Mac Fallout Shelter

How to Secure Your Wireless Network Using WEP and WPA

- 2006.01.03 - Tip Jar

Nowadays everything and everyone is finding their way onto wireless networks. Wireless access points have made it easy and cost effective to setup wireless networks in numerous environments.

For example, hotels and home offices that wanted to connect people in different rooms would have had to drill holes and do a lot of hard labor to run ethernet cable before wireless. They can now do it almost instantly by simply plugging in a wireless access point.

In this article I'm going to explain the best way to secure your wireless network regardless of brand, just as long as its compatible with 802.11a/b/g.

These are the different types of wireless devices:

  • Wireless Client - a device (like a computer, Xbox, or TiVo) using a wireless adapter
  • Wireless Access Point - a standalone device that adds a wireless network to an ethernet network
  • Wireless Router - a device that controls the network and sharing of the Internet connection; it has a built-in wireless access point
  • Wireless Repeater - a device that receives and retransmits any wireless signals in the general area

Network Setup

Whether you choose a wireless router or a standalone access point, the setup is pretty much the same. Just follow the manufacturer's instructions on the setup of the device. Then go to the manufacture's website and update the firmware on your device to the most current version.

Just remember to always change the admin password to something you're going to remember.

Now that you have it ready, go to the wireless settings page (usually something like 192.168.1.1) and do the following:

  1. Change the SSID to anything except the default name.
  2. Choose a channel that's not being used a lot in your general area. Do a site survey with your host to see if any wireless networks are already being used in your area prior to setting up your access point so that the other networks won't interfere with yours.
  3. SSID can be left on. Why? Because even if you turn it off, people that know what they're doing can still see your network.

Security Setup

Now we are going into the wireless security settings:

Select the highest possible encryption that's compatible with your clients, and choose the personal setting, because some access points have enterprise options.

Normally all host adapters (such as AirPort cards) support WEP (Wireless Equivalent Privacy), but on some you can update the drivers and get support for WPA and WPA2. WPA (WiFi Protected Access) support is included with Mac OS X 10.3 and above with the AirPort 3.3 update. This is nice because it works on both classic AirPort cards and newer AirPort Extreme cards. WPA2 is only supported with AirPort Extreme cards, and you must be using Mac OS X 10.4 with the Airport 4.2 software and above.

From lowest to highest security: no encryption, WEP, WPA, WPA2

Algorithms and Keys

Choose an algorithm for the encryption. TKIP (Temporal Key Integrity Protocol) is the normal settings and is good enough. You can go up to AES (Advance Encryption Standard) or combine both TKIP-AES for maximum encryption. Just remember to test it with all the different host adapters you have, since other brands are sometimes picky. Be sure to pick an encryption that works with all your clients.

Pick a shared key. Simply type in a password that your will give to all your clients on the network so they can log in and work together. I recommend using the Ultra High Security Password Generator for a completely random 63 character password.

Everything else you can leave set at the factory defaults - or to whatever suits your needs.

There are hundreds of other things we can do to secure it more, but most of them are overkill for home use.

I will explain a few that are commonly found in those settings pages.

MAC (Media Access Control) address filtering is simply a list on your access point of who can log in and who can't. The problem is that your MAC address is at the begging of each data packet when you transmit data, so anyone can simply sniff a few packets and gain access to your network by changing their MAC address to match yours.

WEP was not really designed for security. I will say this: If your host doesn't support WPA even after software upgrades, use WEP. It's better than doing nothing and leaving your wireless network wide open.

Lastly, these are very basic settings - anything else will increases your security. Just play around with what works best for you and use this article as a guideline.

If your don't understand a feature, read through the documentation of your router or access point. If that doesn't help, look it up on the Internet.

Enjoy your newly secure wireless network. LEM

Join us on Facebook, follow us on Twitter or Google+, or subscribe to our RSS news feed

If you find Joe's articles helpful, please consider making a donation to his tip jar.

Today's Links

Recent Content

About LEM Support Usage Privacy Contact

Custom Search

Follow Low End Mac on Twitter
Join Low End Mac on Facebook

Favorite Sites

MacSurfer
Cult of Mac
Shrine of Apple
MacInTouch
MyAppleMenu
InfoMac
The Mac Observer
Accelerate Your Mac
RetroMacCast
The Vintage Mac Museum
Deal Brothers
DealMac
Mac2Sell
Mac Driver Museum
JAG's House
System 6 Heaven
System 7 Today
the pickle's Low-End Mac FAQ

Affiliates

Amazon.com
The iTunes Store
PC Connection Express
Macgo Blu-ray Player
Parallels Desktop for Mac
eBay

Low End Mac's Amazon.com store

Advertise

Open Link