FAQ ABOUT

WIRELESS
NETWORKS:
AND HOW TO
PROPERLY SECURE
THEM
Mike Bynum
Matt Larkin
Jessica McCain
Sean McGrail
WHY USE THIS GUIDE
 So I bought a wireless router…
 Now what?
 Where do I put it?
 How do I set it up?
 What is WEP, WAP, TKIK……too many
acronyms!
OUR GOAL IS:
 To allow you to successfully and securely set up your wireless
router
 To increase your understanding of wireless routers and how
they can be exploited
WHAT IS IN THIS GUIDE?
 BASIC TERMINOLOGY
 TYPES OF WIRELESS EQUIPMENT
 WHY GO WIRELESS?
 WHY DO I NEED TO SECURE MY WIRELESS
NETWORK?
 HOW SECURE MY NETWORK?
 WIRELESS ENCRYPTION
 MAITAINING SECURITY
 ACCESSING MY WIRELESS NETWORK
 SUPPORT LINKS
BASIC TERMINOLOGY
 WLAN
 Wireless Local Area Network
 A method of linking two or more wireless devices
 Typical wireless home network
 Wi-Fi
 Industryname used to signify the capability of
wireless activity
 802.11a/802.11b/802.11g
 Three most popular communication standards
 Difference is in speed
 Most common right is 802.11g
BASIC TERMINOLOGY
 WEP
 Wired Equivalent Privacy
 Depreciated wireless privacy mechanism
 Not recommended for wireless use anymore
because it is easily hacked
 WPA2
 Wi-FiProtected Access
 Recommended wireless privacy mechanism
 Successor to WPA
TYPES OF WIRELESS EQUIPMENT
 Wireless Network Adapters
 Wireless Access Points
 Wireless Routers
WIRELESS NETWORK ADAPTER
 Each computer you wish to connect to a
WLAN must possess a type wireless network
adapter 
 Wireless adapters for desktop computers are
often small PCI cards or sometimes card-
like USB adapters. 
 Wireless adapters for notebook computers
resemble a thick credit card
 Nowadays, though, an increasing number of
wireless adapters are not cards but rather small
chips embedded inside notebook or handheld
computers.
WIRELESS ACCESS POINT
 Wireless access point serves as the central
WLAN communication station.
 Infact, they are sometimes called "base
stations." Access points are thin, lightweight
boxes with a series of LED lights on the face
 Access points join a wireless LAN to a pre-
existing wired Ethernet network.
 Home networkers typically install an access point
when they already own a broadband router and
want to add wireless computers to their current
setup. 
WIRELESS ROUTER
 A wireless access point
 with several other useful functions added.
 Like wired broadband routers, wireless
routers also support Internet connection
sharing
 Andinclude firewall technology for improved
network security.
 Wireless routers closely resemble access
points
TYPICAL PARTS TO WIRELESS
ROUTER
LAN Ports – these ports provide wired access to the network and Internet
connection.

WAN Port –
Antenna – this port
these connects to
antennas the
amplify cable/DSL
the signal modem that
from the is provided
802.11 by the
wireless Internet
radio that service
is inside provider. Or
the connect to a
enclosure. corporate
LAN port.
Reset Button – this button resets the configuration of the
wireless router. In addition to any custom wireless settings
the admin password and IP address of the device gets reset.
WHY DO I NEED TO SECURE MY
WIRELESS NETWORK?
 You paid for your connection
 Don’t let your neighbors steal it
 Don’t let people driving by steal it
 Protect your transactions and
purchases
 Don’t
allow the bad guys to see
what you are doing
 Protect yourself from illegal
activity
 Anythingthat is done on your
network comes back to you
HOW DO I SECURE MY WIRELESS
NETWORK?
STRATEGICALLY PLACE YOUR
ACCESS POINT
 Place your wireless access point away from
the exterior of your residence
 Thiswill help prevent unnecessary broadcast of
your signal outside your home, which can be
picked up by neighbors, and war drivers.
CHANGE YOUR DEFAULT
PASSWORDS
 Secure your router’s
administration password
 After immediately setting up your
•User upper and
router change the default lower case letters
administrator password •Use numbers and
 Follow Good Password guidelines symbols
•Do not use
when securing your wireless router. dictionary words
 Check your passwords strength at: •Use at least 8
http://www.passwordmeter.com/ characters
 Remember •Don’t recycle this
the more complex your password
password is, the more challenging it •Use a mnemonic
is for a malicious user to crack it. for remembering
complex
passwords
USE ENCRYPTION
 Encrypt all wireless traffic that goes through
your wireless access point.
 Useone of the following encryption methods
(Ranked with the best on top)
 WPA2 with AES or TKIP
 WPA with AES or TKIP
 WEP with 128-bit Encryption
WHY SHOULD I CHANGE AND
HIDE MY SSID?
 Hide your Service Set Identifiers (SSID)
 Avoid putting information in you SSID that lead to
indentifying you.
 Your SSID can be optionally disabled
 This keeps your SSID showing up as an available
connection the computers operating system
 This does not add any extra security to your network
 By hiding your SSID it will require you to enter it when
connecting a computer to your network for the first
time.
HOW DO I CHANGE AND HIDE MY
SSID AND ROUTER NAME?
 Access your router by typing the router’s IP
address into your internet browser.
 Once at the home page, the router’s name
may be changed by simply finding the blank
marked “router name” and typing in the
desired name.
HOW DO I CHANGE AND HIDE MY
SSID AND ROUTER NAME?
 In order to change the SSID, click the
“wireless” tab.
 Once on the wireless tab, find the blank
labeled “Wireless Network Name” or “SSID”
and type in the desired network name, if you
want to stop the broadcast of your network,
click “no” or leave the checkbox blank.
WHAT IS ENCRYPTION?
 Encryption is an important part of securing
your wireless transactions.
 Encryption basically scrambles the
information so that it isn’t recognized if it is
intercepted.
 There are 2 main options for encryption
 WEP
 WPA or WPA2
WHAT ENCRYPTION SHOULD I
USE?
 WEP -the original encryption standard for
wireless security
 WEP uses a short key that is generated from a
relatively small pool of characters
 WEP is very insecure on it’s own
 It can easily be cracked, which means that anyone
who cracks it will see the transactions you are making
online
 Some routers will only support WEP, not WPA
 If this is the case you should use a MAC filter along
with it to control exactly what devices can access the
router
WHAT ENCRYPTION SHOULD I
USE?
 WPA –the upgrade from WEP
 WPA generates a longer key that changes
dynamically
 This makes the key much more difficult (almost
impossible) to hack
 WPA uses TKIP encryption
 WPA2 is the most secure encryption
 Itis capable of using AES encryption, which has
never been broken
 The recommended Encryption combination is
WPA2 with AES and a strong pass key
WHAT IS THE PASS KEY?
 The pass key is the password that is used to
generate encryption keys for WPA
 A strong pass key contains a combination of
 Atleast 14 characters
 Contains upper and lower case letters
 Contains numbers
 May contain symbols
HOW DO I ENCRYPT MY
NETWORK TRAFFIC?
 By default when you first receive your wireless access
point, encryption of your connection is disabled.
 Access the router in the same way used to change the
SSID
 Click on the “wireless” tab
 Click on the “wireless security” tab
 Select the desired Security mode and save your settings
MAINTAINING SECURITY ON
YOUR ACCESS POINT
 Almost all wireless access points allow for
the firmware that control the device to be
updated. This allows for essential security
patches and updates to be applied to your
device.
 Support and firmware upgrade information
 Refer to next slide for support links
 Thesites above allow you to enter your model
number for your product (found in your router
documentation) in order to provide you with the
correct update files.
HOW DO I ACCESS MY NETWORK
ONCE IT IS SECURED?
 Depending on your device there different
tools to connect to wireless devices
 In order to connect to a network that has
been secured according to this guide, you
will need the following:
 SSID
 Passkey
 And Encryption Standard
IF YOU NEED ADDITIONAL
INFORMATION:

http://www.dlink.com/support/

http://homesupport.cisco.com/en-
us/wireless/linksys

http://www.belkin.com/support/

http://kb.netgear.com/app/