WIRELESS ROUTER SECURITY

 

Here are some scenarios that can happen without security:

 

    • You pay for home internet connection. Your neighbor surfs the web free using your bandwidth from an unencrypted router. Why should you allow your neighbor to take something from you that you pay for?

 

    • A bored teenager drives around with their laptop searching for unencrypted routers to access shared printers. Once they join a network with a shared printer, they print 1000 pages of full black just to use up someone's ink.

 

    • A teenage delinquent two houses down decides to try out your unprotected wireless network. You happen to be using unsecured email and chat, like most people. The teenage delinquent sniffs your network traffic and starts reading your messages. The teenage delinquent reads your confirmation email from United Airlines with the exact dates you will be away from home. You go on vacation. When you get back your computer, your TV, and your car are gone. And the police are knocking at your door because they traced illegal downloads to your Internet connection.

 

Concerns:
    Anyone within the geographical network range of an open, unencrypted wireless network can 'sniff' the traffic, gain unauthorized access to internal network resources as well as to the internet, and then possibly sending spam or doing other illegal actions using the wireless network's IP address, all of which are rare for home routers but may be significant concerns for office networks.

    If router security is not activated or if the owner deactivates it for convenience, it creates a free hotspot. Since most 21st century laptop PCs have wireless networking built in (cf. Intel 'Centrino' technology), they don't need a third-party adapter such as a PCMCIA Card or USB dongle. Built in wireless networking might be enabled by default, without the owner realizing it, thus broadcasting the laptop's accessibility to any computer nearby.

    Modern operating systems such as Linux, Mac OS, or Microsoft Windows make it fairly easy to set up a PC as a wireless LAN 'base station' using Internet Connection Sharing, thus allowing all the PCs in the home to access the Internet via the 'base' PC. However, lack of knowledge about the security issues in setting up such systems often means that someone nearby may also use the connection. Such "piggybacking" is usually achieved without the wireless network operators knowledge; it may even be without the knowledge of the intruding user if their computer automatically selects a nearby unsecured wireless network to use as an access point.

 

Security Options:

 

There are three principal ways to secure a wireless network:

 

    • For closed networks (like home users and organizations) the most common way is to configure access restrictions in the access points. Those restrictions may include encryption and checks on MAC address.

 

    • For commercial providers, hotspots, and large organizations, the preferred solution is often to have an open and unencrypted, but completely isolated wireless network. The users will at first have no access to the Internet nor to any local network resources. Commercial providers usually forward all web traffic to a captive portal which provides for payment and/or authorization. Another solution is to require the users to connect securely to a privileged network using VPN.

 

    • Wireless networks are little more secure than wired ones; in many offices intruders can easily visit and hook up their own computer to the wired network without problems, gaining access to the network, and it's also often possible for remote intruders to gain access to the network through backdoors like Back Orifice. One general solution may be end-to-end encryption, with independent authentication on all resources that shouldn't be available to the public.

 

Why suffer with frustration and lost time? Contact us and we will take care of you with prompt, courteous, and professional service.

 

source: www.en.wikipedia.org

Services