Google Search


Saturday, July 21, 2007

Turning Off the Defaults on Your New Wireless Network

Now you get serious about your wireless network. Setting up a wireless network is a good thing, but you need to be responsible and prevent unauthorized persons from using it. You can prevent someone from hacking in by changing the default settings.

Changing the password

One of the first items of business is changing the default password. Remember when you first set up your device, the password is blank. Blank. Empty. Void. Vacant. This is bad. You must create a new password that is difficult to guess and yet easy enough to use.

Follow these steps to set your new password.

1. Log in to the device using the blank password or whatever the default is for your device.

You typically do this by pointing your browser to the correct IP address, where you will see the login page.

2. Navigate to the Advanced Setup tab and select it. Then select System.

This step will differ depending on the device you are using, so follow the instructions in your manual if you are unsure where to find the System options we discuss next. Next, under the System tab, locate the Password Settings tab and select that. Enter the old password (leave it blank on the SMC) and then enter a new, reasonably complex password, re-entering it to confirm in the final dialog box provided. Make sure that you remember the password! If you must write it down, which is not a good idea, keep the paper safely locked up. Do not key it into your workstation or laptop because too many people can access that and possibly see the password. Click Apply when you are done to complete the action. You need this password now in order to log in to the device.

On the SMC device, you can modify the Idle Time Out parameter during this step. However, consider leaving the default unless you have an overriding need to change the amount of time before you need to login again due to inactivity. Do not change it to zero, however, because this means that your session remains open — possibly leaving you vulnerable to someone gaining access and changing settings should you leave your workstation unattended. After all, everyone visits the water cooler at some point. Play it safe and leave a time out value.

Changing the access point name

Consider changing your Service Set Identifier (SSID). This is the name that may get broadcast to identify your wireless access point. Using the default typically helps identify the type of device, possibly providing too much information to anyone who sees it. You change this to something that does not identify your organization, department, or anything useful. Why? Again, it makes no sense broadcasting a name that gives others useful information. Change your SSID by following these steps:

1. Log in to the device using your new password (see the preceding section).

You typically do this by pointing your browser to the correct IP address, where you will see the login page.

2. Navigate to the Advanced Setup tab and select it.

3. Select the Wireless option.

4. Select Channel and SSID.

You see the default name provided by your vendor.

5. Change the SSID field (shown on the SMC router as ESSID) to something innocuous, such as the names of stars.

This limits the degree of useful information passed to outsiders. You need to use this new name in all your wireless network cards in order to connect. Clicking Apply sets the field. Any wireless access card that might have been connected will now need to add that new name in order to reconnect.

Changing security options

You need to set security so that only authorized users can connect to your new wireless network. There are a number of different methods for this.

You turn on WEP, as you may have already noticed, through the same menu that we access throughout this chapter. You do not need to know a lot about encryption, but you do need to understand that the longer the secret is (the encryption key), the better the security. Therefore, in your wireless access point, use a 128-bit key rather than the older 64-bit key. When you do choose the higher bit key, however, your wireless network cards need to support the increased level of security. Several older and cheaper network cards support only 64-bit. If that is all you have, use them rather than not turning on WEP. After all, any security is better than no security.

Follow these steps to secure your wireless network.

1. Log in to the device using the password you created.

You typically do this by pointing your browser to the correct IP address, where you will see the login page.

2. Navigate to the Advanced Setup tab and select it.

3. Select the Wireless option.

4. Select Security.

5. Select WEP.

6. You now see a field that presently sets the option to No Security.

It may appear as Disabled on some devices. You must enable this option in order for encryption to be used. In the SMC, select WEP from the drop-down dialog box.

7. In the dialog box containing the WEP Mode, select 128-bit.

8. In the area indicated by the term Static WEP Key Setting, click the Clear icon to clear out any default settings.

You now need to generate a key that is between 10 and 64 hex characters long. Key it in the blank indicated by Key 1.

What is a hex character you ask? Excellent question. So glad you asked. Hex is an arcane set of characters loved by old-style programmers. To us, it's simply the numbers 0-9 and the characters A-F. They correspond to the decimal numerals 0-15. You can find an interesting converter at Mikezilla.

Unfortunately, before you start madly keying in random hex characters, you will need to repeat them once more here and then in every wireless network card. So write down the key you plan to use and then key it in. Keep that written copy safe because anyone seeing it has the keys to the wireless kingdom! Type in the key that you selected and then click Apply when you are done.

9. You set the encryption key in the preceding step; now you need to tell the device to start using it. Select the Security option from the menu.

You see the device indicates there is no security. Change this to WEP Only by selecting it from the drop-down box. Click Apply when you are done to set the option. From this point on, you will need your wireless network cards to use this new level of security in order to connect.

10. Log out of the wireless access point and then exit the browser.

Now you can connect the wireless access point to your network safely and allow users to begin connecting.

No comments: