Proven techniques to secure your Wi-Fi network
A router’s human-friendly SSID name can make connecting PCs, tablets, and phones to a wireless network easier — especially if there are numerous active Wi-Fi networks nearby. But SSID broadcasting is a convenience, not a necessity. Wi-Fi networks work just fine without it.
Disabling SSID broadcasting makes it harder for casual snoops and Wi-Fi freeloaders to find (and possibly attack or exploit) wireless networks. Invoking the theory that thwarting any attack — even casual hacks and amateur snooping — is a good thing, I think disabling SSID is worthwhile.
That said, disabling SSID broadcasts will not stop attacks by knowledgeable, competent hackers who can sniff out Wi-Fi nets by various methods — regardless of whether a router is broadcasting its SSID.
So simply disabling SSID broadcasts is in no way a viable means of securing your router. But when combined with other security techniques, it can help protect your Wi-Fi setup from any level of hack attack — amateur to expert.
These four components are the heart of Wi-Fi security:
◾Router-administrator password: Secure access to the router’s setup menus with a long, unique, high-quality password. (Mix upper and lower case Alphas and add numbers and even special characters to make a unique or oddball combination.) Remember, if a hacker has access to the admin functions of your router, he is home free!
◾Wi-Fi security key: As with the admin password, use a long, unique, high-quality security key to prevent unauthorized connections to your router. (A tool such as Gibson Research Corporation’s free Ultra High Security Password Generator can help.)
◾WPA2 encryption: Set the router to use WPA2 (currently the strongest encryption available) to prevent hackers from snooping data you send and receive over Wi-Fi. Don’t use WEP, which today’s hacker tools can crack in minutes, or WPA — which is less easily cracked but fell prey to hackers back in 2008.
◾Wi-Fi Protected Setup: You should disable WPS, an automated setup technology included with many routers. It makes for a quick "handshake" between devices, but routers using WPS are intrinsically unsafe; hackers can use WPS as a back door into your setup.
Disabling SSID is one of two secondary techniques for adding small, incremental levels of router security. The other is to apply MAC address filtering, which will make it harder for unknown or unauthorized devices to connect to your router.
Although neither method is proof against serious, competent hacks, both will hinder common drive-by snoops, simple connection-poachers, and other forms of casual digital attack.
Used together, these six techniques will make your router much, much harder to crack than most (often minimally configured) Wi-Fi setups.
And isn't that exactly what you want?
No comments:
Post a Comment