<!–[if gte mso 9]> <![endif]–><!–[if gte mso 9]> Normal 0 false false false EN-US X-NONE X-NONE <![endif]–><!–[if gte mso 9]> <![endif]–> <!–[endif]–>
Just a few years ago I was clueless about why I should secure my wireless network.I didn’t care if other people used my wireless signal to surf the internet, and I thought it was too much hassle to figure out how to encrypt my network.What I didn’t realize, is that computer criminals rely on people like me to carry out their crimes.All they had to do was sit outside of my house and run some nifty software while they collected all of my personal data and all that it cost them was gas and time.It took me getting my credit card number stolen and my credit rating destroyed before I finally decided to take network security and the security of my data seriously.I hope this story isn’t too familiar to any of you out there but if it is I have just the guide for you.
Recently I was asked by the wonderful staff here at TechwareLabs to write a little guide on securing your home network, and explain a little bit of the techno-babble associated with network security encryption.I hope this guide finds you well and saves you from the mistakes so many like myself make.We will make this guide as easy to understand as possible so that everyone from the novice to the expert can tighten down the latches on their home and business security.If you don’t think you have the time to secure your network all you have to remember is that it only takes one penetration of your data to cost you anywhere from hundreds to thousands of dollars.Getting ready to contact your credit card companies and maybe even a lawyer to start rebuilding your credit. We hope you aren’t planning on buying anything on credit any time soon.
Additionally, it can be helpful to adopt some form of Multi-Factor Authentication to your network as well. As the name would suggest, it is a way to protect your network by requiring multiple security measures for anyone trying to enter. An example would be a password and a fingerprint scan, or multiple passwords, or perhaps a USB key. This method of protection can save anyone with important data, since passwords can be figured out by a hacker with enough patience. The implementation of multi-factor authentication lets you rest easy knowing that your data will be much safer.
First, let’s take a look at the most common hardware that consumers use to create wireless networks for their homes and small businesses.Knowing what you have is the first step to locking down unauthorized access.
SSID is really a catch 22 in my opinion. If you broadcast it, it’s in the open for everyone to see, but if you disable it and someone comes around wardriving and discovers that you’re SSID was disabled they’ll be more inclined to attempt to access your network because you probably have something important to keep hidden. It’s definitely not always the case, but I thought I’d share my 2 cents 🙂
Sorry, I should have added that your passphrase for WPA should be random generated and not a weak passphrase of a plain “dictionary” word that can be cracked very easily.
I agree that not broadcasting your SSID is only a layer but it can still be cracked. Anything can be cracked given the right tools and given the time, any network can be infiltrated.. The point is, to make your network a more difficult target so that the criminal (or hacker if you will) decides to move on to a more easily accessible target.
Considering most wireless networks are unprotected, getting this information out just so people impliment basic protection is a good start.
I agree. The MAC filter is not the equivalent to a bouncer, but more a little old lady asking you for your name without ID. You can lie (spoof) about it. As far as a WPA passphrase, you should use a passphrase generator to generate one for you up to 63 characters long (the longer the better and with all character types). This will make it more difficult, if not impossible, to brute force attack it. Using a dictionary word will only take a few seconds to crack.
Not broadcasting the SSID only adds another layer but it’s not impossible to crack it. Most scanning software will show it but without the SSID so it’s just a bit of extra work for the hacker to sniff that out.
Disabling SSID doesn’t add security. MAC addresses can be spoofed.