Using Secure Wi-Fi/Wireless Network

Aug 29, 2016 | 7:22 am

Published by | Chandan Singh

secure wifi network

What is Wireless Network

Advancement in technology brought us to an era where users are totally relay on wireless technology. As the name suggests, wireless networks, sometimes called Wi-Fi, that allows to connect to internet without use of wires. If your office, home, airport, or even local coffee shop has a Wi-Fi connection, you can easily access to the network instead of wired network.

Benefits of Wi-Fi

  • Globally Accessibility
    Wi-Fi
    allows users to stay linked in a wide range of different places such as the office, home, coffee shop, or hotel on the other side of the country. Most of the electronic devices sold today are Wi-Fi able, and the greatest part is the fact Wi-Fi technology has a worldwide standard.
  • Ease to communication
    Not only is Wi-Fi convenient, but with the demand for general public wireless networks and portable wireless devices that support roaming, Wi-Fi allows users to stay linked all the time.
  • Cost Effective
    The investment of wireless network hardware is reasonable, especially in comparison to cables that are difficult to install and control. Wi-Fi allows businesses to quickly install the technology anywhere in their service and build a secure network that can support all of their employees.

 

Major Threats for Wireless Networks

  • Denial of Service: This attack or threat allows an attacker to bump all the users from a wireless network even without connecting to the network.
  • Wireless Intruders: This type of threat allows attackers to crack the Wi-Fi encryption (key) to connect that wireless area. Attacker can use different type of attacks to get access of a protected wireless area network
  • Misconfigured Access Points: These type of access points is vulnerable of simple known tricks which can lead an attacker to take over on access point and in many cases all over the network.
  • Data Interception: One of the highly rated threat in a network is MITM (Man In the Middle Attack) where attacker can monitor all activities of every user as well as use the information and modify their requests.

Misuse of Wi-Fi are trending at that time. Unsecured Wi-Fi networks provide a fairly easy target for hit-and-run style attacks allowing cyber criminals to cause severe harm without leaving a track.

To avoid misuse of Wi-Fi networks, all residents using Wi-Fi hereby advised to implement the following recommendations on their Wi-Fi gain access to points with immediate impact.

Safety Tips

  • Change the default Login ID and Password
    Change the default Sign in ID and password used to get into the AP (Access Point). Make use of a strong password that reaches least ten characters long and is mixture of alphanumeric and special characters. This will prevent unauthorized users from signing into your Wi-Fi router and manipulating its configurations.
  • Change the default SSID
    (Service set identifier) SSID is a name given to your Wi-Fi AP to let Wi-Fi clients identify it and hook up to it. Change the merchant default SSID. Pick a name that is simple to remember but will not reveal your identification or any other private information. Use strong security and authentication.
  • Use only WPA2 Encryption:
    Use Wi-Fi Protected Access (WPA) or WPA2 with Pre-Shared Key (PSK) authentication. Like the Advanced Encryption Standard (AES) security. If AES is not supported on your AP or laptop, you can choose Temporal Key Integrity Protocol (TKIP) encryption.
    Setting up WPA/WPA2 on home Wi-Fi AP. In some Wi-Fi APs, WPA-PSK or WPA2-PSK is known as WPA-Personal and WPA2-Personal. Make use of a strong passphrase (also known as WPA Shared Key) that is at a minimum of eight characters long and is a mixture of alphanumeric and special characters.
  • Restrict remote access to your Wi-Fi AP Disable remote administration:
    To ensure that no person can change the configurations on your wireless router from the web. Disable administration via wireless: This ensures that the APs system is accessible only when you are linked to it via an Ethernet wire. Use HTTPS: for signing into your AP’s system
  • Turn ON logging
    Enable signing capability on home Wi-Fi AP. Logging will record activities of your Wi-Fi router including Wi-Fi activities of the clients that hook up to it. This kind of record is review trail in the event of a security breach and can be helpful for troubleshooting.
  • Keep your Wi-Fi AP firmware up to date
    When a vulnerability is uncovered in the AP software, vendors usually release an upgrade patch. Make sure your AP is using the latest version of the software.
  • Never use unknown Wireless Network
    Never connect to any unknown Wi-Fi network.  It might be set up by attackers to grab your information.
  • Check before connecting to your own access point
    There are some attacks where attackers create a fake access point with same name as their victims are using, and then they start bumping users from the network. When user checks for their access point they see two access points with same name. So it is highly recommended that if you see more than one access point with same name as yours then verify the access point before connecting to it.
  • Use virtual private networks
    If you are using someone another’s Wi-Fi or if you are connected to a public Wi-Fi or if there are unknown users in same network as yours then it is highly recommended to use Virtual Private Networks as they secure you from MITM and Sniffing.
  • Enable MAC Address Filtering
    It is a good practice to enable MAC address filtering in your access point so that no one can connect to your network without your permission even if they know wireless access point password (Wi-Fi Key).
  • Setup a Guest Network
    It is not easy to deny friends and relative from accessing your Wi-Fi network. Also it’s not secure to distribute your password to others. So in that case you can setup a guest network (separate network) under second SSID features supported by many new devices. Having a separate network for guests allows you to routinely change the password without affecting your own devices. You can even disable it entirely when not in use.