Wireless Access Point Security Tips

A wireless access point (WAP) allows wireless computers and laptops to communicate with the Internet. Some are free standing while others are built into routers. The range of communication is spec'ed at 100 meters but can vary considerably depending on obstructions like walls, and interference like microwaves.
One common use is a coffeehouse or airport so laptops can easily connect (i.e. no passwords) - but with that ease comes security problems. Someone sitting nearby can monitor what is sent back and forth (from the laptop to the WAP) and see your data.
Home systems using a WAP can enable all the security features (such as SSID suppression and wireless security options) to make it nearly impossible for someone to login to their wireless system.

Our Recommendations

We have had good luck with the WRT54G router with wireless product. It is easy to set up and has been very reliable...and has kept the bad guys out.
 

Get Latest Firmware

Most likely when a wireless access point (WAP) is purchased, it will have out-of-date firmware. Most WAPs have a way to update the firmware.

Change Default SSID

The SSID, or set service identifier, is your wireless network's unique id. The manufacturer of your access point usually assigns a default SSID, which is well-known to hackers, so it is imperative that it is changed.

SSID Suppression

Typically, the SSID is broadcast so any wireless computers can pick up the SSID - and so can hackers. It is best to disable broadcasting the SSID. Each computer that wants to use the wireless network can be set up but must know the name of the SSID.

Wireless Security Options Details

A wireless network usually has several security options one of them being no security at all. It is best to set up a wireless network with the most secure option. Make sure all the wireless computers support the security option you choose.

• None

  Many wireless networks default to no security at all! This means any computer within the range of the network (typically 150 feet) can logon and use the network. People, called warriors, drive around neighborhoods looking for unsecure or low security networks so they can use them for free or cause mayhem.

• WEP

  A secure but weak option. WEP can be broken into by a determined hacker.

• WPA

  Data encryption specification designed to improve on the shortcomings of WEP. There are two selections of WPA: TKIP and AES. AES is the better choice: after all, it is used by several governments to keep its sensitive data secure.

• WPA2

  Second generation of WPA. An improvement over WPA but slows down the wireless network. Probably overkill for home and home office networks.

Wireless MAC filtering details

MAC filtering involves entering in each MAC address in the router's MAC filter table for each computer you want on your network Below is an example of setting up wireless MAC filtering. MAC filtering is pretty easy for a determined hacker to spoof (the hacker pretends he is one of your entrusted MAC addresses) but it does present another roadblock (along with all the other wireless security roadblocks already set up).

• Linksys WRT54G router/wireless access point

  Login as admin to the router. Under status, local network, DHCP clients table will show you what is connected to your LAN along with its MAC addresses. Under Wireless, Wireless MAC Filter you can access the MAC filter table.