Ok, so I admit I’m a beginner at wireless technology, but I have found a few simple methods for securing my own wireless internet connection via the router admin console that would benefit anyone using wireless. This article assumes you have the knowledge and access to connect to your wireless router’s admin console. I personally don’t know how to configure your router settings, so I’ll try to generalize the steps. Also, there’s always going to be a way to hack something, but leaving your connection wide open at all times is only asking for trouble:
- Don’t broadcast your SSID (the name of your network). Generally, this is a checkbox option in your router’s admin console. If anyone wants to connect to your wireless network, then you’ll have to tell them what you named it. This is the first line of defense (since most “hackers” will just pull up the list of available networks around them and try connecting to those first).
- Enable the highest security & encryption settings possible for your router. Mine are “WPA2 & WPA” and “TKIP & AES”. Each year we’re introduced to more acronyms, but generally the newer the wireless router (& generally the more expensive), the better the security options available (but do your research anyway).
- Set a strong connection pass phrase (the password someone enters to connect to your network). Don’t just use the name of your pet rock or birth-date. Use a random string of letters, numbers and characters (*#&$^, etc.). The more, the merrier. Definitely don’t choose words you can find in the dictionary (of any language). Hackers will just use programs to figure out your password.
- Use the MAC filter! No, this isn’t an Apple product. Every internet connection device on your computer (Ethernet, wireless card) will have its own MAC address. You can use your router’s MAC filter to allow ONLY the connection devices you choose to list. This is a VERY STRONG SECURITY METHOD!!! This means that a hacker must go the extra mile of finding out your wireless card’s MAC address, then spoof it, then get through all your other security measures, just to steal your pictures of Fluffy the rock. To figure out your MAC address and set the MAC filter, do the following:
- Click Start -> Run -> then type “cmd” without the quotes
- Type “ipconfig /all“, again without the quotes
- Look for the section for your “Wireless Network Connection” and copy down the listing for “Physical Address”. It will be 12 characters (numbers and letters) separated by dashes (e.g. 00-AE-43-DD-E0-1R).
- In the MAC filter section of your router admin console, enter that address in whatever form it tells you. Mine requires a colon between each pair rather than the hyphen.
- Save the settings and continue with each additional wireless PC in your home. If you mess up, you can usually connect to your wireless router with an Ethernet cable.
- Alternatively, some routers (like mine) have a button that you can click to just add whatever wireless devices that are currently connected. So, if all the PCs in your home are already connected to the router (and are powered up), just click the button and Voila!, the list is populated for you. Just be sure the MAC addresses match up to the PCs in your home before saving. This is your chance to ensure no one has an unauthorized connection to your system (ie you have 2 PC’s of your own, but there are 3 MAC addresses showing up as connected. Hmm, who’s the third guy?)
- Turn off your wireless router when you’re not using it. Yes, it’s a pain, especially if it’s on top of a cabinet in the corner of the office. However, if you won’t be using the connection for some time (while you’re sleeping, at work, on vacation), just turn it off or unplug the router. You wouldn’t leave your lights on when you’re not using them, right? Well, just imagine if someone could steal your electricity while you’re using your lights, then you’ll want to protect it, right?
These steps, when all used together, will not only stop the kids next door from using your connection, but also more experienced hackers that roam the streets and check for unsecured connections. Not only will they not see your network in the first place (hidden SSID), but if they found it somehow, they’ll just move on to an easier target once they see all the other hurdles they’re facing (especially that MAC address trick!). Let your neighbor get hacked, not you! (or, you could forward this article to them and help them out too!)
Enjoy your safe wireless browsing!