| Securing Your Wireless Network |
Getting Started
In order to reduce the amount of support calls they get, manufacturers of wireless kit try to design them to work straight away out of the box with the minimum of configuration (if not no configuration at all). However in order to do this, they are by default configured to run insecurely, allowing anyone to connect to them. This means that as soon as you switch the wireless router/ap/gateway on, it is insecure.The first step, is to connect just one pc to it using the supplied ethernet cable. Make sure the pc is running a firewall such as the default firewall that comes with windows XP, or a 3rd party firewall such as ZoneAlarm. Do not connect the wireless router to the rest of the network until you have secured it.
Open up a browser on the pc, and enter in the URL of the router (usually http://192.168.1.1) as specified in the router's quick start guide. You should be promted to enter a username and password to access the router, and the quick start guide should tell you what these are (often they are "admin" and "admin" - not very secure huh?).
Changing the default password
The first step is to change the default password to access your wireless router. To find the page for changing the default password you may need to use the user manual, as each manufacturer puts the page in different places- Dlink puts it on the "tools" page
- Linksys puts it under the "administration" page
- Netgear puts it on the "Maintenance" page
Changing the wireless network name
The wireless network name (also known as SSID) is the name your wireless router broadcasts to identify itself from the other wireless networks in your neighbourhood. Usually the default is just "default" or "linksys" - something simple. On the wireless settings page, you should find a field where you can change this.It is often popular to use your lastname or house name, but this is a bad idea, as it clearly identifies who owns the network, which will make guessing your passwords easier (especially if you have used the name of one of your pets). Choose a SSID (network name) of something like "PRIVATE2006" or "PRIVATE4G7K" - something that makes it clear this is NOT a public network, but that doesn't identify you easily. On the same page where you specified the SSID name.
Turning on encryption
The final setting you need to change is to turn on wireless encryption. This stops anyone from snooping on your wireless network as you read emails or surf the net. Most newer hardware supports newer encryption schemes called WPA and WPA2, and if these options are available, then you should choose them. Both your wireless router and pc/laptop's wireless card will need to support WPA in order for this to work. You need to enter a password that the encryption will use, this needs to be different from the password used to login to the wireless router, and needs to be quite long.The easiest long password is actually a pass-phrase and should be at least 20 characters long such as "I really like my new blue front door" . Once the WPA encryption is turned on and the password enter, save the changes, and your wireless network is now secure.
Final Thoughts
Now your wireless router is secure, you can connect it to the rest of your network, or to your broadband/cable connection. If you are not very good a remembering passwords, rather than have to reset your wireless router every time you forget the password, write down the admin password and WPA password onto a post-it note and stick it to the underside of the router, or store it in a safe place.To connect from a laptop to your network, select your network (e.g. "PRIVATE2006") from the list of available networks, and enter the WPA password (e.g. "I really like my new blue front door") into your laptop's wireless settings, and you should be connected.
