• Español
  •  
  • Herndon, VA
    Herndon, VA

    Let us know the location you'd like to browse.

    or

    Already a Cox Residential customer?

    Looking for Business services? Go to Cox Business home

Internet

The Internet should add convenience, not headaches. From step-by-step instructions to helpful tips, we'll help you install your equipment, troubleshoot problems, and get the most out of your online experience – minus the migraine.

Back Print Article

Ways to Secure Your Wireless Network

Last Updated: Wed, 09 Apr 2014 > Related Articles

76 rated this

Summary

View recommendations and suggestions to further secure your wireless home network.

Solution

The following table provides several different methods that you can take to better secure your wireless network. Both recommendations and suggestions are included.
 

Supported Recommendations
 

ActionDetails
Enable high level of encryption

There are several encryption methods that can be used to secure a wireless network. Depending on the age and type of your device you may have one or more encryption methods at your disposal.

Recommend: Enable WPA encryption.

  • Wi-Fi Protected Access (WPA / WPA2) provides much better protection and is also easier to use. WPA support is built into new operating systems and virtually all modern wireless hardware and operating systems. Security is provided by the use of a passphrase that can be randomly generated or customer generated from a combination of letters and numbers. A more recent version, WPA2, is found in newer hardware and provides even stronger encryption.
  • Wi-Fi Protected Setup (WPS) provides security using the WPA encryption type and adds easy network setup and connection when available. To use WPS, your device must support WPS and your operating system and hardware must support WPA encryption. WPS lets you use push buttons or PINS instead of manually locating the network name or Service Set Identifier (SSID) and security passphrase. WPS can set up a random network name (SSID), and strong WPA encryption for compatible devices and operating systems.
Enable some level of encryption when WPA is not available

If you find that some of your wireless devices only support Wired Equivalent Privacy (WEP) encryption, like Media Players, Personal Digital Assistants (PDAs), and Digital Video Recorders (DVRs), it is still important to enable encryption.
 

Recommend: Enable WEP encryption as some encryption is better than no encryption.
 

In spite of the issues with using WEP encryption, it is still better than having no encryption at all. When using WEP, use an encryption key that is extremely hard to guess. Refrain from using a WEP key like a string of the same or consecutive numbers. Because of the security issues, when using WEP encryption it is also highly advisable to change the encryption keys often. Additionally, when using WEP encryption, enabling Media Access Control (MAC) filtering can provide another ‘layer’ of protection (See ‘Turn on MAC filtering’ below).


Note: Many newer operating systems do not support WEP encryption; older devices that only support WEP may need to be upgraded.

Create a strong admin password

Many devices have an Administrator username and password that are needed to access the device and modify any configuration settings. Most of these devices use a weak default password while others do not have a default password at all.


Recommend: Change the default Administrator password.


As you will likely not use this login information very often, be sure to create a record of it and store it in a safe place. Should you forget this information, the only way to access the device may be to reset it to factory default settings. Resetting to factory default will also wipe away any configuration changes you have made. (See Save your configuration).

Turn off remote administration

Most wireless devices have the ability to be remotely operated or administered via the Internet. This feature can allow almost anyone to find and access the settings for your device.


Recommend: Turn off remote administration.


Unless you absolutely need this capability, it is best to disable Remote Administration. Doing so can help prevent unauthorized access and use of your system.

Save your configuration

Many devices have the ability to save a file containing your device configuration to a location on your network.


Recommend: Save your configuration changes.


Saving this information after any configuration changes will allow you to re-establish your custom settings should they get lost due to some unforeseen situation such as having to reset your device to the factory settings due to a forgotten Administrator password. Always save your configuration changes to a file on the desktop, flash drive, or backup disc.


It is also recommended that you write the device password, SSID, and wireless key / passphrase on a piece of paper and attach it to the device for future reference.


Unsupported Suggestions

ActionDetails
Turn off broadcasting

Many devices automatically (and continuously) broadcast the network's name, or SSID. This makes setting up wireless clients extremely convenient since you can locate a Wireless network without having to know what it is called. The drawback to this is that this also makes your Wireless network visible to any wireless devices within range.


Turning off SSID Broadcast for your network makes it invisible to casual detection by your neighbors and passers-by. When using this method of securing your network, you must remember to manually enter your SSID when connecting a wireless connection or turn SSID Broadcasting back on temporarily. This could make setting up your wireless clients very difficult if you do not remember the SSID or if you do not know how to manually enter it.


Some computers and devices will not connect unless the SSID broadcast is enabled. It is recommended that you test all wireless devices you want to connect in order to determine if this option will work for you.

Turn on MAC filtering

Another security measure that should only be used with encryption is MAC address filtering. MAC addresses are unique to specific network adapters and devices so by enabling MAC address filtering you can manage access to your network.


Turning on MAC address filtering can be used to either allow or block access to network devices depending on the setting (either block or allow but not both).

Using MAC address filtering requires that you manually enter the 12-character MAC address of every device that will be managed on your network. If you frequently add new devices to your network, MAC address filtering can become inconvenient and time consuming.


Because MAC addresses can be imitated by a knowledgeable person MAC address filtering should only be used in conjunction with other security measures.


Rate this Article:

Related Topics:

Give us your feedback:

Feedback

Maximum 500 characters

Back Print Article

Need More Help?