Chapter 2
Wireless Security Checklist
7
Wireless-G Broadband Router with 2 Phone Ports
Chapter 2:
Wireless Security Checklist
Wireless networks are convenient and easy to install, so
homes with high-speed Internet access are adopting them
at a rapid pace. Because wireless networking operates by
sending information over radio waves, it can be more
vulnerable to intruders than a traditional wired network.
Like signals from your cellular or cordless phones, signals
from your wireless network can also be intercepted. Since
you cannot physically prevent someone from connecting
to your wireless network, you need to take some additional
steps to keep your network secure.
1. Change the default wireless
network name or SSID
Wireless devices have a default wireless network name
or Service Set Identifier (SSID) set by the factory. This is
the name of your wireless network, and can be up to 32
characters in length. To distinguish your wireless network
from other wireless networks that may exist around you,
you should change the default wireless network name to
something easily recognizable, but do not use personal
information (such as your Social Security number) because
this information may be available for anyone to see when
browsing for wireless networks.
2. Change the default password
For wireless products such as access points and routers,
you will be asked for a password when you want to change
their settings. These devices have a default password set
by the factory. The Linksys default password is
admin
.
Hackers know these defaults and may try to use them
to access your wireless device and change your network
settings. To thwart any unauthorized changes, customize
the device’s password so it will be hard to guess.
3. Enable MAC address filtering
Linksys routers give you the ability to enable Media Access
Control (MAC) address filtering. The MAC address is a
unique series of numbers and letters assigned to every
networking device. With MAC address filtering enabled,
wireless network access is provided solely for wireless
devices with specific MAC addresses. For example, you can
specify the MAC address of each computer in your home
so that only those computers can access your wireless
network.
4. Enable encryption
Encryption protects data transmitted over a wireless
network. Wi-Fi Protected Access (WPA/WPA2) and Wired
Equivalency Privacy (WEP) offer different levels of security
for wireless communication.
A network encrypted with WPA/WPA2 is more secure
than a network encrypted with WEP, because WPA/WPA2
uses dynamic key encryption. To protect the information
as it passes over the airwaves, you should enable the
highest level of encryption supported by your network
equipment.
WEP is an older encryption standard and may be the
only option available on some older devices that do not
support WPA.
General Network Security Guidelines
Wireless network security is useless if the underlying
network is not secure.
Password protect all computers on the network and
•
individually password protect sensitive files.
Change passwords on a regular basis.
•
Install anti-virus software and personal firewall
•
software.
Disable file sharing (peer-to-peer). Some applications
•
may open file sharing without your consent and/or
knowledge.
Additional Security Tips
Keep wireless routers, access points, or gateways away
•
from exterior walls and windows.
Turn wireless routers, access points, or gateways
•
off when they are not being used (at night, during
vacations).
Use strong passphrases that are at least eight characters
•
in length. Combine letters and numbers to avoid using
standard words that can be found in the dictionary.
WEB:
For more information on wireless
security, visit
www.linksys.com/security