New Top Menu

Home Network Security Guide

home network security guide image

Make Sure Your Home Internet Setup is Safe and Wi-Fi Wireless Router is Secure

Wireless routers (pictured above) allow devices to access your Internet connection from a distance without all the messy wires running from each device to the router box. If your wireless network (Wi-Fi) has not been properly set up, adversaries can find your openly accessible connection and exploit it.

In fact, if your wireless network is set up poorly enough, it’s not only sophisticated hackers or snoops you have to worry about but also regular people, such as your neighbors, stealing your connection and potentially making other problems for you.

How to Check if Your Internet Connection is Vulnerable and Open to Attack

You can double-check your home network security by asking a friend to come over with their wireless Internet-enabled device (for example, their laptop, tablet or smartphone) to see if your wireless network is visible and, if so, whether it allows them to access your Internet connection.

Even if your friend is prompted for a password, a risk remains (though only from more sophisticated adversaries) because wireless passwords may be easy to crack and anyway are no harder to crack than other passwords.

The Damage Adversaries Can Inflict

But someone piggybacking on your wireless Internet connection is just the tip of the iceberg. Sophisticated hackers can do much more damage by exploiting your connection, ranging from capturing sensitive data you send over the Internet to completely hijacking your devices without your knowledge.

For example, your connection could be taken over and used to launch attacks on other victims from your device. Hackers could download illegal materials, route spam, launch Trojan malware or DDoS distributed denial of service attacks (see box) using your connection and devices. In these cases, it will be your IP address showing up in any logs. In other words, the authorities could be knocking on your door to ask questions or even make an arrest.

More About: DDoS and Zombies – A distributed denial of service attack (or DDoS attack) occurs when an Internet website becomes overloaded under a barrage of web page requests. Other people trying to access the same website will be denied access to it. Sometimes these attacks are launched from an army of enlisted zombie devices which were secretly taken over by hackers and used to launch unwitting attacks on others.

About War Driving

Wireless equipment can operate over a long range extending to the home or office next door and even to the roadside. Professional hackers known as war drivers are in search of unprotected wireless networks, sometimes noting the details of the open networks they find, along with GPS coordinates, and sharing the information with fellow hackers.

In their war driving quest, these hackers employ a variety of equipment, apps and tools to detect open wireless networks. Hackers will move around, either on foot or in a car, with a wireless Internet-enabled device trying to gain access to open wireless networks.

To protect yourself whether from professional war drivers, hackers or just nosy neighbors, follow the security precautions discussed next especially as your wireless network could be inadvertently open and accessible from a surprisingly large distance.

How to Properly Configure Your Wireless Internet (Wi-Fi) Connection

There are a few key things to keep in mind about setting up your wireless Internet connection. Although these tips are straightforward, many people do not apply them, leaving themselves open to attack. You should take the precautions below to properly configure your wireless network and maximize your home network security.

For the precise details related to your specific brand of router, consult its manual for everything you need to know. There are also plenty of good online tutorials you can find by typing the model of your router into your favorite search engine. You should spend some time reviewing these instructions as it is important to understand your router’s features and take steps to secure it.

Changing the Router’s Default Username and Passphrase

The first thing you should always do, right from the start, is change your router’s default password. For example, many home wireless routers now come with a web interface with the default username “admin” and the password “admin”. If these are left unchanged, it’s easy for hackers to guess these default username and passwords. This is especially true because default passwords are widely available online, including in user manuals. Even an amateur could gain access to your wireless router in this way.

  • Here’s a short sample video for a popular brand of router (remember, the instructions for your router may differ).

When setting a new password for the router, as always, make it a strong one. If you need a refresher, see our guide to strong passwords.

Disabling your Router’s Automatic Broadcasting Feature – Service Set Identifier (SSID) Settings

A wireless router automatically gives off a signal on a regular basis, broadcasting its ID number. This enables nearby devices to “see”, find and connect to it. This broadcasting feature is called service set identifier or SSID.

It is important that you disable your router’s automatic broadcasting feature by changing its SSID setting. This may sound complicated, but it isn’t. Taking this step will help ensure that your wireless network is not being announced to the world at large.

You can easily set up your router so that it does not automatically broadcast its SSID number. Rather, it is better that you manually enter the SSID number into each of your devices so that hackers or snoops cannot easily find (and then exploit) your wireless connection. If your router’s broadcasting is turned off, the availability of your router will not be advertised to war driving hackers, snoops or your neighbors.

In fact, disabling broadcasting means third parties will not even be aware of your wireless Internet connection, though some sophisticated adversaries may still be able to detect it in some circumstances.

To turn off your specific router’s SSID broadcasting function, please check the manufacturer’s manual. It is usually a matter of finding the correct option in the menu and simply disabling it. Easy!

  • Here’s a short sample video for a popular brand of router (remember, the instructions for your router may differ).

Enable (Stronger) Encryption for Your Wireless Connection

Technology is changing all the time and Wi-Fi routers are no exception. For this reason, routers are usually backward compatible meaning that they will still support older technologies. Otherwise, your older devices wouldn’t be able to connect to your wireless network.

Without getting into the entire mumbo jumbo, simply make sure that your router is configured to use the latest encryption method which is WPA or WPA2. The older technology, WEP, can be cracked much more easily. So double-check to make sure that your router is configured to use WPA/WPA2.

  • Here’s another short sample video for a popular brand of router (remember, the instructions for your router may differ).

Preventing Stranger’s Devices from Accessing your Wireless Connection – Using Media Access Codes (MACs)

One of the best means of protection is to restrict your wireless network on the basis of media access codes (MAC). A MAC is like a social security number that uniquely identifies a wireless-enabled device or piece of equipment. Each wireless device has its own MAC address.

You can set up your wireless network to work only with the MAC numbers you permit by entering these MAC addresses into your router’s settings. It’s kind of like having a bouncer guarding your wireless connection: if your name isn’t on the list, you don’t get in. If the device’s MAC address isn’t on your router’s permitted list, it will be prevented from connecting to your wireless Internet connection.

Your router’s presence will go undetected to other devices whose MAC numbers have not been entered in the router’s setup. The process varies for each model of router, so check your router’s manual for details.

While this method does mean you will have to enter the MAC addresses for each new device you buy, that is a small inconvenience for the significant security benefit that it brings.

How to Determine your MAC Address in Windows

The advice above begs the question, how do I find out what my device’s MAC number is? To determine the MAC address for your Windows-based device, type command in the Start menu, and select Command Prompt (see screenshot).

finding MAC address in Windows screenshot image

Figure: Starting the Windows Command Prompt from the Start menu

An old-fashioned DOS-like window will open. If you type IPCONFIG /ALL a list (usually not too long) of your relevant settings and configurations will be displayed. Look for your Wireless Network Adapter and note the long series of letters, numbers and dashes beside Physical Address.

Voila! You have now determined your Windows device’s MAC address (the number ending in -39-BA in the middle of the screenshot).

show the MAC address using the IPCONFIG ALL command in Windows screenshot

Figure: Displaying the MAC address with the IPCONFIG /ALL command

Once you have the information you need, exit the command window by typing Exit. You will now need to enter the relevant MAC address in your router’s settings.

MAC address of an Android device

finding mac address android screenshot

Figure: Displaying the MAC address of an android device (select to enlarge)

To determine the MAC address of an Android device:

  1. go to your main menu (select the circle with the 6 squares in it)
  2. scroll through the alphabetical icons, find Settings (a silver gear) and select it
  3. scroll down to the ‘System’ heading and select About tablet
  4. further select Status
  5. scroll down the window that pops up until you see Wi-Fi MAC address.

Long touching the MAC address displayed will copy it to your clipboard for easy pasting when you need to enter it into your router's settings.

Conclusion

By taking these steps, you will have significantly improved your Wi-Fi home network security. Your enhanced setup means that you are no longer easy prey for hackers or nosy neighbors. Give yourself a pat on the back!

,

No comments yet.

Leave a Reply

JOIN OUR NEWSLETTER
close
Email is used for major announcements only. For more frequent tips & news, follow us on Facebook.

css.php