 |
 |
|
 |
 |
|
|
INTERNET SECURITY : Home Network Security
All home networks should be secure. Both wired and wireless home networks have vulnerabilities.
Here are 5 quick steps to help you secure your home network from unauthorized access. These steps are provided as general guidelines - for detailed help, please contact your hardware vendor. See the bottom of this page for links to some common hard wired and wireless networking vendors.
1. Download the latest firmware for your router.
Firmware is software that's embedded in a hardware device - in this case, your home's router. The firmware that comes with your router may be out of date. Download the latest firmware to ensure the best security and performance.
As security vulnerabilities are discovered, patches to stop them are developed. These patches are often included in firmware updates. If you're using the default firmware that came with your router, there could be several known security holes that could allow someone to hijack your Internet connection, view the files on each of your networked computers and even steal passwords or credit card numbers.
Most of today's routers allow for firmware updates, and the process is quite simple. Check the web site for your device manufacturer for instructions on obtaining the latest firmware and how to install it. The Linksys support site can be found here and the Netgear support site can be found here.
2. Change the administrator password
Your router's default password should be changed immediately. All routers are shipped with the same administrator user name and password. Changing the user name and password is not only the most important change, it is the easiest. In your router's configuration page, look for a link or setting titled "Admin." If you have any trouble changing this setting, check your router's user guide.
3. Change your SSID and turn off SSID Broadcasting
If you have wireless router you will need to change your SSID, (Wireless network name). Your wireless router comes with a default SSID, and one of the first things you should do is change that SSID. By having a non-default SSID, you're making it harder for unauthorized connections to your network.
By allowing your SSID to broadcast, you make it easy to add additional devices to your wireless network. However, you also make it easy for anyone with a wireless device to gain access to your network. Leaving broadcasting on is a bit like leaving your car keys in the ignition while you run into the store - you're asking for trouble.
When you turn SSID broadcasting off, your wireless devices will have to be configured with the exact SSID that you have specified in your wireless router.
4. Enabling Wireless Encryption
There are several forms of wireless encryption available. The very basic
is WEP (Wireless Encryption Protocol). We do NOT recommend using WEP for
security purposes. It takes only a matter of minutes to gain
access using that system.
The other form of encryption is called WPA (Wi-Fi Protected Access).
This method is much more secure and is what we recommend for our
customers. There are two forms: WPA and WPA2. The majority of wireless equipment
on the market will support WPA, and anything manufactured since 2004
should support this standard.
To determine if a wireless card is compatible with WPA encryption,
please visit the vendor's website with regards to this. Sometimes the
card will support this technology, but the driver which ships with the card
does not fully support WPA. We also recommend making sure you have the
newest wireless client drivers on your system. If you require assistance
with determining card manufacturer and model, please give us a call.
Although there have been some security breaches using WPA, it is a much
more secure form of encryption. With WPA/WPA2, there are two forms
cipher types. One is called TKIP (Temporal Key Integrity Protocol) and
the other is AES (Advanced Encryption Standard). The preferred method is
AES, however even TKIP is acceptable for most people's security needs.
The key length required is between 8 and 63 characters. With WPA there is
no limit regarding the characters you can use. So, you can utilize full
the ASCII charcter set, which is basically any symbol, letter or number you will
find on your keyboard.
A few precautions you should take with WPA are that you do NOT want to
use just a simple dictionary word. We recommend using a word or series ofwords,
with numbers, and maybe a symbol. For example: randomword3946!# would be
ahard key to break. However please use something customized that you
will remember.
In order to setup wireless encryption on your home network, you will be
required to login to your router. If you are not familiar with this, we
would recommend either referencing your router's documentation, or
calling RipNET Technical Support to learn about how to access the router
configuration page.
For any further clarifications on wireless encryption, or if you would
like professional assistance configuring wireless encryption, please do
not hesitate to contact our Technical Support department at
1-888-509-6677 extension 5.
5. Limit access by MAC addresses
Every network card, both wired and wireless, has a unique address assigned to it from the manufacturer. This identifier is called a MAC address. By setting your router to only allow connections from specific MAC addresses, you're greatly improving the security of your network. Once you know each of the MAC addresses for your network cards, check the support Web site of your router manufacturer for instructions on using MAC address security.
Common Wireless Networking Hardware Vendors
Linksys Support
Netgear Support
Microsoft Support
D-Link Support
Motorola Support
Apple (AirPort) Support
|
Home
Password Protection
