|
Update The Firmware And Drivers
Just as you need to update your operating system and
programs you also need to up date your access point and
your network adapter to deal with security
vulnerabilities.
Updated firmware and drivers often includes security bug
fixes and sometimes adds new security features.
Change The Default Administrator Password
To improve the security of your wireless network, you
should change the administrative password on your wireless
access point as soon as possible.
The default passwords for popular models of
wireless network devices are well known to hackers and
often posted on the Internet.
Enable Encryption
Encryption is used to improve the security of the
wireless connection by encrypting the data and also
authenticating the client.
The different types of encryption are WEP (Wired
Equivalent Privacy), WPA (Wi-Fi Protected Access), and
WPA2.The best type of encryption is WPA2 followed by WPA
then WEP. The best key length is 256 followed by 128 then
64.
Change The Default SSID
To improve the security of your wireless network,
change the SSID (Service Set Identifier) to a different
name than the default.
Changing the SSID will not prevent someone from hacking
your network but when a hacker finds a default SSID, they
see it as a poorly configured network and are much more
likely to attack it.
The SSID is a sequence of case sensitive alphanumeric
characters (letters or numbers) having a maximum length of
32 characters.
Disable SSID Broadcast (Beacon)
In wireless networking, the access point typically
broadcasts the SSID over the air at regular intervals.
Once your wireless clients have manually configured a
profile for the access point you should disable SSID
broadcast.
Disabling SSID broadcasts decreases the likelihood that a
hacker will try to log in to your network, as more likely
the hacker will bypass your network seeking easier targets
elsewhere.
Enable MAC Address Filtering
Every network adapter possesses a unique identifier
called the Physical Address or MAC Address.
To set up MAC address filtering, you as the
network administrator must configure a list of clients
(based on the MAC Address) that will be allowed to connect
to your network.
Once enabled, whenever the access point receives a request
to connect to your network, it compares the MAC address of
that client against the administrator's list. Clients on
the list are able to connect to the network as normal;
clients not on the list are denied any access to the
network.
Enable IP Address Filtering
Some access points allow you to filter IP addresses
the same way as in MAC filtering.
Clients on the list are able to connect to the network as
normal; clients not on the list are denied any access to
the network.
Disable DHCP
DHCP automatically assigns all clients (Including
hackers) on the network an IP address. Disabling DHCP
makes it harder for hackers to access your network.
When you disable DHCP on your access point you need to
configure all your clients with static IP addresses.
Replacing The Access Point Antenna
An access point normally contains an omni directional
antenna that radiates signal equally well in all
directions.
Omni directional antennas are more likely to bleed signal
outside the house into neighboring areas where the signal
can be accessed by hackers.
Directional antennas allows the signal to be aimed towards
the area of the house where wireless devices are located
reducing the chances that a hacker might pick up the
signal. If possible lower the transmit power on the access
point.
Disable File And Printer Sharing
If you must share files or folders do not share the
entire hard drive but only share what you need to share
and password protect everything with strong passwords.
Use NetBEUI as the protocol for file and Printer sharing.
Turn Off The Access Point When Not In Use
The best security measure, shutting down the access
point will prevent hackers from accessing your wireless
network
|
