Switch to HTTPS

Switch to HTTPS: https://t7j7l.blogspot.com/

Thursday, 12 March 2015

Keeping your network (WiFi) secure

Nobody wants people hacking into their network, it's a serious financial, legal, and resource-hogging issue. Here I will talk about steps to ensure that never happens. For now I won't focus on the Internet side of things, such as firewalls, UTM, router web configuration, or whatever, but instead people nearby hacking into your WiFi network. As for Ethernet, nothing much you can do about that if they're already in your house. Anyhow, let's begin:

  1. First of all, ensure you have a good WPA2 password. Using WEP or WPA is dangerous, especially the former which can be cracked in minutes. Do not use correcthorsebatterystaple or something like that, because it can be cracked in a dictionary attack. Ensure you have random numbers, letters, and other digits to an acceptable length (I'd say at least 8 characters).
  2. Reducing the power/range of you access point can make it harder for people outside to connect to your network. That can be an inconvenience if not configured just right though.
  3. Limiting the amount of computers that can connect to your network is an useful security step. This can ensure hackers won't be able to connect as long as all the slots are filled. Can be a problem when having guests over though.
  4. You can also use a network monitor. That can detect whenever a new device connects to your access point, and even add trusted devices. Beware of spoofing when using that feature though. I recommend SoftPerfect WiFi Guard.
  5. Not broadcasting the SSID can make it just a bit harder for hackers to find your network. Unfortunately, it isn't very reliable and can be annoying at times.
  6. MAC filtering may appear to be a good idea, but unfortunately your devices can be easily spoofed. That means hackers will change their MAC to mirror yours and still connect.
  7. Disable WPS and WPA/WEP backwards compatibility. Although they can be convenient, none of those are a good idea for security since they essential increase your attack surface.
  8. Probably the most secure option is disabling WiFi altogether and using Ethernet only. Unfortunately, not every has the convenience of a router within reach though.
There you have it, hope you learned something new as always. Have a nice day!

No comments:

Post a Comment