- Disable broadcasting of the SSID (network name) This will prevent most normal people from being able to see the network in the first place, unless they are using a wireless stumbler utility program on their computer. Even if someone can see the signal of an unnamed network, they will won't be able to connect unless they can guess the name of the network correctly.
- Enable Mac Address Filtering. This will only allow devices to connect to the network which match the mac addresses you've supplied. Every device with a wireless card has a unique mac address. This will prevent just about anyone from accessing your network, because they will have to guess a correct mac address that matches what you've added to the list. Mac addresses are made of up 12 hexadecimal characters, which means there are 281 trillion possible mac addresses according to Wikipedia.
- Use a strong password for the network. Don't use English words or other words from any language, use at least 8 characters, and at least one capital letter. Stronger passwords would ideally be 11 or more characters long.
Other things to secure a wireless network here:
Wireless Security - WiFi Wireless Home Network Security Tips - About.com
What Type of Wireless Network Security should I use?
(all info below compiled from DD-WRT's Wireless Security page)
- WEP is the worst kind to use.
- WPA2 seems to be the most common more secure option comared to the outdated WEP.
To keep things simple, the best options, in decreasing order of preference, may be:
- WPA2 + AES
- WPA + AES (only if all devices support it).
- WPA + TKIP+AES (only if all devices can support it).
- WPA + TKIP
- WEP (will only keep out people with none or poor experience in computers)
- Disabled (no security)
The most common two options will be WPA2 + AES and WPA + TKIP, because they match the mandatory requirements in the standards (WPA2 requires AES, WPA requires TKIP).
You can use WPA + AES for higher security than TKIP, but only if your devices support it (it is optional). For this reason it is not very common. You also do not get the improved roaming features of WPA2.
WEP was supposed to provide Confidentiality, but has found to be vulnerable and should no longer be used.
* Has been found to be vulnerable.
* Is often the default; this should be changed.
* Most devices that support WEP can be firmware/software upgraded to WPA.
* Do not use unless some devices can not be upgraded to support WPA.
WEP has been outdated for years and has better replacements. The 40-bit encryption is just not strong enough to keep data secure and can be broken rather easily. Newer encryption methods use stronger encryption and have yet to be broken while WEP can be broken in a minute according to this resource.
Use WPA where possible.
No comments:
Post a Comment
Only comments in English will be considered. Thank you!