but will take it one step further and also change the administrator login ID from "admin" to something completely innocuous. (Don't use your own name!)

Stay tuned for more tips on Wi-Fi security. 

No comments:

Post a Comment