More and more Internet users are using Wi-Fi (or 802.11) networks to connect wirelessly to the Internet. This is a new and exciting technology used to network homes and coffee houses. Connecting to the Internet wirelessly presents a whole new set of security concerns. If you're setting up a wireless Wi-Fi network in your home, you're going to need to take some extra security precautions to keep your computer safe and secure. If you don't know much about Wi-Fi, you may first want to learn a little bit more about this interesting technology.
Many people choose to leave their Wi-Fi networks open creating a "hot spot" where a random passerby can access the Internet. While most passersby wish no harm to you or to your computer, you should know the risks before opening up your hot spot to the public. Here are some tips about Wi-Fi Security:
Know the Risks and Take Precautions Before Opening Your Wi-Fi Network To Others.
Does Your Hot Spot Violate Your ISP's Terms of Service? Some broadband Internet providers prohibit users from sharing their Internet bandwidth with neighbors and strangers via Wi-Fi. These prohibitions are located in the terms of service you agreed to when you signed up for the ISP service.
Is Your Computer and Network Secure? Make sure your computer's system password is hard-to-guess but easy-to-remember. This is especially important if you have a home network of computers. You don't want people using your Wi-Fi connection to gain easy access to your computer. In Windows XP set your password in the "Control Panel" under "User Accounts." In Macintosh OS X (10.2) set your password in the "System Preferences" under "Accounts" or "My Accounts."
Did You Change Your Base Station's Default Password? Many of the Wi-Fi base stations come with easy to guess default passwords such as "admin" or "default" -- allowing would-be hackers to take control of your base station settings. Make sure you change that default password to a hard-to-guess, but easy-to-remember password.
Tips On Closing Your Wi-Fi Network to Strangers.
If you decide that you want to keep strangers off your Wi-Fi network, there are several ways that you can limit access. You can use one or all of the options below to keep strangers off your network.
Don't Broadcast Your SSID. This is by far the easiest way to prevent someone from accessing your Wi-Fi network -- but it's far from secure. By default, all Wi-Fi base stations broadcast their presence -- known as the Service Set Identifier (SSID) -- to anyone within range. You can reconfigure the base station to not broadcast the SSID -- somewhat like a stealth mode. However, if a stranger already knows the name of your Wi-Fi network they can still gain access. Nevertheless, this tactic will keep out most random passersby.
Encrypt Your Wireless Network Password. A slightly more complicated but necessary way to keep out strangers is by creating and encrypting (or scrambling) your wireless network password. Anyone seeking to access your Wi-Fi network will need to type in the correct encrypted password. Many older base stations use Wireless Equivalent Privacy (WEP) encryption to scramble the passwords. While this encryption code will keep out a casual hacker, it has proven extremely insecure. More current encryption protocols such as Wireless Protected Access (WPA), come with newer base stations and should be used.
Configure Your Base Station To Allow Only Your Computer MAC Addresses. Every computer is identified by a unique number called a Machine Access Code (MAC) address. You can instruct your Wi-Fi base station to allow access to only certain computer MAC addresses that belong to you. Your base station settings will allow you to type in the addresses of each MAC address you want to allow on your Wi-Fi network. This is a slightly more labor-intensive task but it can be very effective since MAC addresses are hard to guess. Use this approach in combination with the two tips above or on its own.
Tips On Sending Very Sensitive Information Over Wi-Fi Networks.
Whether you open or close your Wi-Fi network, there is still another security risk of which you should be aware. When you access Web pages or send email over a Wi-Fi network those transmissions are sent "in the clear." In the clear means that a sophisticated and determined hacker could grab that information right out of the air and capture your emails and Web page requests. This is also the case when using Wi-Fi at your local coffee shop. The chances that a hacker would capture your transmissions in this way really depend on a variety of factors but it's best to exercise an abundance of caution. Certainly be very cautious about performing online banking or accessing other sensitive services. You should be aware of the risk -- especially if you're sending sensitive information over a Wi-Fi network.
Don't Send Sensitive Files Over Wi-Fi Networks Unless You Know It's Secure. Make sure that your Internet connection is secure before you send very sensitive Internet communications over it. On the Web most sites that perform sensitive transactions like shopping with a credit card or checking bank account information use Secure Socket Layer (SSL) technology. SSL encrypts the transaction -- creating a secure tunnel between your computer and the Web site server. How do you know if your Web page transaction is using SSL? One good way is to look at the Web page URL. The prefix should start with "https://". The "s" means it's SSL secure. You can also look for a padlock icon or a solid key icon on your Web browser. Some popular Web-based email services allow users to log-on using a secure SSL connection. If you're sending or receiving email while using a Wi-Fi network, make sure you log-in to your webmail using SSL.
Use a Virtual Private Network (VPN) to Secure All of Your Wi-Fi Transmissions. A VPN is an advanced networking feature. It is a technology that creates a tunnel between your computer and the network server. Many corporate networks have VPNs to protect transmissions. If you are accessing your work files or email using a Wi-Fi network, make sure your office network administrator has created a VPN for those transmissions.