by Dan Harper
Technology is a wonderful tool, saving us time and effort. One such tool is wireless networking, but like most tools, it can be misused.
All wireless routers have built-in security, but don′t have them turned on at the factory. This is so that the user can connect easily to the new router, adjust the settings the way they want them, and then secure it. Many users plug in the unit as soon as the shrink wrap is removed and discover it “just worked.” Satisfied with internet access, they don′t give it a second thought. The risk is:
With no security, anyone within range of your wireless signal can access the internet through your equipment using your bandwidth. There′s some argument about whether or not this is legal, but for most folks it is undesirable.
Your radio signal, if it′s not encrypted, it′s available for all to see. If you buy anything or do banking online, you open yourself to identity theft and fraud.
A skilled crook can go through an unsecured router and gain access to any computer connected to the network. Even if you do not have any information a crook would consider of value on your computer, they can use your machine remotely, implicating you in their hijinks.
Securing your wireless router isn′t difficult, but it helps to know some concepts. Wireless security comes in different levels ranging from slightly secure to Fort Knox. The key differences are in the algorithm used and the strength of the encryption key, usually measured in number of bits. The average Joe won′t need the most secure of these methods which are the toughest to set up.
WEP “Wired Equivalent Protocol” is an old method of securing wireless. Coming in two strengths, 40 bit and 128 bit, it is able to keep the honest people honest and that′s about it. The easiest to implement, a dedicated criminal can defeat such security measures in minutes. As an analogy, it is about as secure as an unlocked door. The door will stop honest folks just by being there.
WPA “WiFi Protected Access” is the system the wireless industry developed to replace WEP. It still has vulnerabilities, but is sufficiently secure for most. It′s accepted industry wide and nearly all equipment supports it. It′s like a locked door; it′ll keep everyone except dedicated crooks out.
WPA2 is the second version of WPA. Learning from WPA and correcting its faults, WPA2 is considered secure and will currently stop anyone except the most dedicated, equipped, and skilled hackers, making them take weeks, months, or even years to pound their way in. Most do not have a compelling reason or the attention span to do so. In our analogy, it′s equivalent to a good deadbolt.
One of the most important things you should do is change the default password on your wireless router. In about half of the cases where a router was compromised, the default password was still used until the crook changed it and locked the legitimate owner out.