2005-03-11 News and Commentary

Home About Us Accounting Payroll Taxes IT Consulting Site Index

Wireless Woes

By Dirk J. Hedlund
Originally Posted March 11, 2005 (Updated March 14, 2005)

    There you were, wandering the aisles of the local mega-retail store, when suddenly there IT was.  A shiny new wireless router with all the latest bells and whistles on it.  You've been eyeing those things for months, but never could quite justify the cost of the thing.  This time it was different, a sale too good to pass by!  You snatched the box off the shelf, paid the cashier, and quickly drove off to get the thing installed before your conscience could wake up and stop you.  You got it out of the box, connected to your DSL, and before you knew it you were cruising the web, free of wires, from your laptop with its up-till-now untried built-in wireless network card.  You even giggled to yourself as you picked up the laptop and walked from room to room, checking out the signal strength and speed of your new toy.  The world couldn't have been brighter for you...  Could it?

    Unfortunately, that false sense of security is just about to bite you on the behind.  Out of the box, most wireless devices have no security features enabled.  None.  Zip.  Nada.  You might be think to yourself, "That's okay, there's nothing on my computer anyone would really want."  Well you'd be wrong about that, but for more reasons than you realize.

    First of all, most people have something on their computer that can be considered sensitive information.  Even if you don't do online banking or bill paying, and you don't order anything online, there's probably something.  Maybe its your email, or snapshots of your family vacation, but I bet there's something on your computer you wouldn't want to see plastered on the web for everyone to see.

    Then again, who says your computer is even the target?  Maybe , just as an example, the 13 year old juvenile delinquent next door has a penchant for emailing bomb threats to his school and is starting to get tired of getting caught.  To him, your new wireless network is a new way for him to spread his mischief while leaving a trail that probably ends with your internet account.  But maybe you like squads of men dressed in black riot gear crashing through your door at 3 AM.  I'm sure your family would find it exciting.

    So, what do you do?  Well don't worry, it's not too hard to get some security features turned on to protect yourself.  Here's the short list:

1)    Make sure all of your wireless devices support WPA, or Wi-Fi Protected Access.  Not long ago I would have told you just to turn on WEP (Wired Equivalent Privacy) for security.  Not any longer!  WEP has been "broken" and isn't safe to use anymore.  WPA was designed to replace WEP.  If your equipment doesn't support WPA, you should replace it with some that does.  Check the features list on the box.  Ask for help in the store if you're not sure, but don't buy any wireless product unless it supports WPA.

2)    Don't use the default SSID.  SSID stands for Service Set Identifier, and it basically means the name of your wireless network.  Change this name.

3)    Turn off SSID broadcast.  By "broadcasting" the SSID, you are literally telling everyone in range of your wireless device the name of your network.  Many "hackers" see this as an open invitation to come try to get into your network.  Of course, turning this off doesn't mean a determined hacker won't find your network, anyway.  I still recommend it, though.

4)    Change the access password.  All the regular rules about good passwords apply here.  If you leave it set to the default, or change it to something easily guessed, someone will eventually access your network without your permission.

5)    Turn off management over the wireless network.  This will make it so anyone wanting to change settings on your wireless device will have to be physically connected, via Ethernet cable.  Of course, you still want to keep your hardware "physically secure" at all times.

6)    Limit access by setting up an access control list based on the MAC address of your wireless network cards.  A MAC address, or Media Access Control address, is like a serial number.  Every network card has a built-in unique address that distinguishes it from all of the other network cards.  Many wireless routers will let you enter a list of MAC addresses it is allowed to talk to.

7)    Finally, put the wireless device near the center of your office or home, and keep it away from windows.  These things are really radios that broadcast out in all directions.  By keeping it near the center of your home or office, you are limiting the strength of the signal outside.  Floors, ceilings and walls all tend to reduce the signal strength, but windows don't have much affect.  Remember, a wireless network doesn't necessarily stop at the walls of your building, or even at the property line outside!  It goes on until the signal gets too weak to detect.  Another thing to remember is that these signals can be detected even further than you can usually connect to your network, so someone could be listening in.

    Wireless networks are a convenience, but wireless security is a must!  Depending on a client's needs, I may recommend a completely wired network over a wireless one.  Wired networks tend to be faster, more secure, more reliable and cost less.  On the other hand, sometimes the client "needs" a wireless network.  In those instances, I always make wireless security a high priority.

    Dirk Hedlund is a computer consultant with Klatt & Associates, CPA, PC.  He can be reached at dirk.hedlund@klatt-assoc.com , or by calling (515) 232-5642.

Check out these Computer Tips, Links and FAQs recommended by our staff,
or visit the News Archives.

Back Up Next

Copyright ©2003-2006 by Klatt & Associates CPA PC. All rights reserved.

Comments or Questions?  Please contact our at
See the browser compatibility notes here.