Dell Precision M2400 Mobile Workstation notebook 
RRP: $3251.20
RRP: $3251.20
How to restrict wireless access
Secure your wi-fi network.
I like the idea of keeping a Wi-Fi network open so visitors can be welcomed into the warm Internet like Elijah to a seder. But for your business, you'll likely want restrict access as much as possible to minimize the risk of stolen data. A Wi-Fi network without a password sends information in-the-clear, meaning that anyone nearby can read it. Here are several ways to close your network's windows to keep pests out.
Hide the SSID. The first, simplest step to keep people off your network is to make it vanish like Lost Island. Connect to your Wi-Fi router's settings page, and visit the wireless settings. Set it to hide your SSID broadcast. When connecting a client, you'll have to manually type the SSID. But since the network isn't listed for you, it won't be listed for casual eavesdroppers either. Still, be aware that it's easy to find hidden networks with a few more steps, so this will only stop casual bandwidth opportunists.
Set a password. If your network is open--it doesn't require a password--all of the data flying through the air is just like shouting across a party. Anyone who wants to listen can hear your conversation. Encrypt the transfer with a password, scrambling the data. The several common methods of encryption perform differently. WEP is the weakest and most easily cracked by a hacker. Avoid it unless it's your only option. WPA provides better protection, but WPA2 is ideal for most simple networks. Add that security in the router settings, likely WPA2 Personal if your small business uses consumer hardware.
Filter by MAC address. And you can allow only known wireless clients into your network by referencing a table of unique MAC addresses. While this identifier can be faked, it's generally a single ID assigned to network-connected hardware at the factory. Connect the wireless client to the router like you normally would, and visit the router's list of clients. The MAC address should be listed there. Copy the address, and open the MAC filter list configuration page. Add each client, then activate filtering, so only devices with those known MAC addresses can connect. Remember to include mobile phones, wireless music players, or any other Wi-Fi hardware beyond laptops.
18%
14%
Comments
Thumbs up!
In addition to the advice given by Zack, I'd also recommend disabling DHCP and incorporate a little subnetting.
--DharmaKing
This is horrible advice
MAC addresses are unencrypted on every packet sent over a wireless network. There are several tools that let you spoof MAC addresses. All someone has to do is listen into the packets being sent over the air in order to determine a MAC that is accepted on the router.
The SSID was never designed to be hidden, and therefore won't provide your network with any kind of protection if you try to hide it. It's a violation of the 802.11 specification to keep your SSID hidden; the 802.11i specification amendment (which defines WPA2, discussed later) even states that a computer can refuse to communicate with an access point that doesn't broadcast its SSID. And, even if you think your SSID is hidden, it really isn't.
Zack, it concerns me that you are giving this type of advice when you don't seem to know what you are talking about. You don't have to take my word on this, do some simple security reaseach.
Post new comment