Q

Security for a wireless network

What do I need to set up a wireless network and let it work properly, with all the necessary security (from hardware

to software)? Most home users just buy a wireless router and PC card from the same product line, plug them in and away they go. Wireless routers usually arrive with defaults that let computers connect to them over wireless or Ethernet, obtain an address and browse a configuration page. When you open that page, a "wizard" prompts for you for the bare minimum parameters required to get up and running.

This time-tested method isn't secure, and in some cases doesn't work properly. At minimum, home wireless owners should use the router's configuration page to turn security on. For example, on a D-Link DI-624, you'd use the Home/Wireless page to set SSID, Authentication and either WEP Keys or Passphrase. If you choose Authentication = WPA-PSK, then you'd just enter a passphrase that's 20 characters or more and not easily guessed. Choose Authentication = Shared Key only if your PC card doesn't also support WPA-PSK.

For SSID, pick a value that doesn't make it obvious who you are, where you are locatedor expose anything that you need to keep secret. (For example, SSID should NEVER be set to a login or password.) The purpose of the SSID is merely to name your wireless network so that you can find and connect to it from your PC.

On the PC, install the wireless card and any required client software that came with the card. For example, suppose you install a D-Link DWL-G650 PC card (in the same product line as the router example above). On a PC running Windows XP, you would not need to install any other client software for that card.

When you enable the card using the Windows XP Network Connections control panel, you will be prompted to select an Available Wireless Network. Choose the SSID from the list presented that matches the SSID assigned to your router. Enter the same passphrase that you configured into your router, and the card should connect to the router. All data sent between the PC and router will now be scrambled to prevent eavesdropping, and access to your network will require your passphrase. Keep that passphrase safe and make it hard to guess.

These simple steps don't provide bullet-proof security, and there are other steps you should take, like changing the password on your router and disabling remote administration of that router. However, if every wireless router owner took just these few steps to turn on security, networks would be a heck of a lot safer than they are now. Small businesses that need to go beyond this basic level of security might consider a security service like Linksys Wireless Guard. I've picked just a couple of products here to provide a detailed example, but similar steps apply to other residential-grade wireless routers as well.

This was first published in July 2004

Dig deeper on WLAN Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close