Locking The Wireless Network

Is your home or small business wireless network secure? Probably not. But not to worry, there are several methods and products available to help mend the holes.
Another option is to configure the Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) security most vendors build into their products but most users ignore, Fuhrman says. "WPA is the more secure of the two and is not susceptible to brute force hacks," he says. When installing older products that use WEP,

Fuhrman adds an extra layer of protection by using MAC address filtering, which prevents unauthorized users from accessing the WLAN even if they have the encryption key.

When it comes to encryption, a measured approach works best, says David Ducharme, CEO of Total Home Technologies, Salem, Mass. "Usually the more encryption you have, the less the range of the products, so it's kind of a balancing act in some ways."

Vendors are beginning to address the issue of unsecured WLANs with products designed specifically for homes and SOHOs. Kaspersky Lab's recently-released Internet Security 6.0 includes software that scans home and SOHO wireless and wired networks, blocks access or limits the activities that can be done within the network and includes an antihacker feature, says Charles Waelde, senior technical engineer at the Moscow-based company.

"To protect the workstation, you also have the ability to put the PC into stealth mode. This will completely isolate the PC on the network from other machines and no one will be able to see you on the network," Waelde says. If attackers use brute force, ping of death or denial-of-service attacks, the product can deny access from the IP address until the user allows access or blocks it permanently.

WiTopia, Reston, Va., just launched its SecureMyWiFi service, which starts at $9.99 per year for home users and $99 per year for businesses. The software is downloaded to the customer's network and uses an external server to provide authentication, encryption and other services. The company provides integrators with a 40 percent margin on the price of the first year of service, and also offers the software preinstalled on other vendors' access points.

Mount Laurel, N.J.-based TrustEli last year launched its Eli Managed Service appliance for homes and small businesses, and recently signed a distribution agreement with D&H Distributing. Eli includes a firewall, content filtering, wireless gateway, VPN support and protection against viruses, spam, spyware and phishing attacks. The cost is $199.99 with a $9.99 monthly service fee.

Another important aspect of securing wireless networks is documenting every step of the process and recording changes to equipment settings, says Gordon van Zuiden, principal at CyberManor, a Los Gatos, Calif.-based integrator. For an integrator with numerous customers, each with their own security settings and equipment specifics, keeping track of the details can be challenging.

"If you are going to start adding or changing things in the wireless network, you need to keep a database with all of the information logged," he says. "If this information isn't available, it will end up as an expensive wasted service call."

Van Zuiden uses QuickBase, an online database from Mountain View, Calif.-based Intuit, for all of his service requests. QuickBase is useful because integrators can specify information such as client names, technical parameters of the home, IP addresses, logins and passwords. "The best part about QuickBase is that our engineers can access it online and get the configuration information at the customer's location," he says.

Integrators can rant and rave about the many problems with unsecured networks and the reasons to protect them, but demonstrations of the problem often are the most effective ways to convince hesitant customers. Young uses NetStumbler, Windows-based software that can detect open WLANs, to show clients all the open access points in their neighborhoods.

"I'll arrive early, fire up my laptop in their driveway and tell them the name of their access points before I even walk in the door," Young says. "Something that dramatic tends to make them realize that their WLAN signals don't stop at the walls of their home."

For more news, reviews and commentary on the digital home and small-business markets, sign up for CRN's Digital Connect e-mail newsletter.

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing