The need for email archiving
Without an effective system for archiving emails, organisations can find themselves unable to recover vital business records, leaving them open..
ZDNet UK / News and Analysis / Security / Security Management
10 ways to wireless security
COMMENT
Wireless networking is easy to set up, and it's convenient, especially if you like to move around the house or office without your portable computer while staying connected. But because they use the airwaves, wireless communications are more vulnerable to interception and attack than a wired connection. Here are some tips for securing your wireless network.
1. Use encryption
Encryption is the number one security measure, but many wireless access points (WAPs) don't have encryption enabled by default. Although most WAPs support the Wired Equivalent Privacy (WEP) protocol, it's not enabled by default. WEP has a number of security flaws, and a knowledgeable hacker can crack it, but it's better than no encryption at all. Be sure to set the WEP authentication method for "shared key" rather than "open system". The latter does not encrypt the data; it only authenticates the client. Change the WEP key frequently and use 128-bit WEP rather than 40-bit.
2. Use strong encryption
Because of WEP's weaknesses, you should use the Wi-Fi Protected Access (WPA) protocol instead of WEP if possible. To use WPA, your WAP must support it (you may be able to add support to an older WAP with a firmware upgrade); your wireless network access cards (NICs) must support it (again, a firmware update may be necessary); and your wireless client software must support it. Windows XP Service Pack 2 installs the WPA client. SP1 machines can be updated to support WPA by installing the Windows WPA client with the Wireless Update Rollup Package — see this page for more details. Another encryption option is to use IPsec, if your wireless router supports it.
3. Change the default administrative password
Most manufacturers use the same default administrative password for all their wireless access points (or at least, all those of a particular model). Those default passwords are common knowledge among hackers, who can use them to change your WAP settings. The first thing you should do when you set up a WAP is change the default password to a strong password (eight characters or more in length, using a combination of alpha and numeric characters, not using words that are in the dictionary).
For the next seven tips, click here...
Related stories
Post your comment
In order to post a comment you need to be registered and logged in
Log in or create your ZDNet UK account below
By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ
ZDNet UK Live
Oracle signs Solaris deals with HP and Dell: Find the answers in the Community FAQ free shipping wholesale product... http://bit.ly/bcjQtY
9 minutes ago on Twitter by nikeshoes998
Oracle signs Solaris deals with HP and Dell: Find the answers in the Community FAQ free shipping wholesale product... http://bit.ly/9GWZRh
9 minutes ago on Twitter by mensapparel2010
Oracle signs Solaris deals with HP and Dell: Find the answers in the Community FAQ free shipping wholesale product... http://bit.ly/bPLHL8
9 minutes ago on Twitter by womensapparel20
Oracle signs Solaris deals with HP and Dell: Find the answers in the Community FAQ free shipping wholesale product... http://bit.ly/bVw3F2
9 minutes ago on Twitter by lisabarnes001
Oracle signs Solaris deals with HP and Dell: Find the answers in the Community FAQ free shipping wholesale product... http://bit.ly/cDUyaj
54 minutes ago on Twitter by KC616 free shipping wholesale products: Read more »h handbags,NIKE shoes, jewelry, watches, and jacket and so on. We gua... http://bit.ly/cWcW1e
54 minutes ago on Twitter by KC616
Cyberwar defence plan is essential, says former CIA head: Michael Hayden, former head of the CIA and the National ... http://bit.ly/beLpKQ
1 hour ago on Twitter by SpyScroll
SAP leads businesses into augmented reality http://bit.ly/9eMWYp | #Droid #Android
1 hour ago on Twitter by Droid_News
free shipping wholesale products: We mainly supply top mirror quality brand name products, such as wholesale handb... http://bit.ly/cWcW1e
2 hours ago on Twitter by wholesalegurru
Cyberwar defence plan is essential, says former CIA head: Michael Hayden, former head of the CIA and the N... http://bit.ly/9sn6ax #pdln4nx
2 hours ago on Twitter by CNSInstructor
Oracle signs Solaris deals with HP and Dell http://bit.ly/9KVeqD
2 hours ago on Twitter by AllAboutFashion
SAP leads businesses into augmented reality http://bit.ly/9eMWYp | #Droid #Android
2 hours ago on Twitter by Droid_Phone TalkTalk to sell mobile services via Vodafone deal http://bit.ly/bLVfxI | #Droid #Android
2 hours ago on Twitter by Droid_Phone Oracle signs Solaris deals with HP and Dell: Find the answers in the Community FAQ free shipping wholesale product... http://bit.ly/cDUyaj
2 hours ago on Twitter by wholesalegurru free shipping wholesale products: Read more »h handbags,NIKE shoes, jewelry, watches, and jacket and so on. We gua... http://bit.ly/cWcW1e
2 hours ago on Twitter by wholesalegurru
DoJ joins whistleblower in Oracle fraud suit http://bit.ly/bMT3SJ
2 hours ago on Twitter by felixsprisci
Update: free shipping wholesale products - ZDNet UK (... http://www.actahandbags.com/trends/free-shipping-wholesale-products-zdnet-uk-blog/
2 hours ago on Twitter by actatrudy free shipping wholesale products: Read more »h handbags,NIKE shoes, jewelry, watches, and jacket and so on. We gua... http://bit.ly/bRvFgG
2 hours ago on Twitter by lisabarnes001 free shipping wholesale products: Read more »h handbags,NIKE shoes, jewelry, watches, and jacket and so on. We gua... http://bit.ly/9CXYG9
2 hours ago on Twitter by mensapparel2010Latest in Security Management
Featured white papers
Dell Data Storage Summary
This study was conducted in the United States amoung IT decision makers with involvement in data centre purchases at companies..
Datasheet: Infrastructure as a Service
'Infrastructure as a Service' gives enterprises the flexibility to subscribe to the compute power and storage they require today with 'pay..
Talkback
Another option that people should consider is to provide an additional open unencrypted free access to the internet. Restrict the access to LAN resources by providing an additional authentication step. If necessary, restrict the bandwith allocated to the free access so as not to degrade the other users access.
Someone who is trying to access "your network" is probably simply trying to get an internet connection. So simply make it easy for them to get one. Most likely they will then be happy and not spend days trying to break through your security... at which point they would have full access to all your sensitive information.
Providing an additional unsecured Wi-Fi access to the internet might stop casual intruders. Maybe a corporation with a huge amount of bandwidth could spare a little to support such an approach but what of the small business or home user? Do you really have bandwidth to spare? Do you trust strangers to share your connection? In an age of cyberterrorism, internet fraud, spam and paedophilia do you really want to allow others to use your bandwidth for their unapproved and possibly nefarious activities? I don't... I certainly don't want the police turning up on my doorstep having determined my WAN IP address is linked to crimes. I don't want to explain 'it wasn't me' as someone dismantles my PC. I enjoy the benefits of wireless access but I want the exclusivity of Ethernet. It's my bandwidth, mine all mine.
Hi,
I regard myself as tolerably PC literate and act as the PC 'help desk' for my village. In your opening line you state state 'wireless networking is easy to set up'. I agree. However, I suggest you should have then said setting up wireless security is a nightmare and takes us back to the worst days of poor instructions and indecipherable geeky words. There is no common methodology for setting up security. If you get it wrong it can be incredibly difficult to go back and start again because you cannot get the laptop to talk to the router to make the changes. OK, I hear you say connect via an ethernet/USB cable, Where does it tell you to do this - usually by thought transfer or similar.
My advice to most people is enable wirelss securituy at your peril. It might work for a while then you go out log on to somewhere else and guess what, you get home and you cannot log on no matter what you do unless you remove all security and start again.
I would plead for a real campaign to make the wireless router companies write user 'wizards' which hide all the geeky stuff and make it simple to set up. Llike you I do believe it is necessary to enable security. However, for the moment in our quiet rural village its open house for wirelss users.
Simon
scwyatt@tiscali.co.uk
I agree with 'Anonymous iTV Consultant' completely. I have a wireless network at home with 3 devices on it, which was an absolute doddle to set-up.
Then came the security configuration and despite being very PC literate I couldn't even begin to configure the security because whatever I tried effectively 'broke' the wireless connection.
I PM website production and if a site is unusable by Joe Public you can bet that it's a resounding failure, so I'd very much like someone to tell me why PC software companies get away with building unusable rubbish that seems designed specifically to leave security holes through the average user not being able to configure it.