Posted on

Wi-Fi Security – Secure Your Network

Secure WiFi

Wireless Fidelity, or Wi-Fi as it is commonly called, is a popular home network for an increasing number of home users.

Wi-Fi’s popularity is primarily due to its ease of set up and its lack of wires and cables.

The ability for users to utilize their laptops, tablets, and smart phones from any room in the house is a convenience that is missing from a normal hard line home network.

However, there is a price for the convenience of Wi-Fi, and that is a loss of security.

Wi-Fi has weak encryption algorithms.

When you combine that with the ability of unauthorized users to intercept the Wi-Fi’s data transmissions, you have a network that is inherently un secure.

Fortunately there are ways that home users can optimise the security of the Wi-Fi network to create a networking environment that will be secure enough for most home users, but which still retains the simplicity and convenience that draw users to Wi-Fi in the first place.

Wi-Fi currently has 3 types of encryption;

• Wired Equivalent Privacy (WEP)

• Wi-Fi Protected Access (WPA)

• Wi-Fi Protected Access 2 (WPA2)

WEP being the weakest and WPA being the strongest.

There are 2 other non-encryption processes that are important to securing a Wi-Fi home network; Service Set Identifier (SSID) and Media Access Control (MAC) filtering.

By using and tweaking your Wi-Fi’s encryption, SSID, and MAC filtering, you can create a home network that will discourage all but the most persistent of hackers.

It is not possible to make a network 100% secure. But networks can still be made secure enough.

When deciding the best way to secure a network, computer security experts weigh the risk against the cost.

What is the risk if the information is stolen or compromised?

What is the cost of various security options?

If the network transmits and stores a nation’s top secrets, then the cost of the implemented security can be very high and still be cost effective.

On the other hand, if the network is only used to transmit and store a homeowner’s school reports, holiday pictures, and downloaded articles on gardening tips, then the cost of any security should be low or nonexistent.

Most users will fall somewhere in between the two extremes.

Small businesses that transmit business transactions and financial information will need to accept a higher cost security implementation.

Most home users transmit at least some sensitive information over their home network, but probably not enough to make themselves targets for professional hackers. Therefore, most home users can get by with a lower cost security option.
Before a user can decide on the best Wi-Fi security implementation, they should understand a few things about how their Wi-Fi works, and they should know at least some basic information on the encryption methods available.

Service Set Identifier (SSID) – Wi-Fi networks have the ability to periodically send out a broadcast transmission to alert any listening devices within their transmission range that they are a wireless network, and that they are available.

Most Wi-Fi routers provide the ability for you to turn off SSID. The default setting is usually for SSID to be activated.

Unless you are operating a Wi-Fi hotspot for the public, your users will know your Wi-Fi network is available, so there is no need to send out these broadcasts.
Consequently, one thing you can do to start securing your wireless network is to turn off SSID broadcasting. This will not stop a knowledgeable hacker, but it may make them move on to easier pickings.

Media Access Control (MAC) – Each device that attaches to a network has a unique MAC address.

These addresses are assigned by the manufacturer of the device. Whether the device is a computer, printer, smart phone, or tablet, if it can connect to a network, then it has a unique MAC address.

Using your Wi-Fi’s administrator console, you can specifically identify any devices you want to have access to your wireless network by entering their MAC address in the router’s authorized address list.

Any other devices attempting to access your Wi-Fi network will be denied access.

Although a MAC address can be spoofed, you will have made it more difficult for a potential hacker to break into your network.

Wired Equivalent Privacy (WEP) – The WEP encryption is the weakest of the 3 available encryption methods.

It was the only encryption method available when wireless networks first became available to the public, and it has been broken since about 2001.

A hacker with a modern computer and the right open source software can crack a WEP encryption in less than 3 seconds.

Although WEP encryption is minimal security at best, it continues to be available on the newer Wi-Fi routers in order for legacy devices to continue being supported.

It will not protect you from even a moderately knowledgeable hacker, but it can be useful to keep your honest neighbours from using your Wi-Fi network.

Wi-Fi Protected Access (WPA) – The WPA encryption is significantly stronger than WEP, but it is still a weak security algorithm.

The encryption keys are longer than WEP, but WPA encryption can still be cracked in a matter of minutes with a modern computer and software.

Wi-Fi Protected Access 2 (WPA2) – This is the strongest of the available wireless encryption methods.

When WPA2 is implemented with the Advanced Encryption Standard (AES), it can be a very tough determent for even an experienced intruder.

The disadvantage of WPA2 with AES is that because everything has to be encrypted with a strong key, it can create a noticeable slowdown in response time over the network.

Once you decide on the best encryption algorithm that works for your circumstances, and you combine it with SSID broadcast off and MAC filtering, you will have gone a long ways towards insuring the data you send over your Wi-Fi remains safe.

Although nothing is 100% secure, the techniques discussed in this article should provide adequate protection for most home Wi-Fi networks.

Leave a Reply