Secure your wireless access points. Unsecure wireless access points are the most common vulnerability most home and small business networks have. Very often consumers purchase a wireless access point, either stand alone or integrated into a firewall, plug it in and connect with no configuration. They use the default manufacturer settings. This is a disaster waiting to happen. Any trespasser can now log into the access point and see your entire network. From here criminals can exploit your connection, hijack your computer or do malicious damage to any of your devices and data.
The first thing you should do before connecting your wireless access point is look at the set up guide. You will notice that your device has a default username and password. Every manufacturer has some combination they use for all network devices they manufacturer. This means all network devices made by XYZ have the same default username and password. The information for each manufacturer will be readily available on their website. You will also see that each manufacturer has a default identifier for their wireless signal. Most of them use the name of the manufacturer. The signal for a device from XYZ will transmit “XYZ” in its name. Additionally there is often now password for the default wireless signal. As you can see if you connect this to your network in its current state anyone can connect to it.
Start by following the set up guide provided by the wireless access point’s manufacturer to gain access to your device. Very often there are wizards to follow in the setup routine. Whether you are following a wizard or not make certain there are precautions you need to take in order to protect your home network from a trespass breaking in through your wireless signal. Make certain to change the default password. If your device will allow you to change the default username then do so. This will protect you from a trespasser gaining control of the wireless access point.
Change the name of your devices SSID (Service Set Identifier), this is the technical name of what most people call the “name of your wireless network”. It is case sensitive with a minimum of five and maximum of up to thirty-two alphanumeric characters. The purpose of the SSID is to provide a unique identifier for your home network. So make sure you use a name or phrase you will remember.
Use WPA (Wi-Fi Protected Access) encryption to protect your wireless communication. WPA encrypts data through the use of temporal key integrity protocol (TKIP). TKIP scrambles the keys using a hashing algorithm then, by adding an integrity-checking feature, it ensures that the keys have not been tampered with through the extensible authentication protocol (EAP). The key is a password you create. Every device connecting to your wireless access point will require this password to connect.
Turn off SSID broadcasting. Wireless access points have the ability to mask the name of the signal. This means in the computers wireless network list your network will not be visible. People who wish to connect to your network will need to explicitly enter the name instead of finding it on a list.
The second is to use MAC (Media access control) address filtering. A MAC address a 48- or 64-bit address associated with a network adapter. While IP addresses are associated with software, MAC addresses are linked to the hardware of network adapters.MAC addresses are hard coded by the manufacturer and are not assigned in the way an IP address is.
Unless you specifically require a peer to peer wireless connection for a designated application is do not use one. Very often criminals broadcast wireless signals from laptops to lure you into connecting to them. They use this opportunity to steal your data. Also do not accept a request to connect to a wireless device.
Be very careful of open public networks. Very often we need to use these connections at coffee shops, restaurants, libraries, stores, rest stops and so on. Before doing this make certain your device has no exposed or unprotected share. The antivirus software on your device is enabled. Your devices firewall is turned on. Be on guard for any suspicious traffic. Do not accept any requests to connect.