If your wireless network is unsecured then you are
highly susceptible to:
Fraudulent
charges on your credit card
Loans, apartment rentals, and other white collar crimes in
your name
Wireless
network viruses that destroy your computer and attack your
cell phone
Hackers can easily decrypt wireless signals that contain much of the
network's information, such as the network's SSID (Service
Set Identifier).
However, there are some simple steps you can take to help
reduce the chances of being the next victim of identity
theft.
1. Change the administrator's password regularly:
If a hacker gets a hold of the administrator's password, he,
too, can change those settings. So, make it harder for a
hacker to get that information. Change the administrator's
password regularly.
2. Limited signal coverage: Limit the strength
of your wireless network so it cannot be detected outside
the bounds of your home or office.
3. Turn off SSID broadcasting: When SSID
broadcasting is enabled on a wireless network, this network
can be identified by all wireless clients within range.
Conversely when SSID broadcasting is disabled, the wireless
network is not visible (to casual users) unless this code is
entered in advance into the client's network setting.
4. Don’t rely on WEP Encryption: Wired
Equivalent Privacy (WEP) is often looked upon as a cure-all
for wireless security concerns. This is overstating WEP's
ability. Again, this can only provide enough security to
make a hacker's job more difficult.
5. MAC Addresses: Enable MAC Address filtering.
MAC Address filtering will allow you to provide access to
only those wireless nodes with certain MAC Addresses. This
makes it harder for a hacker to access your network with a
random MAC Address.
Additionally, there are several ways that WEP can be
maximized:
1. Use the highest level of
encryption possible
2. Use "Shared Key" authentication
3. Change your WEP key regularly
WPA
Wi-Fi Protected Access (WPA) is the newest and best
available standard in Wi-Fi security. Two modes are
available: Pre-Shared Key and RADIUS. Pre-Shared Key gives
you a choice of two encryption methods: TKIP (Temporal Key
Integrity Protocol), which utilizes a stronger encryption
method and incorporates Message Integrity Code (MIC) to
provide protection against hackers, and AES (Advanced
Encryption System), which utilizes a symmetric 128-Bit block
data encryption. RADIUS (Remote Authentication Dial-In User
Service) utilizes a RADIUS server for authentication and the
use of dynamic TKIP, AES, or WEP.
WPA Pre-Shared Key
If you do not have a RADIUS server, Select the type of
algorithm, TKIP or AES, enter a password in the Pre-Shared
key field of 8-64 characters, and enter a Group Key Renewal
period time between 0 and 99,999 seconds, which instructs
the Router or other device how often it should change the
encryption keys.
WPA RADIUS
WPA used in coordination with a RADIUS server. (This should
only be used when a RADIUS server is connected to the Router
or other device.) First, select the type of WPA algorithm,
TKIP or AES. Enter the RADIUS server's IP Address and port
number, along with a key shared between the device and the
server. Last, enter a Group Key Renewal period, which
instructs the device how often it should change the
encryption keys.
RADIUS
WEP used in coordination with a RADIUS server. (This should
only be used when a RADIUS server is connected to the Router
or other device.) First, enter the RADIUS server's IP
Address and port number, along with a key shared between the
device and the server. Then, select a WEP key and a level of
WEP encryption, and either generate a WEP key through the
Passphrase or enter the WEP key manually.
Implementing encryption may have a negative impact on your
network's performance, but if you are transmitting sensitive
data over your network, encryption should be used.
These security recommendations should help keep your mind at
ease while you are enjoying the flexibility and convenience
of wireless technology.
