For people running home or small business wireless networks there are a few tips that can help you run your wireless access point more securely.
- Don’t let everyone use your network. A wireless access point will work out of the box, just power it up and plug it into your DSL or cable modem. Unless part of your business model involves providing free WiFi for your customers, this is a bad idea. You should follow the directions of provided with your access point to change the name of the network (the SSID or Service Set Identifier), and provide some level of encrypted connection, WEP or WPA, that requires a connection password. It is ok to write the password down and even attach it to the access point on a label. This makes it easy for you, your employees, family, or guests to connect, while keeping your neighbors off of your Internet connect, and out of your local network. Se my earlier blog on the Chuck Norris attack.
- While you are at it, change the administrative user ID and password. A recent cybercriminal exploit can take control of an access point and use it as part of a bot-net to redirect web surfers to malicious websites. They gain access by trying the know default administrative passwords of these devices, because they are usually not changed by the new owner.
- Move your wireless access point away from windows and toward the center of your building. This will keep the signal from traveling far beyond the walls where others can connect.
- Keep your computers defended. Install and use a good quality Internet Security Suite, and keep your Windows Updates current. That way if someone gains unauthorized access to your network, they won’t be able to attack your PC.