Home Wireless Devices:
Most wireless access points are ready-to-go right out of the box, but from a security perspective, they are wide open and insecure. This means that anyone driving (or walking) by your house or living in close proximity to your house can instantly connect to your wireless access point. Without proper security configurations enabled, your neighbors can even connect to the Internet through your network at no cost to them and could possibly access files on your home systems which reside on your PC or network.
We urge you to follow and apply the guidelines below where possible.
Protect Your Personal Information:
•Remember that everyone can view data in the airspace. Protect it appropriately by encrypting the data by using Wi-Fi Protected Access (WPA and preferably WPA2).
•Install personal firewalls and Anti-Malware software on all devices and have the most up-to-date signature files installed. You should also have the latest security patches (such as Microsoft Windows updates and Adobe Reader updates) installed on your system.
•Change the administration password on the Access Point to something other than the default one assigned by the manufacturer.
•The Service Set ID (SSID) is the name of your wireless network. For example, a Linksys router most commonly has a default SSID of "linksys." You should change your SSID from the manufacturer default, but not to something that is easily guessable. Avoid using mailing addresses, street names, or your last name. This can give away too much information about your physical location or identity. Suggestions might include: "homenet8273" or "h563."
Keep a Clean Machine:
•Make sure you’re using the latest firmware update for your specific Access Point / Wireless Router. Not only will you benefit from hardware bug fixes, you may also gain improved security features as well. Firmware updates are usually freely available from the manufacturer’s website and include instructions on how to perform the upgrade.
•Using Internet Security all-in-one tools are also recommended as they usually have Host Intrusion Prevention tools which are not dependent on signature files and are more behavior based.
Connect with Care:
•For the more technically savvy, you can filter, by Media Access Control (MAC) address, what devices/computers can connect and obtain an IP address from your wireless Access Point. There is a table where you can enter the MAC address from each device/computer on your network that you want to allow to communicate.
•Disable "remote administration" for the Access Point (usually the default setting). This is different from local administration, which is always enabled. Remote administration can potentially allow untrusted users on the Internet to connect to your wireless access point and administer it.
No comments:
Post a Comment