| Wireless networks, often abbreviated to | | | | and WEP. Each method can only be used if all |
| "Wi-Fi", allow PCs, laptops and other devices | | | | the equipment on the network has the |
| to "talk" to each other using a short-range | | | | capability. As WPA2 is the most recent method |
| radio signal. However, to make a secure | | | | of encryption, unless you have recently |
| wireless network you will have to make some | | | | obtained the latest PCs, laptops & network |
| changes to the way it works once it's | | | | device you probably will not be able to use |
| switched on. | | | | it. WPA-PSK is the next best and is available |
| | | | on most hardware. If you are using older |
| The signal of any short-range radio | | | | access points and network cards, you may find |
| transmission can be picked up by any device | | | | that you can only use WEP. Each method |
| in range that is tuned to the same frequency. | | | | requires a "key" (a word or phrase used to |
| This means that anyone with a wireless PC or | | | | make the encryption work). Make sure you use |
| laptop in range of your wireless network may | | | | a word or phrase that would not be easily |
| be able to connect to it unless you take | | | | guessed. For example, don't use your address |
| precautions. | | | | as the key. |
| | | | |
| If this happens then your network and PC are | | | | 2. Set up your network infrastructure as |
| vulnerable to any or all of the following: | | | | "access point" and not "ad-hoc" or "peer to |
| | | | peer". These last two (ad-hoc and |
| Freeloaders - Most wireless networks are used | | | | peer-to-peer) mean that network devices such |
| to share a broadband Internet connection. A | | | | as PCs and laptops can connect directly with |
| "Freeloader" may connect to your network and | | | | each other without going through an access |
| use your broadband connection without your | | | | point. You have more control over how devices |
| knowledge or permission. This could have an | | | | connect if you set the infrastructure to |
| impact on your own use. You may notice your | | | | "access point" and so will make for a more |
| connection slows down as it shares the | | | | secure wireless network. |
| availability of the Internet with more users. | | | | |
| Many home Internet services have limits to | | | | 3. choose an obscure name for the network - |
| the amount of data you can download per month | | | | This important tip to having a secure |
| - a "Freeloader" could exceed this limit and | | | | wireless network is probably not used by |
| you find your Internet bill charged for the | | | | about 99% of home users. The technical term |
| extra amounts of data. More seriously, a | | | | for the name of the wireless network is |
| "Freeloader" may use your Internet connection | | | | "SSID". The default SSID is usually the name |
| for some nuisance or illegal activity. The | | | | and model of the wireless router or Internet |
| Police may trace the Internet connection used | | | | provider e.g. NetgearDG834G or Sky9091. If |
| for such activity it would lead them straight | | | | you leave the SSID like this it makes hacking |
| back to you. | | | | very easy so change the SSID as soon as you |
| | | | set up your network. Don't use your address, |
| Eavesdropping - As information is transmitted | | | | house name or family name these are too easy |
| an "eavesdropper" may connect to your | | | | to guess. |
| wireless network and view all the information | | | | |
| as it passes by. This is entirely | | | | 4. Switch off the SSID broadcast. This tip |
| undetectable by the user as the | | | | goes hand in hand with No3 in creating a |
| "Eavesdropper" is only listening not | | | | secure wireless network. This means that |
| transmitting. Such sensitive information as | | | | anyone wishing to connect to your wireless |
| bank account details, credit card numbers, | | | | network must know its SSID i.e. the name of |
| usernames and passwords may be recorded. | | | | the network. |
| | | | |
| Hacking - Even when the security features of | | | | 5. Change the name and password of the |
| a wireless network have been switched on | | | | administration user for the wireless router |
| unless these features are set-up correctly | | | | but don't forget to make a note of what you |
| then anyone in range can hack in to the | | | | change it to. A secure wireless network will |
| network. All home wireless network routers | | | | have an admin user ID that is difficult to |
| have a standard username and password for the | | | | guess and a strong password that uses letter |
| administration of the network. All a hacker | | | | and numbers. |
| has to do is go through the list of standard | | | | |
| usernames and passwords until he gains | | | | 6. Unplug the wireless router whenever you |
| access. A hacker may then use your network | | | | are going to be away from home (or the |
| for any of the above or gain access to your | | | | office). It's also a good idea to set the |
| PC - your firewall may not prevent him | | | | time that the network can be used if the |
| because, as he is connected to your network, | | | | device allows it. For example, in an office |
| he is within the trusted zone. | | | | you may not want to unplug the wireless |
| | | | router at the end of every day so you could |
| Most wireless network equipment, when it | | | | set it to only allow connections between the |
| comes out of the box, is not protected | | | | hours of 7:30 AM and 7:30 PM. |
| against these threats by default. This means | | | | |
| you have to configure the network yourself to | | | | 7. Use MAC filtering If your wireless router |
| make it a secure wireless network. | | | | or access point allows it, MAC filtering |
| | | | easily adds one more layer to make your |
| How to secure a wireless network | | | | wireless network secure. Every network card |
| | | | (the device installed in PCs and laptops that |
| Although all wireless equipment marked as | | | | connect it to a network) has its own unique |
| 802.11 will have standard features such as | | | | code, called a "MAC address". In Windows XP |
| encryption and access control each | | | | you can see the MAC address by right-clicking |
| manufacturer has a different way it is | | | | on the network connection, choose "status" |
| controlled or accessed. This means that the | | | | and then the "support" tab. In the support |
| advice that follows may seem a bit technical | | | | window click on "details". The code labeled |
| because we can only tell you what you have to | | | | "physical address" is the MAC code for that |
| do not how to do it. You should read the | | | | network connection device. Make sure it's the |
| manual or help files that came with your | | | | wireless network connection you select as the |
| equipment in order to see how to make a | | | | LAN connection will have a different MAC |
| secure wireless network. | | | | address. Most wireless routers or access |
| | | | points allow you to list the MAC codes that |
| 1. Use encryption. This is the bedrock of any | | | | you wish to use the network. This means that |
| secure wireless network and means that the | | | | you must grant permission to any PC or laptop |
| data that passes over the wireless can only | | | | that wants to connect to the network. |
| be decoded with the correct system of | | | | |
| encryption and the correct password. | | | | If you can put all seven of these tips in |
| Currently there are three methods of | | | | operation you will have a very secure |
| encryption for wireless networks usually | | | | wireless network. |
| referred to by their acronyms: WPA2, WPA-PSK | | | | |