Security considerations in a WiFi network at home

Date 28 February 2005
By Viji Rajasundram

The way most WiFi equipment is sold is to allow them to be almost ‘plugged-in and played’ straight out of the box. While this is all well and good from the ease of use aspect, most of us in the real world need to also consider the security of this wireless network. This article discusses what we could or at least should do to protect our wireless network at home through certain settings on the Wireless Access Point (WAP) Router.

There are several security settings that can be tweaked to give some basic protection to the average home user. There are two parts to this – one is the blocking of illegitimate Users and second is the encryption of any data you send or receive through your wireless network. This article will discuss blocking of illegal usage.

We need to block this illegal usage to ensure that not all and sundry within the range of your brand new WAP Router can log into your Internet connection and steal your precious bandwidth – i.e. use your connection to surf the web, thereby slowing down the legitimate users like yourself.

Usually by default, your WAP Router will broadcast it’s own ID into the airwaves, to allow wireless equipment to ‘see’ it and therefore be able to connect through it. But once you have already setup all your Laptops and PDAs to see the WAP Router, these equipment ( Laptops, PDAs ) will connect to it regardless of the WAP Router broadcasting it’s ID. So, it is best to disable this broadcast of the WAP Routers ID.

You can do this through the configuration screen of your Router. Your WAP Router’s manual will show you how to access the configuration screen of your WAP Router – Usually achieved through opening the designated Router Configuration Page on your Computer’s Browser. But do this through the computer you have wired to the router, and not one accessing it via the wireless connection.

Now, somewhere within the Configuration pages – usually there are several tabs on this page – you will find a field with “SSID” or “Wireless Network Name” or “Network ID”. Usually, by default, it is the brand name of the Router you have – say “Linksys”. Change this to something else – your cat’s name or anything. Now “Save”/”Apply” this setting. Next, you will need to turn on all your wireless equipment and make sure they connect to your WAP Router and are able to access the Internet through this newly renamed WAP Router. Once they see it – they will “remember” it the next time you wish to connect.

Once you have got this working,  you will need to go back to the Configuration page again and look for the setting for “Enable / Disable SSID Broadcast” or similar. Disable this.

And with that completed, you are done with the first part of securing your wireless network. Now, only equipment that has previously accessed your WAP Router using the new name will know of its existence and connect through it. All other equipment (operated by laymen type of Users), will think that your Router is no longer turned on.  While not completely fool-proof, at least it affords you some protection from those free-loading neighbours.

Next, we will go on to encrypting the data sent and received by your equipment.

Next, we will go on to encrypting the data sent and received by your equipment.