In my last column, I looked at how Wi-Fi works and how to encrypt your transmissions to reduce the possibilities of unauthorized access to your network.
Now, let’s consider a few more steps you can take to lock down your wireless network.
Considering how easy it was to encrypt your traffic, you should consider arranging your wireless access point or router so that someone else won’t find it that easy to copy your encryption key.
You should configure your WAP or router so that the administrative password is changed.
This is important, since most companies use a default password for the administrative functions when they package their products for sale.
For example, D-Link brand routers use “default” as the password, while Linksys brand routers simply use “Linksys” as the default.
It is relatively easy to use these on a Wi-Fi network to take complete control where the original password has not been changed. Check the manual that came with your WAP or router for the steps to do this.
Another consideration is to restrict which computers can access your Wi-Fi network. This is done using a process known as MAC filtering.
Every computer network interface, whether a Wi-Fi or Ethernet cable connected one, has a physical address, or Media Access Control (MAC) address. This is a 12-character code that uniquely identifies each network access card.
On a Windows-based computer, getting your MAC address is relatively simple. Go to the Start Menu/All Programs/Accessories/Command Prompt.
When the window opens, type the command ipconfig /all (note the space between the two parts).
You should see a display listing for each network interface. Find the one for your Wi-Fi adapter and read the results for “Physical Address.” It should look something similar to 00-25-64-A4-8C-F4.
Write this down and do the same for all of your devices in your network.
Next, log in to your router or WAP and find MAC Filtering. Again, the manual will tell you how to do this. Enter the list of MAC addresses for your computers and active filtering, to ensure that only authorized computers are accessing your network traffic.
One final step is to prevent your WAP or router from broadcasting the name you have given to your network. This is actually called the Service Set Identifier, or SSID.
One of your security settings will prevent this from being broadcast, so the first time you connect to the network with each device, you will have to manually enter it.
However, anyone trying to connect to your network illegitimately will have to guess the name. Picking a random name, or having your router choose a random, increases your security level as well. Again, check your instructions for the steps to do this.
Taking the tips from this column and the last one will probably take less than half an hour of time, including reading the manual instructions to configure your WAP or wireless router.
The peace of mind you will receive for such a small investment of time and effort is immeasurable. When you consider the potential for loss by not doing so, you should find this effort a pretty small investment to make.