Security Measures

WEP

WEP stands for wired equivalent privacy, and is the original basis for the 802.11 wireless networking standard. WEP is, for the most part, a great security measure. Without WEP enabled on your home network, you're just waiting to get hacked.

WEP works by encrypting wireless data messages, called packets, sent to and from your router. The encryption is done by what's known as a WEP key, which is a special number that you choose. WEP keys can be either 64bits or 128bits long, which is a measure of your security. Many older wireless products have only 64bit encryption, while the more modern ones will have a 128bit option. Choose the highest level of protection your device offers, and enter in your new WEP key.

Choosing a WEP key should be taken very seriously. Do not choose something easy, like 1, 2, 3, 4, 5, Choose a random combination of numbers and letters a-f to make your key. A 64bit key will be 10-digits long, while a 128bit key will be 26-digits long. Enabling WEP protection will be the greatest step to enhancing wireless security. Once you choose a key, you'll need to enter that same key on every wireless device that uses your network.

Keep in mind, WEP isn't perfect, and therefore should not solely be relied on for wireless security. WEP has a security flaw that can allow an attacker to crack the encryption key over a period of time by analyzing the packets sent back and forth from the router. A wireless network with four active users can generate enough network traffic that an experienced eavesdropper can crack your key in a relatively short amount of time.

Even with this flaw, most hackers won't bother waiting, considering there are so many unsecured networks. Any attacker who's just searching for an open web connection will likely move on to another network, rather than try to hack into yours. So, unless they are specifically after you, few will bother trying to hack in. Nonetheless, you should change your WEP key frequently. For larger networks and those that contain sensitive data, you should consider changing it daily.

Changing your WEP key can be time consuming because you have to change the key on every device that uses the network. But, if security is important to you, it's worth the hassle to have a secure network.

Disable SSID Transmission

SSID stands for service set identifier, and is important for wireless networks. The SSID is how you can differentiate one wireless network from the other. When you setup your wireless network, you need to use the same SSID on each computer you want to use your network. Unlike WEP, the SSID is not a form of encryption, but merely a way for a network access point to know whether or not the broadcasting device is talking to it, or another network.

Wireless access points broadcast the SSID repeatedly to the outside world. Without this broadcast, other computers do not know the network is there to connect to. The broadcast informs the device that the network is there, and asks for the encryption key if needed. The SSID broadcast is a convenience feature for places that use many wireless devices. In a large office building, you may have many access points as you move around. Or, when you settle in at Starbucks or Panera, it's the SSID that lets you connect to the wireless hotspot they have setup for their guests. The SSID broadcast makes it easier for the user to find and connect to a wireless network.

Many experts believe that disabling the SSID broadcast on your access point does not help your security, and to a point, they are correct. Anyone analyzing data packets on a network can see what the SSID is in plain English because the SSID is not encrypted with the rest of the message. However, an attacker has to know that the network is there before they begin looking for packets to analyze. Otherwise, it's like digging in the beach for treasure when you don't have a metal detector. The beach is huge, and without a metal detector you can only guess at random where the treasure is.

Novice hackers rely on the SSID broadcast to find wireless networks to hack into. By disabling the SSID broadcast on your wireless access point, laptops and other wireless devices that rely on it will not know it's there unless they already know the SSID. Advanced hackers have other devices that locate wireless networks through means that don't rely on the SSID broadcast, so you'll only be shielding yourself from those who look for it.

The only drawback to disabling the SSID is that you'll need to manually enter the SSID on any new wireless device you try to add to your network. Once the SSID is entered into your device, it will function just as if it was on.