Safe at Any Speed

from Technology & Learning

Securing your Wi-Fi network is easier and more important than you might think.

From my New York City apartment, my laptop picks up signals from no fewer than six Wi-Fi networks. Several of them are listed as "unsecured," while others are passwordprotected. That got me thinking: If my laptop can see these networks, then people on those networks can see mine. And if they think it necessary to secure theirs, then maybe I should secure mine too. My neighbors are all very fine people, but….

Why Should I Secure My Wireless Network?

I'm not too worried about people using my wireless connection to access the Internet (although my ISP may be). But I certainly do not want others accessing computer files or intercepting data I send out. I have also read it is possible for people to "hijack" a personal computer over a wireless connection and use it as a source to send out spam or malicious software that could be traced back to that computer. I am sure the chances of this are very low—why spend the time breaking into Jeff Branzburg's PC when there are banks, brokerage houses, and the like out there. But reducing even a very slim chance still sounds good to me.

Getting Started

I was using an unsecured DSL connection from Verizon in my home. To get started, the first thing I did was to log on to my wireless modem/router (a Westell VersaLink Model 327W). Each brand of router will come with instructions as to how to log on to access its settings.

I first changed the log-on username and password; every wireless router I have seen comes with default ones identical to all other wireless routers of that brand and model. It was easy enough to change them to a username and password of my choosing.

What's in a Name?

When I see a number of other Wi-Fi networks on my laptop, whether at home or elsewhere, it amazes me how many people keep the default wireless network name (called "SSID," or service set identifier) such as "linksys" or "netgear." Simply changing the name requires just one quick and easy step. In my case, my Verizon setup on the Westell router did not have a name as simple as "westell" or "verizon"; it had a unique, 12-character code, which I saw no need to change.

Encryption

Encryption will scramble information sent out over your wireless network so that if intercepted it remains unreadable. Over the years a number of encryption protocols have been developed.

WEP (wired equivalency privacy) is a security protocol for wireless networks that attempts to be as secure as a wired network (hence the name). It has been in use since 1999 (ancient in Internet years). WPA stands for Wi-Fi protected access. It is a more recent protocol and stronger than WEP.

My DSL modem/router offers two types of security, WEP and WPAPSK ("pre-shared key," a less-secure form of WPA but still more secure than WEP). I figured I might as well go for the best I could, so I chose WPA-PSK from the menu. A window appeared with space to enter a "WPA Shared Key" (see graphic below).

Entering a WPA key creates a more secure network connection.

I chose a medium-length shared key (about 10 characters); after clicking the save button, a message came up saying that my wireless service would be interrupted and reconfiguration might be needed. I clicked OK, the new security configuration was changed, and I went to boot up a laptop to see if I could get online.

My Dell laptop immediately picked up the network, just as it always had. However, when I connected (having to enter the WPA shared key I created) a message saying "limited or no connectivity" appeared. But within a minute or so, the strength changed to full wireless connectivity, and I was online and fully protected.

Mac vs. PC

Now to try a Mac PowerBook G4. It too picked up the network, but when I tried to access it I received a "There was an error joining the network" message. I rebooted the Mac, the wireless router, and my desktop computer. Still, I saw the same message. What went wrong?

Mac users might find it necessary to use WEP encryption instead of WPA.

I called Verizon DSL and was told there are incompatibilities between Macs and WPA encryption, so WEP was recommended instead. From the Westell security configuration screen, I chose WEP and a window appeared featuring space to enter a series of four keys (see graphic above).

Verizon said I should leave the Authentication Type set for Open System, and that I only needed to use Key 1. The dropdown menu next to each key listed three options: 64 bit, 128 bit, or 256 bit. I opted for the 64-bit level, and entered a five-character code.

I then retested the PC and Mac laptops with WEP now enabled on my wireless router. Both PC and Mac connected successfully.

Other Security Considerations

Firewalls A firewall (software or hardware that controls who gets into your computer or network) is an important piece of the security puzzle. With a typical firewall, you decide who can communicate with your system. When I installed iTunes, for example, my firewall informed me that the program was trying to connect to the Internet, and asked my permission to do so.

Public Wi-Fi Another whole area related to security is public wireless hotspots—available anywhere from your local library or hotel lobby to Starbucks and McDonald's—that provide access to the Internet. Although these locations make it easy for you to get online (sometimes for free, sometimes for a fee), there are some basic precautions you should take when connecting. For example, you might want to forego doing your online banking or shopping over a public wireless network. I'm not too worried when sitting in my apartment, but a public hotspot could be a draw for a bad guy with a "sniffer," hardware or software that can intercept wireless signals.

TOPICS