RSS

Wireless Networking

12.04.05

For unfamiliar terms, look in Matisse Enzer Glossary of Internet Terms.


All of this is based on my Linksys Wireless G Router model WRT54G. Like most routers, it has built in Firewall capability. That's great, but if you don't set up your wireless network properly anybody nearby your home with a wireless capable computer or device can access your network. There are several settings required to keep snoopers out of your network and to keep them from snooping in on the data going back and forth from your computer to your router.

First, setup your wireless security encription. This kind of scrambles the data so others can't intercept it. I recommend using "WPA Pre-Shared Key" also known as "WPA PSK." Once you select that, you need to select the algorithm. I use TKIP. Another algorythm, AES, is stronger but requires more work by your processor to handle encrypting and decrypting. TKIP is more than adequate. Create a WPA Shared Key - this is like a password for your router and wireless adapter to decrypt the encrypted transmissions. It usually needs to be 8 to 63 characters long. The longer it is the more secure it is. Your password should include numbers, capital and lowercase letters, and special characters like $%&*. For more on good passwords go to GRC.com's password page . You'll need to remember (or copy and paste) this key and enter it in the properties on your wireless capable computer too.

Second, if your wireless router has MAC address filtering, you'll want to enable this feature as well. MAC address (unique address of a computer's network card or wireless adapter) filtering allows you to prevent certain MAC addresses from accessing your wireless router or even better you can limit access to certain MAC addresses. I chose the latter. I enabled MAC address filtering and "Permit only PCs listed to access the wireless network." Then I added the MAC address of my wireless laptop to the MAC address list. Now the router will only transmit and receive data from my laptop. This alone does not secure your network because it is not difficult for hackers to decipher your MAC address and clone it for their use. What this does for you, is keep your less sophisticated neighbors and people passing by from accessing your network.

Third, disable Remote Management. This means someone from outside your network will not have access to your network settings. If this is enabled, a hacker can more easily get in, change all of your network settings enabling his use or disabling your use.

Finally, turn off UPnP. In a Linksys Router's settings it's found on the Administration Tab. This feature, when enabled can allow a program to open ports in your router to allow traffic through. This can be helpful in some programs but malicious software can take advatage of this and open your network to all sorts of bad stuff.

Of course, all the information about networking and security on my other pages, still applies. For more information on wireless networking security, click Here .

On a side note...for most people wireless networking is rather simple. I encountered a problem I did not expect. My Windows XP Home Edition laptop had a "Network Bridge" set up for all the network connections including the built in wireless 802.11g adapter. Even though the laptop could connect to my wireless adapter, I could not access the internet or shared folders on my network. If you have a similar set up the solution is rather simple. Go to "Network Connections" (you may find the icon in your Start Menu or Control Panel), find your wireless adapter listed under the Network Bridge, right click it, and select "Remove from Network Bridge." After I did this I immediately had access to the web and my network.