There were times when every house had only one computer and one internet connection, generally delivered through a phone modem. Today, things have changed. Often there are two or more computers in the same household, and often at least one of them is a laptop.
If you want all of these computers to be internet-enabled, it is not feasible to have a separate connection for each computer and neither is it practical to rewire your house with Ethernet cables for your very own Local Area Network (LAN).
The best option, then, is to have your very own Wi-Firouter that allows each device to access the internet (and of course, each other) from any spot within range. With the advent of smartphones like the iPhone and the Droid, both of which have inbuilt access to Wi-Fi, it only makes it easier to get connected.
But unlike a LAN, a Wi-Fi connection is indiscriminate in its reach. Whereas the former will go only to where you lay out the cables and ports to, wireless is only limited by the power it is transmitted at in your neighborhood.
And so, to prevent strangers from using your bandwidth, hackers accessing your system or just regulating your internet use, you need to secure your wireless router (thereby securing your home wireless network).
This article talks about certain steps you can take to ensure the security of your home Wi-Fi. It is divided into two segments.
1. Essential Wireless Security Steps
2. Extra Steps for the Extra-Paranoid
Essential Wireless Security Steps
Following are the main steps towards securing your home wireless network. None of them should be ignored.
1. Set a Username and a Password for the Router
Every Wi-Fi router has an administration webpage that can be accessed through your browser. To prevent unauthorized people from accessing your router settings, you need to set a username and password combination to your router.
a) First, after you ensure that your computer is connected to your wireless network, go to the address 192.168.1.1 through a web browser. If it is the first time you are accessing it, the username and password will either not be asked or it will be blank or it will be set to default settings as given in the manual. So, if you don’t know what it is, check the manual or call the tech support of the router manufacturer (Linksys, Netgear and all).
While usually it is 192.168.1.1 you need to access the router, in some cases it may be 192.168.2.1 or anything else depending upon the way your home wireless network is set up.
b) Find either the “Administration” or “Management” tab. This will show you the fields you have to fill in to change the username and password. It is critical to keep strong passwords that are not known names or easily guessable words.
2. Encrypt your connection with WPA
This is probably the single-most important defence in preventing other people from accessing your Wi-Fi. By encrypting your connection, only those devices which have the encryption key can use the wireless network.
You will find the location to do this in your router’s “Security” settings. Most routers come with two in-built methods of encryption: Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). WEP is known to be easily hacked into, and therefore it is recommended to use WPA. However if your router does not have WPA, WEP will be better than nothing.
Once enabled, any device that wants to use the Wi-Fi connection will be asked for the encryption passkey. This can generally be found written on a label under your router or with the documentation accompanying it. This means that unless a hacker has physical access to your house, they will be hard-pressed to compromise your security.
3. Keep Your Router Firmware Updated
It is important to keep your router’s firmware up-to-date. New firmware updates may include better security features and fixes to bugs that could compromise your connection.
Hence visit your router manufacturer’s website periodically to check for firmware updates.
4. Control your Modem’s Power Settings
If you’re sufficiently comfortable with tweaking your settings, and if your modem is advanced enough to support it, you can manually tune the power output of the modem to only what you need.
The higher the power given to the antenna, the further the signal will go. So, by reducing the power to a level where you can barely catch the signal in a remote corner of the house, it gives less chances for your neighbors to use it without permission. This of course, works less in apartments and more in houses.
And of course, when you don’t need it switch off your modem from the mains. This will save you on energy costs too!
Extra Steps For the Extra-Paranoid
While a wireless network is considered to be inherently unsecure and no steps can guarantee fool-proof security, the above mentioned steps should be enough for a home user looking to protect his Wi-Fi.
However, if you feel that you need to do more and aren’t satisfied with the process, here are some more steps. Honestly, it wouldn’t matter if you ignore the following steps but you could take a look nonetheless.
1. Stop Broadcasting your SSID
The Service Set Identifier or SSID is the name by which your wireless connection is identified. Hiding it will at least prevent the simplest of attacks, even though it may not deter sophisticated hackers.
To hide it, simply go to the “Wireless” settings in your Administration page and find the settings you need to Disable it. It is also recommended to change the SSID name from the default value to one of your choosing, so it is not immediately identifiable.
Note: Disabling SSID broadcast could also get a person, who should be connecting to your network, connect to some other network because he can’t see your network’s name (and hence this could compromise his computer’s security. ) Read this article by Microsoft on why non-broadcast networks are not a security feature.
2. Filter by MAC Address
The MAC address has nothing to do with the Apple that makes iPhones. Every computer made – the network card, to be precise – has a unique Media Access Control or MAC address.
A way of securing your connection then is to tell the router to allow access to only specific devices with approved MAC addresses. To find out yours, just go to “Run” in your Start Menu and type “cmd” and press Enter. When you see the user prompt, just type ipconfig/all and press enter. You should get a screen that looks like the following:
Note down the MAC address. Next, go to the Administration page of your wireless router and find the MAC address filter settings. These generally are in the “Security” or “Connections” section.
Enter each address that you would like to permit access manually. Use the colon sign instead of dashes for the addresses.
Note: While it may look from the time-consuming steps that this is a pretty effective way of securing the network, in reality, this method isn’t that difficult to bypass either.
A Wi-Fi router can be a very useful device in a networked household. However, it needs to be secured to prevent malicious attacks. The above methods will considerably reduce the risk of any unauthorized access.
Do you know of any other methods to secure a wireless network? Why not tell us in the comments.