Wireless networks have become increasingly popular and for good reason. The networks are very easy to set up and you do not have to worry about running any wires in your office. However, wireless routers can be a potential security risk if you do not take the necessary steps to secure them. The table below provides tips to help you secure your wireless connection.
Note: Since every router is different, consult your owner’s manual for specific instructions on how to implement these suggestions.
|Change your admin username and password|| |
The first thing to do before you connect your wireless router or device to the Internet is to change the default username and password. Most devise suppliers post the default username and password on their website, so anyone could gather this info and log in your router.
|Disable remote admin access||This is a tough one to do, since you may need to make changes to your router when you are home or traveling. However, you can be assured that the casual hackers will by-pass your router if this service is disabled.|
|Enable WEP, WPA, or WPA2 encryption||When WEP, WPA, or WPA2 is enabled, a user must have the correct encryption key to connect to your wireless network. Also, data transmitted over the network is encrypted. So, if anyone is trying to view your data, they would not be able to decipher it.|
|Change your Service Set Identifier (SSID)||An SSID is the name of a wireless local area network. All wireless devices on a WLAN must employ the same SSID to communicate with each other. Your router comes with a default SSID. Change it to something that does not describe the manufacturer or model of your router.|
|Disable SSID broadcasting||Most wireless routers broadcast their SSID. This makes it easy for someone driving by to detect your wireless network. Disable the feature.|
|Enable MAC address filtering||Each network card has a unique number on it, the MAC address (Media Access Control). You can manually input the MAC address of each wireless network card into the configuration of your wireless router and then only these MAC addresses are allowed to connect to your network.|
|Block Port 25|| |
Mass mailing worms, such as NetSky, use infected computers outbound email server via port 25. Blocking port 25 offers the following advantages.
For those users that must send email, have them use the webmail interface provided by their email host or company. You may also allow your clients to use a VPN to connect to their company network and send and receive mail.