A man in his twenties, let’s call him Bill, gets on a bus in Oslo. He carries with him a portable computer, complete with a wireless network adapter. The computer is running Windows XP Professional, and has an app installed called NetStumbler. The man is bored, and decides to have some fun…
Bill turns the computer on and starts NetStumbler. After a short distance, he has found in excess of two hundred wireless networks, half of which are unsecured. The man unboards the bus, and selects one which is unsecured called “Linksys”. He decides to punish the owner a little, you simply don’t leave your wireless network with default settings, onw do you?
He logs onto the network, and using Google, it is the work of a minute or two to learn that the config-page of the router is located at the IP-adress 192.168.0.1, and the default user name and password are both admin. He logs on, and finds another computer connected to the router. He shuts the computer out, and starts working his mischief.
Bill starts out turning off broadcasting of the SSID, and changes the SSID, following which he sets WPA-security. He then changes the admin-password of the router, logs off, and gets on the next bus. The entire process, from logging on to the config-page until he logged back off, took him less than two minutes.
The above scenario is not unthinkable. In spite of it mostly being mindplay, I have myself seen close to fifty available wireless networks, many of which are not only unsecured, but also sport default values for everything. So, what does the scenario teach us?
If you know something of routers, you’ll know that the first thing you’ll try when unable to contact the router, is either connect directly to it with a cable (which wouldn’t help you in the above scenario, as the admin-password has been changed), or simply push the reset-button, located on the back of the router. In the case detailed above, the problem will be solved, and for the owner in question, who hasn’t bothered to set up the router, the default settings will be restored.
The next piece of knowledge we can glean from this, is that by doing two simple things, the security of your router will be heightened by large degrees. By changing the SSID (the name the router presents to the outside world), and changing the admin-password, much has been achieved. If you want to go a step above and beyond this, I’d recommend turn off broadcasting the SSID, and setting some sort of security, either WEP or WPA2. These simple steps will prevent trespassers to connect to the network, and secure the network even more
I’ll not tell you what will work best for you, but I personally feel that if the SSID does not identify you is better than a SSID that does. If your name is John Smith, I think that it is better to call the network HomeLAN than calling it JohnLAN or SmithLAN.
Another thing I’ll tell you is that it is better to use a randomly generated WEP-code, instead of one that can be logically disseminated. A quick Google-search for “random WEP code generator” will provide you with many useful pages, for example this one, whereas a search for “WPA2 code generator” will, among others, turn out this one.
Securing wireless networks is very important, so much so that even Microsoft has created a guide to help users set up their wireless networks.
Securing Wireless Networks, why and how?