When at Home: Secure Wireless

When setting up wireless at home, make sure to configure your box to protect your:

• bandwidth (don't let neighbors hog it)
• record (the net can be used for illegal activity)
• identifiable information (online banking, purchases, travel plans, etc.)
• computer (which could be compromised)

Secure your wireless router by taking these important steps:

Initial Setup and Placement

• Change the admin password (make it a strong one)
• Update the firmware (consider updating the drivers on your wireless card as well)
• Disable remote administration
• Place the router in a central location (keep away from outside walls and adjust its range)
  

Router Configuration

• Use MAC address filtering (specify what MAC addresses you allow onto your network and hard code those into the router’s MAC filtering list)
• Pick a unique SSID (Service Set Identifier) and hide it (DON'T use the default; make sure you're not broadcasting the SSID)
• Change the default network addressing (to an another private RFC1918 network)
• Disable DHCP on the wireless network (prevents someone connecting to your wireless router from obtaining an IP address)
• Turn off the router when away

Use the Strongest Encryption Option

• WEP (Wired Equivalent Privacy): 40-Bit or 104-Bit key algorithm, first cracked in 2001, now can be hacked as fast as 30 seconds; it has therefore been deprecated by IEEE as no longer meeting security goals
• WPA-TKIP: Uses 128-Bit encryption keys and dynamic session keys; made to be backwards compatible with Pre-WPA hardware
• WPA2-AES (Wi-Fi Protected Access 2): Uses the new Advanced Encryption Standard; not backward compatible
  

Useful Resources

• General Wireless Information: www.wi-fi.org
• Random Password Generation: www.grc.com/passwords.htm
• Check Your SSID Exposure: www.wigle.net

Related Web Page: Secure Wireless When Traveling

Contact Us

For general information security questions or to report a computing security incident, contact ISG@brown.edu.