Securing a Wireless Network

David A. Abarca, Instructor

Del Mar College Computer Science & Information Technology

10 Important Tips for

Securing Up Your

Wireless Network

Why is Wireless Networking Not Secure?

• Overlapping signals from neighbors– Opportunity for accidental access to wrong network

– Opportunity for intentional access to your network

• Uses your bandwidth– Slows your access to the Internet

– Degrades your ability to download at high speeds

– You PAY, They PLAY!

• Vulnerabilities galore!– Wireless Security is weak

– Wireless Hardware can create targets for hackers

Why is Wireless Networking Not Secure?

Securing a Wireless Networking

1. CHANGE FACTORY DEFAULTS– Administrator Name and Password– SSID– Disable remote / wireless administration

2. Change SSID or ESSID– Service Set ID or Extended Service Set ID – Used to identify wireless networks

• Network Name – Don’t change the default to something OBVIOUS

• Smith Family Network – ABC Company Net – Bob’s Network

3. Disable SSID or ESSID– Prevents others from seeing your network name– Makes it harder for hackers to find– Prevents “accidental” access by unwelcome neighbors

Default Admin Names and Passwords

Default SSIDs

Securing a Wireless Networking

4. Enable MAC (Media Access Control) Address Filtering– Every Network devices has a unique MAC Address– Only allows network devices you authorize to access wireless

network– Helps prevent network access by “rogue” users

5. Disable DHCP (Dynamic Host Control Protocol) – Prevents hackers an “open door” to the network

6. Assign Static IP Addresses– Limits the number of devices on the network

• Each network device has an IP Address that it will always use

7. Control Broadcast Area – Position Wireless Access Point / Router

• Placement in the center of the structure can use the walls and outside structures to limit signal distances

• Hackers have to be very close to gain access to the network• Do not place WAP by the front window of the building!

Securing a Wireless Networking

8. Implement Security– WEP 64 or 128 (Wired Equivalency Privacy)

• Security Protocol• Uses various length “Keys” for authentication onto the network• Keys can be generated by using a passphrase• Encrypts the Data, BUT the key is easy for a hacker to break

– WPA ( Wi-Fi Protected Access)• Currently the standard for data encryption on wireless networks • Available on Windows XP and enhanced in SP2

9. Disable File Sharing– Prevents data from easily being accessed across the network– Files not immediately available for viewing should a hacker arrive– Prevents “accidental” access or deletion of files across the network

Securing a Wireless Networking

10.Use a Firewall – What is a Firewall?

• Perimeter Defense

• Blocks unwanted traffic– Ports

– Services

– Types of Firewalls• Hardware Firewalls

– Most wired and wireless routers have the ability

• Software Firewalls– XP SP2

Summary

• No Network is Safe– Hardware defaults

– Operating System and Application Software• Vulnerabilities galore

• Security is a continuing process, not a one time project– Updates to Hardware

– Updates to Software

– Changes in Network requirements

– Changes is Business requirements

• Security Plan– Layered Security

• Firewalls

– Make your network harder to get into than the neighbors network

Q & A

Any Questions?