The most obvious
result is the risk of massive
excess Internet fees or having your service slowed when it exceeds
the monthly data allowance.
But there are other risks. Some of which can be very embarrassing.
we were called to was being disconnected every month because someone
was using their network to send spam. Recently one of our techs once
walked out of setting up a new home wireless network to find a couple
snooping with a laptop.
risk is an unsecured network can be used for illegal activity.
Given most viruses, spam and phishing scams start from compromised
computers and networks, it's your responsibility not to be one of
The risks don't
end there either. To track down the bad guys, authorities start with
the network address. This means if your Internet connection is being
used to send phishing scams, pornography or file sharing, it's your
door the police will be knocking on.
So it's important to secure
your wireless network. The manufacturers are aware of these issues
and have a number of features built into most wireless equipment.
Properly used, these settings will keep all but the most dedicated
hacker off your system.
your network, you must read the manual that came with your wireless
router or access point. If you get your settings wrong, you will be
locked out, so you need to know how to reset it. Its also best
to use a computer wired directly to the access point when configuring
your wireless network
Every wireless network has its own name, known as a
Service Set IDentifier. If you don't change
it from how it comes from the shop (ie "Netgear", "Default" or
"Motorola") it's easy for the casual hacker to guess your passwords.
It's a good idea not to use your address or name as the SSID,
you don't want to give away too many secrets to the neighbourhood.
Wi-Fi Protected Access
WPA encrypts the wireless signal making it difficult for a hacker
to connect without knowing the passkey. A passkey should be something
long and relatively difficult to guess.
A combination of letters,
both capital and lower case, and numbers are a good idea, your
dog's name followed by your phone number followed by your suburb
is the sort of thing to put in here but remember to write it down.
might only come with Wired Equivalent Privacy. WEP is an older
and less secure standard than WPA. The passkeys for WEP are usually
a mind numbing long string of letters and numbers which is a good
incentive for buying newer WPA gear.
Every computer network deivce has a unique number, known as
the Media Access Control address. You can set
your wireless router to only accept connections from known addresses.
Even if the neighbours can see your network, they cant connect
without a permitted number.
You can hide your network name by turning off your SSID broadcast,
which means your system doesn't tell the neighbours it's name. This
is not recommended by purists as it's against the WiFi standards.
It also makes some devices stop working, so we tend not to do this.
Every computer connected to the Internet has it's own address, called
a TCP/IP number. You can either get one from your server or you
can have a "fixed" one that you enter yourself.
On a home network
the Internet router gives IP addresses out. This is called Dynamic
Host Configuration Protocol. By turning it off on your wireless
network, a hacker has to guess the addresses before they can connect.
This should only be done by those who understand TCP/IP
addressing and subnets.
A Virtual Private Network encrypts the
talk between computers. While not strictly part of a wireless network,
it adds another level of difficulty for someone trying to figure
out how your network is set up. VPNs are notoriously difficult to
setup, so this is not something we recommend for the home user.
Many wireless routers and access points allow you to adjust
the power used. The less signal that escapes your premises, the
less likely an outsider can find your network. One everything is
working, reduce the power to the minimum you need to connect.
To further hide your system from the bad guys, its a good
idea to only share the minimum you need to share. Dont share
entire drives and dont use the default network names generated
Trojan horses and viruses can creep onto your system and compromise
your security. Follow our Protection
Kit guidelines. The best secured network will be defeated by
a well placed Trojan horse or spyware.
The aim of this
is to keep your neighbours and their curious 15 year old son off your
network. If the kid next door is a serious hacker they can defeat
all these precautions with the right skills, tools and plenty of time.
Should you get infected with a trojan or virus, then all of this is
pointless anyway (which is true of a wired network as well).
article shows, setting up a secure wireless network is not for the
faint hearted. No matter how much the product is improved, wired networks
are more secure, faster and more reliable. We recommend only considering
wireless networks if wiring a building is not feasible.