Chicago IT Support
Chicago Network Security Consultant and VPN Consultant Focus Technology
Chicago IT Support - network solutions
Chicago VPN consultant - VPN solutions
Chicago IT Support - mobile solutions
Chicago IT Support - backup recovery
Chicago network security consultant - firewall security
Chicago IT Support - anti-virus
Chicago Web Development - web development
Chicago Web Design - web portfolio
   

Chicago IT Consulting Newsletter

Wireless Security

Don't Let Your Wireless Network Broadcast Its Vulnerability

Nathan Van Voorhis - Chicago-Based IT Consultant / Technology Trend Contributor
Monday, August 2, 2010

Wireless networks have become as popular as the Internet itself. Most new laptops now come with built-in wireless connectors for portable Internet access. The flexibility of hitting the Web from your kitchen table or from a conference room at the office is a major perk to going wireless.

  Woman Using Remote Access

Some wireless networks have roaming areas up to 1500, which is great for the user, but poses a potential security threat to the user’s network. In the wired world, the only way for an outsider to get to your network was through the Internet. With the openness and accessibility of wireless networks, however, intruders have much more opportunity to go where they don’t belong.

Here’s an example: Let’s say that you have a network printer that is shared by your wireless laptop and other computers on your network. One day, your printer produces a document that didn’t come from you or anyone in your office. How could this happen?

You may surprised to learn that this could happen completely by accident, when, say, someone in a different company two floors down fumbles while trying to print to a nearby printer. If that person has a wireless Ethernet card on his laptop, he could have inadvertently picked up your internal IP address while booting up one day. He gets access to everything on your network, without even trying.

This is courtesy of your Dynamic Host Configuration Protocol (DHCP), which is a common network setting that automatically distributes your internal IP address to any computer on the wireless network. Going back to the example above, if the office worker at the company two floors down decides to add a printer using the Setup Wizard, he will get your printer as an option. The person may not even recognize the difference. Once the setup is complete, print jobs will automatically route to your printer.

This scenario might sound implausible, but it happens more often than you think. The majority of wireless systems transmit information using the 802.11b transmission protocol. This allows any wireless card from any manufacturer to communicate with your network, because the same transmission protocol is used. Think about the example above. If it can happen this easily by accident, hackers won’t have a difficult time getting in intentionally.

So how do you prevent an accidental or intentional hijacking? The following steps can help:

  1. When designing your network, try to avoid using the most common IP setting: 192.168.1.x. Instead, try a slightly different IP setting, such as: 192.168.53.x. If you are obligated to use the 192.168.1.x IP setting, make sure to properly encrypt your wireless network (see Step 6).
  2. On your current home or office network, disable DHCP, unless you are certain that you have properly encrypted your wireless network. DHCP is usually automatically set on the access point.
  3. Change the default password for your wireless access point. Even the strongest wireless security can’t prevent hackers from accessing the access point administrative controls, where they can change the encryption passwords or even drop your encryption. It’s important to change the default password, since it is often just <blank> and is easy to guess most of the time.
  4. When setting up your access point, make sure that you have a unique service set identifier (SSID). SSIDs are similar to Microsoft’s workgroups. An SSID creates a unique wireless workgroup, so that only devices and access points with the same SSID can communicate with each other.
  5. Disable the wireless SSID broadcast, which is usually set by default for the sake of convenience. Disabling this broadcast will give your wireless network more protection because it prevents other wireless users from picking up your SSID.
    6. Set up wired equivalent privacy (WEP) encryption, which protects wireless transmission with 64- or 128-bit encryption. Encryption can reduce the data transmission speed, but it provides essential network protection.

A secure wireless network enables you to take advantage of the freedom and portability that wireless access provides, without leaving yourself and your information vulnerable to attack.
   
Back to Topic List
  

Other related articles:

Firewall Myth and Reality
Firewall Tips

 
   
     
 
home | Chicago IT Consulting & Support | VPN | mobile | backup | anti-virus | firewall
web development | web portfolio | IT Consulting Blog | site map | contact us
 
     
 

Chicago IT Consulting is our core business :: Providing the best IT Solutions

  
 
© 2011 Prometheum Technolgies, Inc. All Rights Reserved.
  
Home PageContact Us