Secure WiFi network in 5 Steps
Secure its Wi - Fi network is more important than we think. In fact, WEP (Wired Equivalent Privacy) protocols and even WPA)( Wi-Fi Protected Access) contain security vulnerabilities making piracy of our connection relatively easy.
We will see how to secure our wireless network in 5 points after giving explanations on the need to secure our wireless network.
Threats no matter where you stand?
It is not possible to control the scope of the wireless network, which will very probably in your neighborhood. And even if you do know your neighbors well and think that they won't do anything wrong, you must know that there are practices intended to search for open or weakly secure wireless networks to connect to all kinds malicious action.
For example, it should be noted the fact to intercept data transmitted in clear or making hacks (of accounts, systems, or even movies) via your access point and you need to bear the responsibility.These practices are known as WarDriving and Warchalking. The first is to search for networks without wires open or low-security via a smartphone or a laptop, and the second is to use symbols in the form of tags in the streets to report open Wi - Fi networks.
Is WEP really so fallible?
The WEP protocol uses the encryption algorithm RC4 symmetric key as well as a checksum to ensure the confidentiality and integrity of trade between machines. The problem is that this key is static and therefore shared between all the connected machines to a same box. This allows to find her by simply contacting the network.
In 2001 already, researchers have discovered that the first bytes of the stream used for encryption are not random, and that by observing a large number of encrypted messages could in fact find the key... in a few minutes !
So WPA is better?
To address the weaknesses of WEP, IEEE has developed a protocol for securing networks called WPA wireless.
The WPA protocol allows a better than with the WEP data encryption because it uses TKIP (Temporal Key Integrity Protocol) key Dynamics. WPA allows to use one key per machine connected to a wireless network.
Therefore, WPA keys are generated automatically by the wireless access point.
The TKIP Protocol improves security over WEP because:
- It doubles the size of the initialization vector (random bits added to the data). Programs to easily determine the WEP key is also a list of these initialization vectors to carry out the attack.
- The WPA also double from 4 to 8-byte message integrity code.
- The encryption keys are generated in periodic and automatic way for each client.
The Wi-Fi Alliance (the association which owns the Wi - Fi brand) has then created a new certification called WPA2 for devices supporting the 802.11i standard. WPA2 is based on WPA, it supports AES instead of the RC4 encryption and offers new features like the 'Key Caching' and 'preauthentication.
To summarize, the WPA-2 offers compared to the WPA:
- Security and mobility more efficient thanks to the authentication of the client regardless of the place where it is located.
- Integrity and strong confidentiality guaranteed by a dynamic key distribution mechanism.
- Flexibility through a re-authentication quickly and securely.
How to secure my Wifi?
Now, here are the 5 points to secure sound Wi-Fi I will detail later:
- Encrypt its Wi - Fi network
- Change the default password in the box
- Update its box
- Do MAC filtering
- Change the name of the network
Here are more details:
1 encrypt its Wi - Fi network
We have seen that with a network of Wi - Fi, any data sent or received can be intercepted by anyone with the necessary tools. The network sniffers are used to read the content in clear messages that pass. These messages can be of passwords and other confidential information.
The encryption so lets make unreadable data even if they are intercepted. This to implement the Protocol, WPA2 and especially not the WEP.
You do not know which encryption protocol you currently have or want to switch to WPA2, follow these steps:
- First is through the administration panel of your modem. It depends on your service provider, you will find the process for your here.
- Once in your administration panel, look for the option of encryption protocol and pass the in WPA2.
Here is an example with WPA2 (CCMP) in the Free interface :
2. change the default password in the box
If you must give a user name and a password to get into the control panel (at Free must first connect via his account), make sure to have chosen a complicated password and not the default . It is possible that some access providers send default password by email or post.
This is a password that must then change all default passwords. Some IDs for access to the administration of the modem are sometimes extremely clear and known to all. Indeed, some sites list default IDs of most suppliers.
Passwords security policy applies then, namely a complicated and long password that should not be saved in the browser.
3. update its box
Access providers may make available to software updates. It's updates that can be linked to the security of the modem. They are therefore to be taken seriously and as soon as possible. For recent modems, the updates should be automatic.
4. make the Mac address filtering
A Mac address is an address that is stored in a network card that is unique in the world. The Mac address filtering is to tell your modem that only those whose network card contains the Mac address in question are allowed to connect.
There are advantages and disadvantages: security is provided in the sense where you decide who has access to the network for good, but you need to add Mac addresses to each change of network cards or adding devices to the network Wi - Fi.
EDIT: the Mac spoofing is a technique to change his Mac address of software in order to pass to another machine. Filtering by Mac address is therefore not a true principle of security. Thanks to Schwarzer of have said.
To find the Mac address of your card networks on Windows, do the following:
- Press the Windows key and R.
- Type "cmd.exe".
- Type ' ipconfig/all '.
- The Mac address of the network adapter in question is on the line "physical address."
Mac filtering is then configured depending on your ISP, you should find the option in your Admin Panel.
5. change the name of the Wi - Fi network
Although it only plays very little about the safety of the Wi - Fi network in it even, change the name of the network (SSID) by default is a way to indicate to potential pirates you take your safety seriously. There is less chance that attack a person who seems to know from someone who seems debutante with a default network name.
Here again this is done via your Admin Panel.
Tags: secure its wifi
Post a Comment