Securing your network
As I stated in previous posts, wireless does not respect physical boundaries. They will transmit outside you building walls to the next apartment, house or business and so the information that you transmit on your network is potentially detectable by people outside of your network.
Because wireless networks must share the air waves with other access points and wireless devices it uses a method to identify itself. This method uses the SSID that programmed into the access point to identify itself to network interface cards and that network interface cards use to identify transmissions targeted to the access point. This is the name that you see when ask for a list of available access points when you connect to a wireless access point. There are two way to increase the security of your access point using the SSID.
The first method involves stopping the transmission of the SSID identification by your wireless access point. When you do this your access point will not show up in the list of available connections. This means that if someone does not know the name of your access point they cannot connect to it. It also means that you must use a different, manual method of connection to your network. The exact method to connect to your wireless network is dependent on the vendor of your wireless care and if you use the vendor's software to manage the connection or use the software built into your OS to perform this task.
The second method involves changing the default name of your access point. All access points have a default SSID programmed into them. As an example Linksys access points use "linksys", Netgear uses "default" and Sonicwall uses "sonicwall". If you do not change the default SSID name then you reduce the minimal security that turning off SSID identification provides. By using the default you reduce the list of possible names to a very small list making it easy for a potential hacker to get into your network.
While turning off SSID broadcast and changing the name will allow casual users from getting into your network it will not keep more determined hackers out of your network. Why is this you might ask? The answer lies in the information that is used to help the access point determine if a transmission is for it. The SSID and other information is used for this and if you a hacker can sniff for this information and decode it from the transmission. So by using your wireless network you are sending the information needed to connect to your network.
As you can see, turning off SSID broadcast and changing the name of your SSID does not provide much security but it is a start. Next week I will talk about how to increase the security of your network to the next level.
Happy computing
Thomas Clark, CTO Elk Creek Technology Partners
Your partners in Small Business Technology
http://www.elkcreektechpartners.com/
No comments:
Post a Comment