Wifi Basics
A guide to wireless computing

Wireless Introduction

5) Make your network secure

 Windows XP
  • Turn on WEP (Wired Equivalent Privacy) or WPA (Wi-Fi Protected Access)
    In the Control Panel select Network Connections, right-click on your wireless connection, then select Properties > Wireless Networks > Properties > Association. Here's where you can turn on WEP, which encrypts your data. Newer systems use WPA which provides greater security, but be aware that non-WPA devices are unable to use a WPA network. WPA itself will be superceded by the 256-bit encryption of WPA2 which will add support for AES (Advanced Encryption Standard).

  • Use MAC (Media Access Control) security
    Go to Start > Run and type in ipconfig /all for Windows XP/2000/Me or winipcfg for Windows 95/98. This will give you the MAC address for your wireless card. You can then limit you network connection to the MAC addresses for the machines in your network. However, if you are using more than one AP you will need to configure each AP with each MAC address which, on a large network, can be time consuming.

  • Hide your network name
    Read the adapter manual for driver settings advice on how to prevent your network name, the Service Set Identifier (SSID), from being broadcast (so others can't see it), or use MAC filtering to limit who can access your set-up. If you disable SSID from being broadcast then you will need to configure your Wi-Fi devices with the SSID manually. As a starting point be sure to change the name of your network from the default name. Like your passwords, choose something that someone else won't guess.

  • Set up a Trusted Zone
    Ensure your internet-connected PC has a firewall that supports networks, then add your systems' IP addresses to its Trusted Zone (PCs that it allows access) providing that you have assigned them static IP.

  • Avoid sharing sensitive files
    Even if someone accesses your network, they can only see folders you've chosen to share. So avoid sharing C:\, C:\Windows or any application folders. You may want to set up a dedicated folder solely for sharing files.
Mac OSX
  • DHCP, NAT routing
    Apple's AirPort and AirPort Extreme have an in-built DHCP (Dynamic Host Configuration Protocol) server and support for NAT (Network Address Translation). These will hide your internal IPs from the outside world and let you control network access. Configure these using the AirPort Admin Utility found in Applications > Utilities folder. Select 'Distribute IP addresses' and 'Share a range of IP address (using DHCP & NAT)'. Note that you should not have more than one DHCP server on a network as they can conflict with each other. Out of the box, the base station's DHCP server assigns addresses in the range 10.0.1.2 to 10.0.1.50 (with 10.0.1.1 being the base station itself). The 10baseT port's IP address, as set by the ISP, can be manually configured, or the base station can use DHCP to query the ISP for the necessary information each time the base station is powered up.

  • Protect from denial of service attacks
    Use the AirPort Admin Utility. Select your AirPort and click Configure (you may need to enter your password). Click 'Show All Settings'. Click AirPort and click 'WAN Privacy'. Make sure that the 'Enable SNMP Access' and 'Enable Remote Configuration' are unchecked.

  • Create a closed network
    Open the AirPort Admin Utility and click Configure. Click 'Show All Settings'. Click AirPort and check the box next to 'Create a closed network'. Give your network a name and a password. To access your network you will need to enter the case-sensitive network name and password.

  • Turn on WEP
    Use the AirPort Admin Utility and select the AirPort and check the box next to 'Enable encryption (using WEP)' AirPort Extreme supports 40-bit and 128-bit encryption. Choose 40 bit for maximum compatibilty, or 128 if you would like enhanced security. Only 128-bit enabled devices will be able to join the network.

  • Turn on WPA (Wi-Fi Protected Access)
    WPA provides enhanced security and control for AirPort networks. WEP-only Wi-Fi devices cannot use an AirPort network that uses WPA, so be sure to check if you are using non-WPA devices. WPA comes in two modes: Enterprise and Personal. Personal mode is most suited for home and small business use. Open the AirPort Admin Utility, select your base station and click 'Configure', Click 'Show All Settings' and click on the 'Change Wireless Security' button. Select WPA Personal from the menu. Select the Password option from the drop-down menu on the left and input your chosen password. Click OK. Your network should now be available in the top right of your screen. When you select it you will be asked to fill in your password.

  • Limit the broadcast range
    Using the AirPort Admin Utility select your base station and click configure. Enter the base station password. Click 'Show All Settings' and click AirPort. Click 'Wireless Options' and slide the Transmitter Power slider to the range you require.

Continue to...
Page 1 - Introduction
Page 2 - Configure your network
 Page 3 - Make your network secure
Page 4 - Troubleshooting tips

Introduction to WiFi

>> Getting Started
>> Configure your network
 >> Secure your network
>> Troubleshooting tips

 

Wifi Reviews

>> Hardware
>> Software

 

WiFi Resources

>> WiFi Links

 

broadbandbasics.co.uk || dvdbasics.co.uk || videobasics.co.uk || voipbasics.co.uk || wifibasics.co.uk || roamingbasics.co.uk || pdabasics.co.uk
http://www.wifibasics.co.uk || info@wifibasics.co.uk
A Guide to Wireless Computing