honoluluadvertiser.com

Sponsored by:

Comment, blog & share photos

Log in | Become a member
The Honolulu Advertiser
Posted on: Tuesday, September 19, 2006

Secure your wireless network

By Kim Komando

If you just set up a wireless network in your home without securing it, you're just asking for trouble. Neighbors or passers-by can connect in seconds. Worse, Wi-Fi freeloaders may use your connection for illegal activities.

When the police come knocking, it'll be on your door. Your connection could also be used to send spam. If so, your Internet service provider will likely cut you off.

Then there's the data you transmit over the Internet. It's easy to intercept data on an unsecured network. Free tools let anyone hopping on your network capture every keystroke that you make.

Or, how about the man-in-the-middle attack? This is a complex undertaking. A hacker configures his computer to act as the router. Your computer connects to the hacker's, which connects to the Internet. All your data pass through the hacker's computer.

These are scary scenarios, but you can avoid them by securing your network. Your wireless router probably came with security disabled, so you must set it up. Consult your router's manual to learn how to access its settings.

Most importantly, enable wireless encryption. You must also enable encryption on all computers that connect wirelessly.

There are three flavors of encryption. First, there's WEP (wired equivalent privacy), WPA (Wi-Fi protected access) and WPA2, the second generation of WPA. It is also referred to as 802.11i. Don't confuse that with networking protocols like 802.11a/b/g.

WEP is an early encryption method. It is worthless; an expert can break it in minutes. Countless people still use it, thinking they are secure.

Several years ago, wireless experts recognized WEP's fatal flaws. They started work on a new standard that eventually became WPA2 (802.11i). In the meantime, equipment manufacturers used WPA, a transitional standard. This is similar to WPA2, but uses a less secure form of encryption.

According to the Wi-Fi Alliance, an industry body, WPA has never been broken. However, some security pros say it can be broken. They say the trick is a password of less than 21 characters. So, if you have WPA, err on the side of caution and use a really long password.

WPA2 is the way to go. It uses advanced encryption standard, or AES, which is used by the federal government. Given the power of today's computers, it is unbreakable — that is, assuming you use a good password. Your password should have upper- and lowercase letters and numbers. Also include symbols, if possible. Do not use a word, your dog's name or other obvious choices. And do not use the default password. Every crook in town knows it.

What do you do with old equipment? You may be able to upgrade WEP products to WPA2. Check the manufacturer's Web site.

If you cannot upgrade, buy new gear. WEP equipment is dangerous. A wireless router should cost $50 or less. Wireless cards are about $30.

Before you buy equipment, ensure it is certified by the Wi-Fi Alliance (www.certifications.wi-fi.org/wbcs_certified_products.php). Pay close attention to certification details. They should say specifically that a product has WPA2.

A knowledgeable intruder will find your network.

Contact Kim Komando at gnstech@gns.gannett.com.