spacer image
Skip Nav Skip to Search
Contact  |  Subscribe to the Buzz by RSS
spacer image
RSS Feeds get adobe reader
Laptop Computer

Securing a Wireless Network in Your Home

Setting up a wireless network in you home has become so easy that many users install the hardware and begin using the system without considering security.  This can leave all the computers attached to your home network vulnerable to criminals who would love to get your credit card number, your bank account number, or any other secrets you may have saved on your computers.

By following the tips below, you can make your home network more secure:

1.   Secure your router's administration interface

Almost all routers have an administrator's password that is needed to log into the device and modify its configuration.  Usually, the router manufacturer will set a default password for the administrator.  This password is usually weak, like "password", or the manufacturer's name.  Your first step should be to change this password.  Use at least eight characters which include numbers, uppercase letters, lowercase letters, and special characters, i.e. $, %, &, etc., to create a "strong" password.  Be sure to remember this password as it will be needed to change configuration settings of the router in the future.

2.  Don't broadcast your SSID

Most routers are configured to broadcast the name of its network, or Service Set IDentifier (SSID).  You do not need this feature enabled in your home network because the users of your network are fully aware that the access is available to them.  By disabling the SSID broadcast, you will make your wireless network invisible to your neighbors and passersby, thus minimizing their opportunity to access your network.

3.  Enable WPA encryption instead of WEP encryption

Most wireless routers will come with a suite of security tools used to encrypt data that is passing (in the air) between computers on the network.  WEP, or "Wired Equivalent Privacy", was the first of these tools.  WEP has some very widely known vulnerabilities among the hacker community.  Most newer wireless routers will come with WPA, or "Wi-Fi Protected Access".  WPA offers much stronger protection and its weaknesses have not been exploited nearly as much as WEP.  Again, remember when entering the encryption key, to use a strong key (or password).

4.  WEP is still better than nothing

If your router only has WEP encryption, it is still better to enable it than to use nothing at all.  If you have to use WEP, use a strong encryption key (or password that is entered when WEP is enabled).  It is also recommended that you change this encryption key frequently (as often as once per week).

5.  Use MAC filtering for access control

Every computer you hope to hook up to your home wireless network will have a network adapter such as a wireless adapter to facilitate its communication over the network.  Each one of these adapters has a unique number assigned to it that is used to identify it on the network.  This number is called a Media Access Control number, or MAC address (since the number actually identifies the physical address of the computer on the network).  Your router has the capability to limit access to the network based on known MAC addresses.  You should enable this feature to limit access to your network.  Once the router is on and all your computers are connected to the network, if you enable MAC filtering, a table in the router will be populated with the addresses of the attached computers.  After verifying that these addresses are acceptable, then enabling this feature will limit access to only those computers.

6.  Reduce your transmitter power

Some wireless routers will allow you to adjust the power settings of the transmitter.  By adjusting this setting, you may be able to avoid broadcasting into your neighbor's house or to the street in front of your house.  This will make it harder for the bad guys to find your network.

7. Disable Remote Administration

Some wireless routers will allow you to log in and change configuration settings remotely, across the internet.  This exposes your router, and your home network, to unnecessary risk.  Unless you absolutely need this capability, it is best if you disable this feature.  (Normally, the default setting is "off", but it's a good idea to be sure).

Additional information can be found on US-CERT's web site, on various other sites on the internet, and from the documentation that came with your wireless router.