You are here: Home / About UWinnipeg / Campus Services / Technology Solutions Centre / IT Security / Securing Your Wi-Fi Access Point

Technology Solutions Centre - IT Security

Securing Your Wi-Fi Access Point

Many of you are probably contemplating whether you should invest in a wireless access point (AP) for expanding your home network or getting your computers connected to the Internet. Prices on these units have dropped considerably and the setup time compared to running cables through your walls and floor make Wi-Fi a very compelling solution.

Wi-Fi like any other IT technology however, does have its drawbacks especially if said technology is not configured properly when set up. By default, wireless networks are insecure. An unsecured wireless network welcomes unauthorized users to “hitch on” to your AP and use your networking and Internet connection without you knowing it. This could invite those who wish to use your connection for something malicious (eg. hacking Internet sites, distributing child pornography).

The communications between your system and the AP are not encrypted which means these free riders would have the capability of monitoring what it is you are doing (known as "sniffing"). This could be dangerous, especially if you are accessing sites where an account password is required and the web site you are accessing does not employ the proper encryption.

A group of locals have banned together to identify and geographically map all wireless Access Points across Winnipeg. While they have a fair ways to go, present numbers of unsecured wireless AP’s they have found across the city is staggering:

58% of all AP’s found do not employ encryption
27% of all AP’s found use the default Station Identifier (SSID)
23% of all AP’s found do not employ encryption AND use the default SSID

Ten minutes of customizing your AP configuration will minimize the above threats and make your home network safe from attack. Once you have your AP up and running, go into the administrative console and perform the following tasks:

  • Change the password to the Administrative console interface – Give it a strong password of at least 6 alpha-numeric characters, write it down and save it somewhere safe
  • Change the Station Identifier (SSID) – Make it unique and not something that is easily recognizable
  • Disable SSID broadcasts – Doing this will stop your AP from advertising itself to others wishing to hitch a free ride
  • Enable Encryption – Use Wired Equivalent Privacy (WEP) or the newer Wi-Fi Protected Access (WPA) standard if your AP and computer operating system supports it. Set the encryption level as high as possible and use a complex paraphrase to create a strong encryption key
  • Use MAC access restrictions – Every network card has a unique Media Access Control (MAC) number. If you have only one or two computers on your Wi-Fi network, find out what their MAC addresses are and enter them into your AP configuration

The map, statistics and methods of securing Access Points (with screenshots) is available off the group’s website – it is worth checking out:

http://www.wifiwinnipeg.ca


Previous