wireless network is fairly easy to set up, and also feels very comfortable, especially if we want to able to walk way around the house or office with a portable computer but it can still access the internet network. But, because wireless using waves, it will be easier to hack than using cable connection. There are some tips here to secure the wireless network.
- Use Encryption. Encryption is the first security, but many wireless acces point (WAPs) don’t use it as default. Althought many WAP have Wired Equivalent PRIVACY (WEP) protocol, but it still better than don’t have any encryption. Be sure to set the WEP authentication method to “shared key” rather than “open system”. For “open system”, it doesn’t encrypt data, but it just do an authentication client. Change WEP key as often as possible, and use 128-bit WEP compared with 40-bit
- Use Strengt Encryption. Because there’s weakness in WEP, then recommended to use Wi-Fi Protected Access (WPA). To use WPA, WAP have to support it. Client side also have to support that WPA.
- Change Default Password Administrator. Most industries use same password administrator at their product. That Default Password generally is already known by hacker, which can be used to change the settings on your WAP. First thing that you have to do in WAP configuration is to change the default password. At least use 8 character, combination letter and number, and don’t use word in dictionary.
- Turn Off SSID Broadcasting. Service Set Identifier (SSID) is name of our Wirelss Network. By default, SSID from WAP will be broadcasted. It’ll make easier for user to find network, because SSID will appear in network avalable list in wireless client. If SSID is turned off, user have to know the SSID in onder to connect with that network.
- Turn Off WAP when not Used. This way is seems very simple. But several industries or individual do it. If we have user that only connect at certain times only, there’s no reason to run wireless network anytime and serve a chance for untruder to do their evil intension. We can turn off access point when it’s no use.
- Change Deafult SSID. Industriy provide default SSID. Usefullness of turn off broadcast SSID is to avoid other people know name of our network, but if we still use default SSID, wouldn’t be difficult to guess SSID from our network.
- Use MAC Filtering. Most of WAP will allow us to use Media Access Control (MAC) filter. That means we can make “white list” from computer may access our wireless network, based from MAC or physical address of the network card eac PC. Connection from MAC which isn/t exist will be rejected. This method isn’t alway safe, because there’s possibility for a hacker to sniffing packet we transmit via wireless network and have valid MAC Address from user, and then use it to spoof.
- Isolating Wireless Network from LAN. To protect internal network cable from threat coming from the wireless network, there’s needed wireless DMZ or perimeter network is isolated from the LAN. It’s mean install firewall beetwen wireless network and LAN. And dor wireless client who need access to internal network, he/she must do authentication with RAS server or use VPN. This method provide extra layer to protection.
- Controlling Wireless Signal. 802.11b WAP emit up to about 300 feet. But this distance can be added by replacing the antenna with a better. With hish gain anthena, we can have more distance. Directional anthena will emit to certain direction, and the emit isn’t circular like omnidirectional anthena ussually contained in the WAP standart package. Moreover, by choose the appropiate, we can controll signal distance and the direction to protect from intruder.
- Emit waves at different frequencies. One way to hide from hackers who often use technology 802.11b / g which is more popular is to use 802.11a. because 802.11a works on a different frequency (in the frequency of 5 GHz), NICs are designed to work on a popular technology that will not be able to catch the signal.
Muhammad Wildan – 125150300111033