Wireless networks have become increasingly popular for many reasons. They are easy to set up, and you do not have to worry about running wires in your office. However, wireless routers can be a potential security risk if you do not take the necessary steps to secure them. The table below provides tips to help you secure your wireless connection.
Note: Since every router is different, consult your owner’s manual for specific instructions on how to implement these suggestions.
|Change your admin username and password|| |
Before you connect your wireless router or device to the internet, change the default username and password. Most device suppliers post the default username and password on their website, so anyone could gather this information and log in to your router.
|Disable remote admin access||This is tough to do, since you may need to make changes to your router when you are home or traveling. However, casual hackers will bypass your router if this service is disabled.|
|Enable WEP, WPA, or WPA2 encryption||When WEP, WPA, or WPA2 encryption is enabled, a user must have the correct encryption key to connect to your wireless network. Data transmitted over the network is also encrypted; if anyone tries to view your data, they will be unable to decipher it.|
|Change your Service Set Identifier (SSID)||An SSID is the name of a Wireless Local Area Network (WLAN). All wireless devices on a WLAN must employ the same SSID to communicate with each other. Your router comes with a default SSID. For security purposes, change the SSID to something that does not describe the manufacturer or model of your router.|
|Disable SSID broadcasting||Most wireless routers broadcast their SSID, making it easy for someone driving by to detect your wireless network. Be sure the broadcast feature is disabled.|
|Enable Media Access Control (MAC) address filtering||Each network card has a unique number on it, known as the MAC address. You can manually enter the MAC address of each wireless network card in the configuration of your wireless router. When this is done, only those MAC addresses are allowed to connect to your network.|
|Block Port 25|| |
Mass mailing worms, such as NetSky, use infected computers' outbound email server via port 25. Blocking port 25 offers the following advantages.
For those users that must send email, have them use the WebMail interface provided by their email host or company. You may also allow your clients to use a Virtual Private Network (VPN) to connect to their company network and send and receive email.