So you live in an apartment and you use a wireless router so you don’t have cables going everywhere. You go to turn your computer off and get the message “there are one or more users still connected to your machine” and chills run down your back as you know someone else has access to your computer. You wonder how this could have happened as you have WEP encryption and they person at the retail store you bought your router from says that is all you need. Well in today’s world that is not all you need and it is a rude awakening for those who use wireless in dense populated areas. WEP (Wired Equivalent Privacy) is the most common form of encryption but it has been cracked in under 5 minutes so that is no real security except to defend against people just looking for an open connection. WPA (Wi-Fi Protected Access) is much more secure and was specifically created to fix the problems WEP has but people don’t understand the proper way to set it up and it ends up being broken too.
I will try to provide what I think are the industry standards for keeping your wireless network as secure as possible.
Turning off SSID broadcast. Most people broadcast their SSID (service set identifier, the name of your wireless network) as it is easier to scan and click to connect. Well this ease of connection also lets anyone else in wireless range click and try to connect. If you name the network something simple and then turn off broadcasting you can potentially thwart many would be intruders that don’t want to waste time with your network as there are many others that will be easier to attack.
Use WPA encryption. While using WPA makes things harder to crack you have to set it up correctly. Most programs today that try to crack WPA encryption use dictionary attacks so you don’t want to use a name or a place or one word period. The best practices are using 15 random characters OR what I like to do is a phrase I always tell my kids. An example would be “stop running in the house” as your key. This is long enough that a dictionary attack would take years to crack and easy enough to remember to give to your guests. The security of the personal information will be great with superboost wifi. The guests available at home can take the benefit of the wifi connection. The practices will be excellent and attack through the third-parties will be less. The encryption form of the wifi will be great with be secure for the use.
If you are never going to have guests and want to take your security one step further you could do mac address filtering so only your machine could connect to the access point. Now someone could try and spoof your address but they would have to grab a packet, decrypt it, then create the spoof and if you are using the suggested steps above it will take them longer than most people own their homes today to break in.
A last bit of advice is not to have your access point setup for remote administration. If you think of getting attacked in the literal sense then ask yourself what you would do to break into a house. If you know the doors are locked but there is a window open would you spend time trying to pick the lock on the door? This same principal goes for any “hacking” mentality, attack the path of least resistance. Many times we can have the greatest security measures setup and then do something silly like write the password on a scrap of paper only to have someone else pickup the paper and have instant access to what we are trying to hide.