Home Wi-Fi network security: 4 ways to avoid big trouble
- — 03 May, 2011 02:29
Locking down your home Wi-Fi network with a password is like making sure you eat your broccoli. It's probably good for you, but you probably think it's not much of a priority or a big deal. Well, it's time to make an attitude adjustment. It turns out that you can cause yourself a good deal of trouble by leaving that door to your system unlocked.
Don't believe me? Just listen to the story of a homeowner in Buffalo, N.Y., who endured an ugly encounter with a weapons-waving coterie of law-enforcement agents who swarmed into his house in February and accused him of downloading a huge trove of child pornography, a federal crime.
As you might have guessed, the man (his name has not been released) was guilty of nothing more than failing to secure his Wi-Fi network. After an extensive grilling and the seizure of his family's computers and smart phones, the real culprit emerged. It was a 25-year-old neighbor who had secretly latched on to the innocent man's wireless network and used it to download thousands of images, according to an Associated Press story that's been making the rounds. The same story recounts similar incidents in North Syracuse, N.Y. and Sarasota, Fla.
I'm not saying there's a creep outside of every unlocked electronic door just waiting to download kiddie porn. The incidents in New York and Florida were obviously unusual events. But there are plenty of people who think it's acceptable to freeload on someone else's network.
A recent survey commissioned by the Wi-Fi Alliance, an industry group, found that nearly one-third of the respondents said they have tried to get on a Wi-Fi network that wasn't theirs - that's up 18 percent from a December 2008 poll.
At the very least, those folks will slow down the connection for which you're paying. They could also gain access to files on your computer that you thought were private. Or, they could be using a peer-to-peer network to download illegal copies of music or movies, an activity taken seriously by the music and film industries (and their lawyers) these days.
So why take a chance? Here are four key steps you can take to secure your home wireless network.
1.Set Wi-Fi for the highest level of security your router and PC allow: Wi-Fi Protected Access 2 (WPA2) is the latest in network security technology. It controls who connects to the network and encrypts data for privacy. Older wireless routers won't give you that option, but most support WPA encryption. Your router may support the older WEP standard, but it's really rather weak and should be avoided unless you have no other choice. It is important to note that the security level of a home network is determined by the least capable device and many devices ship with security options disabled as the default.
2.Create strong passwords: Ensure that your network password is at least 8 characters long, does not include any dictionary words or personal information, and is a mix of upper and lower case letters and symbols. A tip that might make password management easier is to create an acronym from easy-to-remember phrases. For example, "my daughter's birthday is July 7, 1987" could become the password "MDBi7787."
3.Be smart about hotspot use: Most public hotspots leave security protections turned off, so while connecting to a public Wi-Fi hotspot is great for general Internet surfing, users should not transmit sensitive data, such bank account login information.
4.Turn off file sharing: You'll notice that Windows lets you share files across a wireless network. That's useful, of course, when you want to share music and videos around the house. But it gives hackers a straight line into your private stuff. If you keep it on, be sure to limit the files that can be shared on the network to material that you don't mind exposing to the rest of the world.
Most of the measures I'm recommending can be made by accessing your router via the Internet. That address is generally set by default and is the same for all, or most of all, routers made by the manufacture of the router. Linksys routers, for example, use 192.168.1.1 for their internal IP address. D-Link and Netgear routers typically use 192.168.0.1. Some US Robotics routers use 192.168.123.254, and some SMC routers use 192.168.2.1.
The default password for many routers is "admin." D-link routers give you a choice of logging in as "admin" or "user." If you log in as "user" simply leave the password field blank, unless you set a password earlier.
A third-party application called Network Magic (now owned by Cisco) makes it even easier to handle these chores. I've been using it for years to add devices to my network, repair wireless connections, get alerts when an intruder sneaks in, and to install passwords and share files and printers securely.
The software comes in a number of versions, but for most users Network Magic Essentials, priced at about $24, is all you need. One caveat: Cisco is cutting back its consumer operations, so it's possible that it will stop selling, and maybe stop supporting, Network Magic.
San Francisco journalist Bill Snyder writes frequently about business and technology. He welcomes your comments and suggestions. Reach him at email@example.com.
Follow Bill Snyder on Twitter @BSnyderSF. Follow everything from CIO.com on Twitter @CIOonline.
Read more about security in CIO's Security Drilldown.