dslreports logo

Here are some general steps you can implement to improve the security of your wireless network:
  • Enable WPA Encryption. (Best Bet, at this time.) TKIP, AES, or RADIUS authentication recommended. Be forewarned that all WiFi devices on your network will have to share identical encryption settings. Therefore you might have to find the lowest common denominator; the strongest setting common to all your devices.

  • Use a strong passphrase; 63 characters is best, with non-dictionary words

  • Authenticate wireless clients with protocols like EAP (including EAP-TLS, EAP-TTLS, PEAP, and EAP-SIM)

  • Encrypt wireless traffic using a VPN (Virtual Private Network)

  • Change the default SSID. Change it periodically.
    Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is linksys.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.

  • Change the default password for the Administrator account.
    With every wireless networking device you use, keep in mind that network settings (SSID, WEP keys, etc.) are stored in its firmware. Your network administrator is the only person who can change network settings. If a hacker gets a hold of the administrators password, he, too, can change those settings. So, make it harder for a hacker to get that information. Change the administrators password regularly.

  • Enable MAC Address Filtering. (This is a weak tool, and should not be considered a "fix" by itself.)
    »Wireless Security »MAC Address Filtering

  • Check for available firmware updates at the manufacturer's website, usually in the Support area.

Wireless Security involves more than just following "general steps". Make sure that you are aware of the risks involved with using wireless networking.


Expand got feedback?

by KeysCapt See Profile
last modified: 2005-12-24 09:20:42