Computer Security News, Broadband, Wireless

Tips for Home Wireless Security

photo credit: webhamster

Wireless home networks are wonderful systems. They provide the ability to share files and storage and your internet connection without the need to place network cables through your home.

Anybody whose home is low to the ground and who does not like crawling around in cramped, damp places to install cables can apreciate this advantage of going wireless.

Everybody in the home (everybody who has a wireless capable network card in their computer) can use the one single broadband internet service through one single modem or access point.

Any wireless-capable computer in the vicinity of this network can have access to the internet and your home network.

So far so good: but the great advantage here is also a great security risk if you don't follow the commonsense rules for setting up your network access.

Now here are the main tips: implement as many as possible.

If you are not sure why this is important, read more below about wireless security.

1. Use encryption to code private information and security information.
2. Install antivirus , Adware and Spyware tools, and firewall software.
3. Disable identifier broadcasting.
4. Use a different router identifier than the default setting.
5. Modify the router’s default password for administrative purposes.
6. Set up your modem so that only computers with specific MAC addresses are allowed to access the network.
7. Power down the network when not in use.
8. Never assume communal “hot spots” are safe. Many of these “hot spots” are located in airports and urban areas.
9. Avoid sending and receiving sensitive information on a public wireless network.

Some terms in the above may cause more questions than they answer. For example...

What is a MAC address? you may well ask.

Well, you probably know that computers on the internet, and in a private home network too, can be identified by their IP address. An IP address usually looks something like this: "72.14.207.99" (that's an IP address for google.com).

Computers on a home network are often given IP addresses starting with 10 or 192. E.g. "10.0.0.5", or "192.168.1.6".

10, 192, and some others are special IP address ranges. They are not PUBLIC.

You can't connect to a computer or server on the internet using an IP address that starts with these numbers.

These 'ranges' of IP addresses are reserved for a special purpose: that is, put simply for us home users, our own router gives addresses in this range to computers that are directly connected to it.

So a MAC address is...?

It sure is hard to explain this simply... but, in short, the MAC address is another address needed for network communications.

This is where we need to understand the notion of 'layers' when we talk about networking.

On one layer, a computer or modem or person who wants to connect to another computer only needs to know its domain name or URL.

If I want to connect to Google I only need to know that Google's URL is "google.com".

This works because on another layer there is software that associates "google.com" with an IP address belonging to Google, e.g. 72.14.207.99. (That function is called 'DNS resolution').

But there is yet another layer, where MAC addresses belong. To keep it simple we can call this one 'the hardware layer'.

On this layer, we have a modem, which is just a machine, needing to exchange data with some other device, e.g. your network card in your computer.

So on this 'hardware layer' your modem and your network card talk together by identifying themselves with MAC addresses, which usually look something like this: "00:1C:FB:75:E3:D4".

When you turn your modem on, you see a lot of flashing lights indicating networking activity - that's communication between the modem and all the other computers or devices on your network.

One of the things happening at this point is that your modem is broadcasting signals that say "are there any devices (e.g. network cards) connected to me that I can talk to?"

Then any functioning network cards reply to the request (because they are programmed to) and they broadcast saying "Hello: I am a device that you can talk to you. My hardware address is 00:1C:FB:75:E3:D4."

So, going back to our tip about wireless security that said "Set up your modem so that only computers with specific MAC addresses are allowed to access the network" - what exactly is the importance of this?

The point is that you can tell your router to ONLY talk to MAC addresses (i.e. network devices) that they know.

This is not so much a problem on a cable network: On a cable network the modem looks for devices it can talk to via the network cable. That is, the only computers it will ever think are on the local network are ones that are connected to it with a network cable.

But in the wireless world things are different. There are no cables. So anybody in the neighbourhood of your wireless modem can broadcast the message saying "Hello: I am a device that can talk to you. LET ME IN to your local network!"

Your modem is always looking to respond to these messages: that's what modems do. Your job, if you want to keep your home network secure, is to tell your wireless modem who your friends are and tell it to ignore calls from strangers.

That is, you tell your modem that only certain devices are on your local network, and here are their names... (i.e. their MAC addresses).

Now, I can't talk about where about exactly in your modems's settings files you achieve this. I have only ever used one wireless modem. You could be looking for something like a "MAC allow" list.

How to find out your MAC address.

On a Windows PC you can find your MAC address by opening a command window and typing "ipconfig/all".

The MAC address of the live network card will probably be listed as "Physical address" and look something like "00-1C-FB-75-E3-D4".

On a Linix system the command is "ifconfig" and the address would have colons, e.g. "00:1C:FB:75:E3:D4".

Whether the address has colons or hyphens is merely a matter of formatting: just make sure you tell the address(es) to your modem in the way that it prefers.

The ancient history of home wireless networking.

A few years ago when wireless networks were new we could often read stories on the web and in the PC magazines from people saying: "What's going on? My internet usage has shot up - but it's not me who is using it!"

Home wireless is not new any more, so you would not think the advice here would need repeating. But people all over the world still set up their wireless systems in an insecure way.

So, to repeat:

The pitfall of home wireless networks is that any other computer user who is wirelessly enabled can log onto your network unless the proper steps are taken to prevent intrusion.

Neighbours, hackers, mischief-makers or out-and-out criminals can potentially “piggyback” onto an insecure network and have free reign and access to data contained on your hard drive.

Just leaving yourself open to band-width stealing makes your network vulnerable to malice and can even lead to identity theft.

Other threats could involve spammers who send viruses to your computer and then proceed to use your computer as a hub for more sending.

Sometimes when the hunt is on for spammers, virus spreaders and traders in child pronography, innocent people get caught up in the investigation – just because their PC had been invaded and was evidently a site of suspicious activity.

See our glossary of security terms for a brief explanation about how and why hackers can use a botnet of zombie computers to spread malware and spam and to conceal themselves from investigation.

Special extra tip:
Suppose you buy a wireless modem/router and set it up for the first time. At first you will probably be concerned to get your internet connection working properly. Next, you will probably be wanting to make sure that your usual networking and communications between the PCs in your home is working as you want.

But, having achieved this, your work is not quite done.
Because generally these wireless modems do not have ALL the desirable security features enabled by default.

The modems are designed to be easy to use, as well as secure. But 'easy to use' means LOW SECURITY.
There is a good reason for this. If the modems were supplied to customers with the maximum security enabled nobody would ever get them installed and running.

So the trick with wireless modems is this: connect it up and get all the basics working.
Then read the manual and find out how to turn on all the security features.

News and Articles about Broadband Internet Connections and Security

Below here, if it is operating, is a news feed to articles about broadband networking.
But the feed is not always 'live' so there may be no more information below this point.