|
| |
 |
|
|
improve wireless security
It's important to remember that a wireless signal is broadcast and accessible to
anyone who has the technology to receive it. By default all traffic is
encrypted that travels between the 2WIRE 2700HG-B
and any connected wireless computer, laptop or device. Encrypting the wireless traffic
makes it more difficult for an unauthorized individual to extract information if
your wireless signal is intercepted.
|
| |
|
The default type of encryption (WEP-Open) used by some wireless access points
can be easily broken and decoded. Use WPA-PSK (also called WPA-Personal)
instead of WEP-Open or WEP-Shared. WPA-PSK {Wi-Fi Protected Access (WPA)
with PreShared Key (PSK) authentication} is substantially more secure than
WEP-Open or WEP-Shared. WPA is supported by Windows XP beginning with Service
Pack 1 (with the WPA 815485 update) and Windows Vista desktop operating systems.
|
| |
|
Windows 98, ME and 2000 do NOT natively support WPA-PSK. If you are using
one of these older operating systems you must install additional software (called
a "supplicant") in order to benefit from the improved security WPA-PSK provides.
The FREELY available LucidLink WiFi Client should
allow you to use WPA-PSK with versions of Windows prior to Windows XP. I prefer the
"LucidLink WiFi Client" over similar products because of it's simplicty.TIP:
If you use the "LucidLink WiFi Client" you only need to install the wireless adapter's
driver. You do not need to install your adapters configuration/connection management
software.
|
| |
|
Your wireless network adapter must also support the use of WPA-PSK.
A "wireless adapter" is the component installed within or attached to your PC or
laptop that allows it to communicate with the wireless access point. If your
wireless adapter does not support WPA-PSK than I suggest you contact the manufacturer
to see if it can upgraded. If it can not be upgraded I suggest you purchase a new model
that supports WPA-PSK.
|
| |
|
Choose to "Use a custom encryption key". Use the same guidelines
to create your encryption key as you would when creating a
strong password . Your WPA-PSK "custom encryption
key" can be 8 to 63 characters (upper and lowercase letters, numbers, and punctuation).
In general, the larger, more complex and randomly generated an encryption key
(or password) the stronger it is. I suggest you use a 63 character encryption
key.
An example of a good 63 character encryption key is:
$7V#0yeCbRS^53-bAfiE2S8j,]7u:[0@V/0/O3Xh9j15fXI./GzmML!0^!j66Wi
Use a password manager with a password generator to
create and store your encryption key. Password Agent Lite
and KeePass Password Safe are
both excellent choices and FREE of charge. Install the password manager on a
thumb/flash or other portable drive. You can now easily transport the password to
any computer you want to configure with wireless access.
Copy then
paste the password from the password manager into the wireless configuration
wizard of the wireless client (desktop computer, laptop, other devices).
|
| |
|
Update: WPA2 is a newer, more secure version of WPA. WPA2 was not in use at
the time I wrote this article. The 2Wire brand gateway/router I used for my examples in this
article did not support the use of WPA2. If your wireless devices support WPA2 use it
instead of WPA.
|
| |
|
Change your encryption key/password on a routine basis. SOHO
(small office, home office) businesses should change their encryption key/password
after any guest is allowed to use wireless access. Change your encryption key immediately
after an employee quits or is fired. Changing encryption keys can become time consuming
if you have more than a few wireless clients to manage. Small businesses may want
to consider outsourcing their wireless security to a business like
Boxed Wireless.
Boxed Wireless provides a simple solution to improve the security and ease of
administering multiple wireless clients. The prices they charge are quite
reasonable given what you can loose if your wireless network is
compromised/broken into.
|
| |
|
Change the default network name (SSID) to a name of your own choosing.
Your network name (also referred to as an SSID or "service set identifier") can be
up to 32 characters.
|
| |
configuration changes
Let's begin making the configuration changes I suggest to the 2WIRE wireless
access point. The management interface of the 2WIRE 2700HG-B (or similar) device
should still be open and visible in Internet Explorer. If the management
interface is not still open:
- Open/run Internet Explorer
- Type "http://home" (no quotes) into the address/URL bar of Internet Explorer.
- Press the "Enter" key on your computers keyboard.
|
| |
Click the:
-
"Home Network" image/link at the top of the management interface. You should now see
a page entitled "View Network Summary". Click on the following image to
see a larger version.
- Click the "EDIT SETTINGS" button on the lower right hand side of the page.
(see previous image)
You should now see the "Configure the Wireless Network" page. Look on the left hand
side of the page to find the "Settings" section. This is where we will begin
to make configuration changes. Click on the image to see a larger
version.
|
| |
-
Identify Network - Type a new name of your choice into the box
to the right of "Network Name". The network name can be up to 32 characters in
length. For this tutorial I used our Web site address "www.AdvPC.net" (without
the quotes). This name will be broadcast by the wireless access point and visible
to anyone with a wireless enabled client (desktop or laptop).
-
Wireless Security - Click the drop down arrow to choose "WPA-PSK"
listed to the right of "Authentication".
-
Click in the radio button to choose "Use custom encryption key"
-
Enter your 63 character password into the box to the right of the word "Key".
Use the FREE password manager "Password Agent Lite"
to both generate and store your encryption key/password.
Copy then paste
your encryption key from "Password Agent Lite" into the "Key" input box.
- Click the "Save" button to save your changes.
- Keep the management interface open. We will use it later in
this tutorial to add a password to protect the device from unauthorized access.
|
|
|
 |
|
| Copyright © 1996-2011 Tom Bowser. All rights reserved. |
