Tips for Wi-Fi Security at Home

I just saw this in the SANS Ough security newsletter, and thought it was a pretty good rundown for laypeople.

Many people rush through setting up wireless home networks to get their Internet connectivity working as quickly as possible. While this is understandable, it is also risky because unless properly secured, wireless networks are a security problem waiting to happen. Today’s Wi-Fi networking products don’t always help the situation either. Their security features are complicated and can be time-consuming to set up correctly. You may wish to retain the services of a qualified technician to help you be sure the job gets done right. Here are some tips for how
you can improve the security of your home wireless network. Next month we’ll provide tips for improving Wi-Fi security while on the road.

Replace that old access point. If your access point is older than 2 or 3 years, it probably doesn’t include the latest security protocols. At a cost of $75 or less, an up-to-date access point is cheap insurance against having your computers broken into. [See point on WPA2 below. if your access point provides WPA2, it’s new enough; don’t replace it. -jc]

Change the default passwords on your wireless access point. The default passwords are simple, often posted on the manufacturer’s website, and well-known to hackers. Change them immediately, and use strong passwords.

Use WPA2 security. Older wireless access points offer WEP and WPA security which provide only weak and unreliable security. Verify that your wireless access point supports WPA2 (Wi-Fi Protected Access, version 2). If it does not have WPA2, don’t use it. Get another one that does.

Change the default SSID. Wireless access points use a network name called the SSID (service set identifier). Manufacturers ship their products with the same SSID. While knowing the SSID does not by itself allow a hacker to break into your network, it is a start. More importantly, operating your access point with the default SSID suggests that security has not been handled well, and that encourages hacking.

Do not Auto-Connect to open Wi-Fi networks. Connecting to an open Wi-Fi network, such as a free, public wireless hotspot or your neighbor’s wireless access point, exposes your computer to security risks. Most computers have a setting which will allow these connections to happen automatically without notifying you. Make sure auto-connect is shut off.

Enable the hardware firewall on your wireless access point. If your access point does not have a hardware firewall, don’t use it. Get another one that does.

Position your access point carefully. It is normal for Wi-Fi signals to leak out through walls of your home. While a small amount of signal leakage is not a problem, the further the signal spills out into the neighborhood, the easier it is for others to pick it up. That is the first step toward someone gaining access to your wireless access point without your permission. Position your access point near the center of your home, rather than near a window or an outside wall.
Turn off your access point if you aren’t using it. If it’s not turned on, hackers can’t break in. [Confession: I don’t do this. It is a good idea, but I’m too lazy. -jc]
If you don’t feel confident about the security of your wireless access point, don’t use it. Get advice and answers to your questions from a computer consultant knowledgeable about wireless security. [Feel free to post here if you have particular quesitons. -jc]

More information:
http://arstechnica.com/security/news/2008/04/wireless-security.ars

_______________
Copyright 2009, SANS Institute (http://www.sans.org)
Editorial Board: Bill Wyman, Alan Reichert, Walt Scrivens, Barbara
Rietveld, Alan Paller.

Permission is hereby granted for any person to redistribute this in
whole or in part to any other persons as long as the distribution is not being made as part of any commercial service or as part of a promotion or marketing effort for any commercial service or product. We request that redistributions include attribution for the source of the material.
Readers are invited to subscribe for free at
https://www.sans.org/newsletters/ouch

Worth the price of admission [2]

Rebecca and I went to see a preview showing of Fireproof last night. I’ll post a review later, but for now I’ll just say that it exceeded my expectations. A really good movie.

Google is spying on us! [2]

Until I randomly noticed it this evening, I had no idea Google had gotten around to setting up “street view” on little cities like Oklahoma City—and some pretty unremarkable neighborhood streets too (the whole city maybe?).

Maybe I should be creeped out, but I think it’s pretty cool. Try dragging it around with your mouse, or clicking the little arrows. Or click View Larger Map to get the full experience.

View Larger Map

Sorry we left the garage door open that day. If only we had known!

And why’d they have to come by in the winter when things were so brown?

Rebecca noticed the reflection of the car in our front window—it’s Google’s car, the one that took the pictures. Makes me want to scroll around for more front windows so I can figure out the make and model.

But enough way-cool time wasting for one night.

Solomon on the 2008 U.S. Presidential Election

Better was a poor and wise youth than an old and foolish king who no longer knew how to take advice. For he went from prison to the throne, though in his own kingdom he had been born poor. I saw all the living who move about under the sun, along with that youth who was to stand in the king’s place. There was no end of all the people, all of whom he led. Yet those who come later will not rejoice in him. Surely this also is vanity and a striving after wind.

—Ecclesiastes 4:13-16

Twitter anyone? [2]

Does anyone use Twitter and see a lot of value in it? I keep hearing from really smart, productive people that they love it, and I must admit it still baffles me. (I thought I was pretty techie.)

This recent article from Forbes re-raises my interest in this hip tech tool. I’ve half a mind to sign up, just to figure out why it could benefit anyone—but who has the time?

Jonathan & Rebecca Camenisch

Tips for Wi-Fi Security at Home

Worth the price of admission [2]

Google is spying on us! [2]

Solomon on the 2008 U.S. Presidential Election

Twitter anyone? [2]