First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.
Building a secure wireless network
- — 25 August, 2004 08:54
The era of the unconnected PC has largely passed into history. Beyond the home office and children’s rooms, PCs are popping up in such formerly unconventional locations as the kitchen counter or a shelf in the living room. A network will let you share a broadband Internet connection or a printer, as well as documents, spreadsheets, digital photos, and MP3 audio files.
Wireless remains the hot technology and, as standards evolve, increased security and higher-speed connections are becoming available. The easiest way to share a broadband Internet connection is to use a router, and even today’s inexpensive routers have firewall features for added security. You’ll still need to take steps to lock down your wireless network, though, and this is what we’ll be discussing in this edition of Upgrader.
A wireless network with a router connected to the Internet is like a small two-way broadcasting station, and it’s a tempting target for unscrupulous users. If you haven’t taken basic precautions, someone cruising by with a wireless-equipped notebook can freeload on your Internet connection, or gain access to your PCs to steal your data or to use your computer to send spam.
Wireless security is a work in progress with evolving standards. Given enough time and access, a determined hacker can probably break into your wireless system. Still, you can take a number of steps to make the interloper’s job far more difficult. The settings shown here (from a Linksys WRT54G router) are typical, but check your manual for specific directions on how to access and change your router settings (usually by using a Web browser).
- Change the router pass-word. One important (and often for-gotten) security measure is to change the default password that lets you access the router settings.
- Disable remote router access. This won’t prevent a determined local wireless user from accessing your network, but it will stop anyone accessing your router from a remote location through the Internet.
- Change the SSID and disable broadcasting. The Service Set Identifier (SSID) is the name of your local wireless network. You’ll need to know it in order to set up other wireless clients on your network. All wireless routers come with a default SSID that you should change. While you’re at it, disable SSID broadcasting, which advertises the network to anyone in the vicinity who is using a wireless-equipped computer — an open invitation, if there ever was one.
- Turn on the firewall. Routers usually have their firewall turned on by default, but make sure that’s the case. Also, enable any additional firewall features, such as the ability to block anonymous Internet requests (shown here). You can add a software fire-wall, too, if you’re really safety con-scious.
- Enable data encryption. Data transmitted by a wireless network can be read by anyone who picks it up, unless it’s encrypted. All wireless routers have encryption capabilities. We don’t have room here for a full discussion of the various types of encryption, but WPA (Wi-Fi Protected Access) is the standard that offers the most protection. Choose WPA Pre-Shared Key for home or small business networks. Don’t worry about any entries with RADIUS options; these are for large corporate installations.
Wired Equivalent Privacy (WEP) isn’t as secure as WPA, but if you have older wireless cards on your network computers you’ll have to use it. WEP and WPA are not compatible with each other. When you make your choice, additional options and menu items will appear. Check your router manual for detailed instructions.
- Enable MAC filtering. The Media Access Control (MAC) address is a unique identifying number assigned to each network device. Enabling MAC filtering in your router improves your network’s security by accepting transmissions only from PCs with specific MAC addresses. You can also prevent certain MAC addresses from accessing the network.
Using this option takes some work. The MAC address is usually printed on a sticker attached to a network card, or on the bottom of a notebook PC. To find your PC’s MAC address in Windows XP, open a command box (go to Start-All Programs-Accessories-Command Prompt), type getmac, and press <Enter>. Do this for each PC on your network and enter it in your router’s list. That’s it. You’re done.
The top down:
Benefits:A secure wireless network will make it difficult for outsiders to view your personal data or steal your broadband bandwidth
Time required: 10-20 minutes, depending on the number of PCs you have
Tools required:You must have a wireless network with a wireless router already installed
Vendors: See June's Best Buys for a list of wireless equipment vendors