What do I do about wireless security?
You can take three really simple steps to dramatically increase the security of your wireless network. It is not foolproof wireless security, but it will keep you from being an easy target and it will keep most of the riff raff out.
As Figure 1 shows, there re plenty of easy targets out there, so all you need to worry about in most cases is the curious neighbor or someone specifically looking to access a network with no protection at all. The steps in this chapter will not keep out a really serious hacker; if you have reason to worry about a hacker specifically targeting you (as opposed to someone hacking at random), however, you can hire a security specialist, or better yet, just do not use wireless. For the vast majority of you, though, read on.
Figure 2 shows varying degrees of wireless home network security and the vulnerabilities related to the networks.
Figure 2. Wireless Security Examples
So what are the four things you need to do?
Change your router's password.
Do not advertise your network (turn off SSID broadcast).
Scramble (encrypt) your wireless signal *use WEP or WPA).
Do not use ad-hoc networking.
Before we get into the "How to Do It" section, let's take a closer look at the "what" and "why" of wireless network security. Do not worry if this seems a bit complicated; it really is not. The "How to Do It: Securing Your Wireless Network" section walks you though the setup so that these basic security features can be turned on in a fairly painless way. Trust us here: It is a far worse pain to have people get on and take advantage of your network than to implement these steps.
Change Your Password
Pretty much every router on the planet comes with a default password of admin. If you don't change this immediately upon turning on and connecting to your router, you are asking for trouble. You need to open the screen where the password gets changed anyway, so do yourself a favor. Chapter 8, "Tip 8: Create Strong Passwords," explains how to create strong passwords.
Do Not Advertise Your Wireless Network
Every wireless router is given a name that allows clients (wireless-enabled computers) to find and associate to it. This name is called the service set identifier, or SSID. The first thing you do to greatly improve the security of your wireless network is not to broadcast the SSID.
Most wireless routers have the broadcast SSID setting turned on when you take them out of the box. This feature announces the name of your network to every wireless-capable computer within range. Although this makes it easy for you to connect to your network, it makes it easy for the rest of the neighborhood too. Turn this feature off (we show you how later in section "Stop Advertising Your Wireless Network"). In addition, remember that knowing the name of a network (even if the broadcast function is turned off) gives you the power to get on that network, so you should choose a random SSID name. The same rules that apply to any password apply here, too, so take a look at Chapter 8.
Any SSID that is easy for you to remember is probably easy to figure out, so avoid SSIDs that include your name, the word home, the word network, or anything related to your name-home-wireless-network. We suggest that you rename the SSID to something personal (but not easily guessed), or use a random combination of numbers and upper- and lowercase letters. Do not worry about having to memorize this; you can just write it down and keep in a drawer or a folder where you can access it later if you need it. Remember, however, that these steps only keep out the nosy neighbors and provide your router with some level of anonymity, but this step does not by itself protect your network.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.