Network Systems DesignLine | Securing a wireless network--The basics--Part VI

Get the latest news, products and how-to information on network systems. Sign up for the Network Systems DesignLine newsletter, a weekly e-mail guide dedicated to the needs of engineers developing networking equipment and components. Here is our RSS feed.








 
 HOW-TO

Securing a wireless network--The basics--Part VI

Here's the sixth and final segment of Chapter 2 of Home Network Security Simplified--an easy-to-follow explanation of how to make sure that your home network is secure--why it's important, and amazingly, how few of us actually do it. Part VI covers preventing unintentional roaming, and a wireless security checklist.
By Jim Doherty, Neil Anderson Print This Story Send As Email Discuss This Story Reprints

Page 1 of 2

Network Systems Designline
(02/26/2007 2:21 AM EST)

Rate this article
WORSE | BETTER
1 2 3 4 5
Here are Part I, Part II, Part III, Part IV, and Part V.

Prevent Unintentional Roaming
Wireless networks are a bit like cell phones. Your cell phone ties to find the closest cell tower so that you can get the most bars of signal strength to have high-quality voice calls.

Wireless NICs work in a similar way in that they try to find the wireless router that has the strongest signal. The assumption is that the router it finds is yours because it is the closest and therefore has the strongest signal. However, that is not always true. If you have poor signal strength in a particular room of your house and your neighbor's router actually has a better signal in that room,, your wireless NIC might try to roam onto your neighbor's router, unless you instruct it not to.

You do not want your laptop unintentionally hopping over to your neighbor's wireless router whenever it sees a stronger signal or for whatever reason loses connectivity with your own router.

Using the Linksys NIC management utilities (such as WLAN Monitor), this is pretty easy. Simply do not add your neighbor's wireless SSID as a profile.

When using Windows XP to manage wireless connections, an additional step is required:

  1. Bring up the properties of the wireless NIC. Click the Wireless Networks tab (See Figure 25 earlier). In the Preferred Networks section, click the Advanced button.
  2. Make sure Automatically connect to non-preferred networks is unchecked (See Figure 26 earlier).
  3. Click Close.
  4. click OK (in the Properties dialog box).

Now, if the wireless NIC sees your neighbor's wireless router, it will not try to connect to it because it is not in the list of preferred networks.

Wireless Security Checklist
Wireless networks are extremely beneficial, but you must take some simple steps to protect them. Without taking the steps in this chapter, it is the equivalent of locking the front door and leaving all window and back doors unlocked and standing open. It is pretty easy (and so critical) to add appropriate security. Here's a quick checklist to refer to:

  • change the password don the wireless router from the default (for example, admin).
  • Change the SSID from the default (for example, linksys) to a random series of lowercase letters, uppercase letters, and numbers.
  • Disable SSID broadcast on the wireless router.
  • Enable WEP or WPA encryption on the wireless router and all wireless network adapters. Use the strongest encryption level that all devices support.
  • Use a WEP or WPA passphrase that is a random series of lowercase letters, uppercase letters, and numbers.
  • Disable ad-hoc wireless networking on all network adapters (applies to Windows XP).
  • Disable auto-connection to nonpreferred networks on all wireless network adapters.

Summary
The steps in this chapter are really what most people need to keep their wireless network secure in all but the most extreme cases. The fact is that your SSID can be guessed or discovered, encryption schemes can be cracked (especially WEP), and MAC addresses can be spoofed (via a method called MAC address cloning); but this takes a great deal of skill, time, and money. If you want more protection than this, you can get it, but if you are still worried about wireless security, your best solution might be to stick with a wired network.

One additional wireless security measure that you can take that has not yet been discussed is MAC address locking (often called MAC address filtering). Because each wireless card has a unique identifier called a MAC address, and we know what the MAC addresses are for all of our wireless cards, we could instruct the wireless router to only accept connections from our cards and no one else's. This is called MAC address locking.



Page 2: next page Print This Story Send As Email Discuss This Story Reprints

Page 1 | 2


 
eSearch  

 Top 5 Most Read
 How-To Stories
1. 2. 3. 4. 5.

 Top 5 Most Read
 News Stories
1. 2.

  • Introduction to Optical Transmission Systems

    		•
  • Optimizing Embedded Systems for Broadband 10 Gigabit Ethernet Connectivity

    		•
  • Interfacing a DS3231 with an 8051-Type Microcontroller

    		•
    The entire library >>  

    		 
     Top 5 Most Read
     Product Stories
    1. 2. 3.

     Sponsor

    EE Times TechCareers
    Search Jobs

    Enter Keyword(s):


    Function:


    State:
      

    Post Your Resume
    -----------------
    Employers Area
    Most Recent Posts
    GE Corporation seeking Lead Systems Analyst in Van Buren Township, MI

    Osram Sylvania seeking Sr Applications Engineer in Danvers, MA

    Accolo, Inc. seeking User Experience Engineer in Reston, VA

    Johnson Controls, Inc seeking Project Development Engineer in Pittsburg, PA

    WhiteHat Security seeking User Interface Engineer in Santa Clara, CA

    More career-related news, resources and job postings for technology professionals


     Tech Library
    ¤ Looking for the appropriate Industry Association? This comprehensive, up-to-date list will take you to the right Web site for the help you need.

    ¤ Got a question about a standard? Here are direct links to resources detailing the industry's most important communications standards.

    ¤ Freshen up on technology, new and old, with these links to interesting and informative tutorials.

    More from TechLibrary
    Welcome to our DesignLine network of web communities. On these sites, we provide practical how-to technical information for engineers and engineering managers involved in Automotive,audio, DSP, DTV, EDA, Industrial Control, Mobile Handset, Power Management, Programmable Logic,RF,Video, and Wireless networking design. Check out the sites and let us know your thoughts.
    		 



    HOME  |  ABOUT  |  FEEDBACK  |  CONTACT
    Career Center | CommsDesign.com | Embedded.com | EE Times | TechOnline
    Planet Analog | DeepChip | eeProductCenter | Electronic Supply & Manufacturing | Webinars


    All material on this site Copyright © 2006 CMP Media LLC. All rights reserved
    Privacy Statement | Your California Privacy Rights | Terms of Service