How to Secure Wireless Internet Connection
Level of difficulty:
Wireless networks are some of the easiest networks to hack. This is because the signals generated by the network can be accessed at a distance. Entering the network can be done simply to use another person’s Internet connection for free. Hacking the wireless network can also be done to steal information sent via the network.
- Installed standalone firewall programs
After setting up the wireless network at home, make sure to change the default login data. The usernames and passwords in the initial configuration are common amongst all routers of the same model. If the login is not changed, others will be able to access the data as long as they know the model and brand of the router.
Change the SSID (Service Set identifier) and access point names. The name assigned to the router can often be easily detected. The network must also be configured so that the SSID is not broadcast. Any person searching for an available wireless network in the same area will then not be able to get the SSID name of the wireless network. The network may be listed as an unnamed network, or it may not show up on the available networks list at all. The SSID name must then be manually typed to access the network.
The devices used for the network must at least be WPA or WPA2 (Wi-Fi Protected Access) certified. These standard programs were developed by the Wi-Fi Alliance to check if the devices followed the standard security protocol. All devices used to create the wireless network should have the same high level of security. A single weak point can be used to enter the network.
Do not rely solely on a firewall installed on the router. All hosts must have their own standalone firewall. This ensures that unwanted traffic cannot enter the network via an unsecured host.
Physically place the router at the center of the desired network range. This minimizes the chance of the signal being detected and used by people in nearby buildings or locations. Make sure the router is not placed near a window or door. Users can also check if the router itself has an option to reduce the signal to prevent others from detecting it.
Store the MAC (Media Access Control) addresses and the unique identifiers of networking devices in the router and other access points. This will allow hosts to communicate directly with the router or access points, instead of sending signals to other hosts.
Use static instead of dynamic IP addresses. The common default is to allow a server to use DHCP (Dynamic Host Configuration Protocol) to assign dynamic addresses to all devices connected to the network. These addresses generally change over time and allow hosts to be added to the network easily. Static addresses are harder to hack.
Require all that wish to connect to the network to use a username and password. Make sure that the passwords are changed regularly to minimize the chance of attacks.
Make sure the router cannot be managed remotely. Some routers have this option, and it must be turned off to prevent anyone from exploiting it.
Shut down the network when not in use. Unmonitored networks are prone to outside intervention. If someone does hack into the network, there will not be anyone there to detect or prevent it.