Tuesday, October 07, 2008

Secure Your Wireless Internet

Note: Tips applicable for home networking only.
Here are some tips to secure your Internet sharing using Wi-Fi, securing not just for namesake but for real.

Tips for Securing router:
1. Make sure you change user name & password of your router. Remember, any obvious password or password that can be cracked by simple brute force techniques.
2. Restrict “Remote Access” of your router by which people can access your router without being part of your network.
3. You will get many option for Wi-Fi security out of which WEP (Wired Equivalent Privacy) being default. Don’t go on name, WEP is the security which only dumb cannot crack. Use any of WPA (Wi-Fi Protected Access). WPA can also be cracked if the password is weak.
4. Last but not least, don’t lure hackers. Switch off your modem and router when not in use.

Suggestion for strong password:
I know this need not to be a part of this discussion but if you use weak password, no security can help you. A good brute force with proper dictionary can crack these easily.
1. Mixture of Capital and Small letter, special character
2. Password length should be at least 8 character
3. For longer password, use 256 bit encryption technique
4. You are lucky if you are from non-English speaking country as you can have words which does not exist in common world list for bruit force attack. Use these words freely.
5. Try to have less used letter i.e. ‘x’ or ‘f’ or ‘q’ etc

1. Part of a password with complete English word. e.g. say no to ‘EightNineTen’
2. Password having any (key) sequence e.g. say no to ‘xxx1234’ or ‘xxx!@#$’ or ‘asdf’
3. Password having any obvious personal information e.g. say not to password with birth year
4. Password having repeating words i.e. say no to “IndiaIndia11”


rawat said...

Most of the things are correct but switching off the modem and router is something contradictory w.r.t your blog. If all securities are done then i don't think router should be switched off.

Switching off router means rebooting router as DHCP addresses will be lost.

Yogee said...

One more tip...
You can hide your SSID. So that when someone searches for WiFi network in your WiFi area, your WiFi won't come in his search. You have to explicitly provide the name. Security is not 100% guaranteed as sniffers are everywhere :) but you will certainly reduce the chance of being target.

Bandan said...

Turning off SSID broadcasting is buggy. A lot of wi-fi drivers would refuse to connect to a access point with SSID broadcasting turned off.

On a sidenote, a really simple deterrent to ward off "wifi-stealers" is to have a ipv6 only access point. I have never seen a single stray connection on my ipv6 only home made router :)