Friday, January 14, 2011

10 Steps to Securing Your Wireless Network

The wireless network or a wireless network is often referred to quite easy to set up, and also feels very comfortable, especially if we want to be able to walk way around the home or office with a portable computer but it can still access the Internet network. However, as wireless waves, it will be easier to hack than using a cable connection. There are a few tips here to secure the wireless network.

The step following steps:

1. Use encryption.
Encryption is the first security measure, but many wireless access points (WAPs) do not use encryption as a default. Although many WAP has Wired Equivalent Privacy (WEP) protocol, but not enabled by default. WEP does have some holes in securitynya, and an experienced hacker can definitely open it, but it was still better than no encryption at all. Be sure to set the WEP authentication method to "shared key" rather than "open system". To "open system", he does not encrypt data, but only authenticated client. Change the WEP key as often as possible, and use 128-bit WEP compared with a 40-bit.

2. Use strong encryption.
Because of the weakness of existing weaknesses in WEP, it is advisable to use Wi-Fi Protected Access (WPA) as well. To use WPA, WAP had to support. The client side must also be able to support WPA tsb.

3. Change the default administrator password.
Most manufacturers use the same administrative password for all their products WAP. Default passwords are generally already known by the hackers, which can later be used to change the settings on your WAP. The first thing to do in the configuration of a WAP is change the default password tsb. Use at least 8 characters, a combination of letters and numbers, and do not use the word word in the dictionary.

4. Turn off SSID Broadcasting.
Service Set Identifier (SSID) is the name of the wireless network. By default, the SSID of the WAP will be broadcast. This will make users easy to find the network they will be, because the SSID will appear in the list of available networks that exist in the wireless client. If the SSID is turned off, users must first know its a bit SSID can be connected to the network page.

5. Turn off the WAP when not in use.
The way this one seems very simple, but some companies or individuals do it. If we have users who only connect at certain times only, there is no reason to run a wireless network at all times and provide the opportunity for intruders to carry out his evil intentions. We can turn off access point when not in use.

6. Change the default SSID.
Factory provide a default SSID. Usefulness of the SSID broadcast is turned off to prevent anyone else know the name of our network, but if you still use the default SSID, will not be difficult to guess the SSID of our network.

7. Using MAC filtering.
Most WAP (not the cheap cheap of course) will allow us to use filter media access control (MAC). This means we can make a "white list" of computers that can access the computer wireless network, based on the MAC or physical address in each network card pc. Connections from the MAC is not in the list will be rejected.

This method is not always safe, because it is still possible for a hacker to do packet sniffing that we transmit via the wireless network and get a valid MAC address from one user, and then use it to make a spoof. But MAC filtering will make it increasingly difficult an intruder who is still not good at really good.

8. Isolate the wireless network from the LAN.
To protect the cable from the internal network threats coming from the wireless network, it would need to be made wireless DMZ or perimeter network is isolated from the LAN. It means installing a firewall between the wireless network and LAN. And for the wireless client that requires access to the internal network, he must first authenticate with the RAS server or use a VPN. This provides an extra layer for protection.

9. Control the wireless signal
802.11b WAP transmits waves of up to about 300 feet. But this distance can be added by replacing with a better antenna. By using high-gain antenna, we can get a longer distance. Directional antenna will transmit the signal to a particular direction, and emit are not circular as it happened in omnidirectional antennas that are usually found on the WAP package setandard. In addition, by selecting the appropriate antenna, we can control distance and direction signals to protect themselves from intruders. In addition, there are several settings that can be WAP signal strength and direction through the WAP config page.

10. Emit waves at different frequencies.
One way to hide from hackers who often use technologies 802.11b / g, which is more popular is to use 802.11a. Because 802.11a works on different frequencies (ie in the frequency of 5 GHz), NICs are designed to work on technology that is popular not be able to catch the signal

1 comment: