Wi-Fi Security Made Easy

Mon May 8, 2006 4:11PM EDT

See Comments (46)

A comment on my Wi-Fi dropouts post requested help in configuring security on a wireless router. I'm happy to oblige. Here are my suggestions for securing your wireless network, from most important to least. I'd love to show you exactly how to make all these changes, but unfortunately every router is different, even routers made by the same company can have wildly different management schemes. Consult your user manual for detailed instructions.

  • Change the administrator password. All routers ship with default passwords for the management account, and these are common knowledge on the Internet. Your first step should always be to change the admin password to something unique.
  • Turn on encryption. No wireless encryption method is perfect, but some is better than none. Without encryption, anyone in the neighborhood can hop on your network, and you probably don't want that. If all the devices you own support WPA, use it (WPA-PSK is the type you want, if that's an option). Otherwise, use 128-bit WEP, which you might have to use if you have older networking products around your office.
  • Change the name of your network. Many people never change the generic network names like "belkin" and "linksys," and not only will you have trouble identifying which network is yours, you're also telling the world your network may be in a default state and vulnerable to hacking.

Now we're getting into more advanced stuff. These are changes that only the security-paranoid need to consider. More casual users can stick with just those above.

  • Turn off SSID broadcasting. When you scan for networks in Windows, you get a nice list of networks because they are all broadcasting their SSID, a network ID code. If you don't want your network to show up in this list, turn off SSID broadcasting. The downside: You'll have to type in the network name manually when you first connect to it.
  • Turn on MAC filtering. A MAC is a unique code that every piece of network hardware has. You can set your router to only accept connections from devices with MACs that you allow. Just input the MAC address for your various PCs and other devices, and anything not on the guest list will be escorted to the door. Note that if you're not comfortable with hexadecimal and the inner workings of networking, this tip may be more trouble for you than it's worth.

Comments on Wi-Fi Security Made Easy

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 1 Posted by bauersocks on Thu Sep 3, 2009 3:03PM EDT Report Abuse

    Mac filtering requires knowledge of hexadecimal? What brand router does this? How about providing the series of simple steps required to get your mac address, add it to the list of mac addresses allowed in your routers software and and save? The writers knowledge sounds dated and seccnd hand.

  • 2 Posted by lennyleon2000 on Thu Sep 3, 2009 6:49PM EDT Report Abuse

    What you are all failing to understand is that the author made no claims that he was giving step-by-step or in depth instuctions on securing a wireless connection. He gave exactly what he stated, which was advice. Every router comes with detailed (step by step) directions on securing it. Reading a manual is something more people should do. Also zero2dash, even though you are trying to help your instructions do no more than confuse the average end user because if they don't know where to find their mac, they for sure won't understand how to set static ip's instead of using dhcp. :(

  • 3 Posted by bonkstr on Thu Sep 3, 2009 3:11PM EDT Report Abuse

    Dont forget to check the settings on your anti-virus software "networking" section which may be the problem with certain network issues. Took me a week to figure this out and not a single DSL or router company rep. i spoke with had mentioned the possiblity of a conflict. Once i configured my anti-virus software the problem was solved. Bonkstr@yahoo.com

  • 4 Posted by burnedinyoureyes on Thu Sep 3, 2009 3:15PM EDT Report Abuse

    yes this would make the network not work. both encryption codes need to be identical. also make sure your card is set as the default and no other wireless cards are present in your laptop. I thought most routers come with an easy hexadecimal generator code which or translate your password into hex.

  • 5 Posted by vasquezmi on Thu Sep 3, 2009 10:32PM EDT Report Abuse

    This should help with MAC IDs. There is software out there that will tell you the MAC ID of your computers hardline or wireless network card. The best tool yet is MACUUID, just search for it in Yahoo! Open it up through the Command Prompt and you will get your systems MACID that can then be entered into your routers MAC Accept list.

  • 6 Posted by hackster666 on Thu Sep 3, 2009 4:15PM EDT Report Abuse

    mac address can be spoofed and or changed...although tedious it isnt that secure either.

  • 7 Posted by btam33 on Thu Sep 3, 2009 3:14PM EDT Report Abuse

    Your article on Wi-Fi Security was much to technical for this old illiterate PC man, I would like to isolate my equipment, but technical terms leave me in the dard

  • 8 Posted by thecyberfleamarket on Thu Sep 3, 2009 10:03PM EDT Report Abuse

    Great advice. The average home pc user may not know how to do some of the things suggested,but they also know they can look it up or theres normally a help tab or button that describes what your trying to do. I have turned my pc on and could see other networks in the neighborhood. I have mine secured now. When I first set it up, a lot of strange IP addresses were popping up and I would have an option of trusting them or not. After I secured it, that no longers happens. Linksys has a great help section online, and at their website and on the phone.

  • 9 Posted by medictft91158 on Thu Sep 3, 2009 7:14PM EDT Report Abuse

    WPA is best and not that difficult to set up. WEP is better than nothing. Using MAC filtering is also good and provides an additional layer of protection. Although MAC addresses can be spoofed it is not real easy and someone needs to know one of YOUR MAC addresses. You can also turn off DHCP and assign each computer or device on your network a static IP. You could also leave DHCP on and limit the number of addresses available to the number of devices connected to your network so when someone ties to access your network there is no addresses available providing your devices are always on. Further, make sure you have a firewall on each PC and that the firewall allows the router and the addresses or address range you have specified access to the internet or you won't be able to get out. If you have question about this email me.

  • 10 Posted by markosians on Thu Sep 3, 2009 7:08PM EDT Report Abuse

    I too used to think that MAC filtering was enough. When I started to research wireless security I realized it isn't. I recommend setting up WPA2 security on your wireless system. I know, many will say that it is overkill, but if your equipment is capable and your going to setup security anyway, why not setup the best available? Nick

More Posts: First Prev 1 2 3 4 Next Last

Post a Comment

Sign In to Post a Comment