Security for Wireless Home Networks
How to Setup a Wireless Home Network
Many home computer users have unknowingly turned into computer geeks. Not too long ago using the terminology
such as 'router' or 'wireless' signaled the presence of the enthusiast or professional. But nowadays, that is no
longer the case. Network related buzzwords such as routers, hubs, switches, Ethernet cards and firewalls are now
common terms in the home.
By making the installation of these devices simple and cheap, vendors opened new sources of income for
themselves and offered a significant value to home users. Now multiple home computers could share resources without
'sneaker net' - physically transporting files or moving printer connections. These days, the whole family can
utilise a single network connection to the Internet. without even having to wires all over the house.
What users did not get is what every networking and computer professional has beforehand and that is training in
how to protect that gear from hackers. However, the settings from the vendor are often quite good and with a little
RFM is a commonplace acronym known to computer professionals. For the benefit of correctness I will disregard
the middle letter, but the first and last stand for Read the Manual. It will give you common practical settings and
configuration details. After that, read it again.
Firstly, change the password and if possible rename the administrator account. The person who purchased the same
model that you did has the same information and he may not be as trustworthy as you are.
Ports are network numbers used by software to distinguish traffic. Port 80 is the standard for HTTP, required
for any web browsing. Open that, but only for specific IP addresses or ranges of IP addresses going out. That way,
only known computers can originate traffic out of your home network.
That tip is flawed if you get an IP address automatically, which is the case if you use DHCP (Dynamic Host
Configuration Protocol) . However, most providers let you to buy one static address for your router. That is the
one that should have access out.
Why do you need to worry about traffic going out? Because you can infect others. Always practice safe networking
and do not spread viruses. Also, if you have a wireless router, you may not know who is on your network.
You will have to open Port 80 for all incoming traffic, unless you want to try to track which sites have which
IP address which would be next to impossible.
If you use a desktop email client, rather than being totally browser based, you need to open Port 25 for
outgoing mail (SMTP) and Port 110 for incoming (POP3) mail.
And that is just about it... usually!
Desktop FTP clients, which should be avoided if possible, because of their weak security, will need another port
and specialised programs will need a few others. In most cases you will find their port numbers quite easily. Keep
them to the bare minimum and as a rule of thumb with network security, keep everything closed by default and only
allow those that are truly needed and only to those who need it.
You may have noticed that these sound a lot like firewall settings. This similarity is because routers and
firewalls have some overlapping functionality. Routers route traffic whereas firewalls prevent and/or allow it.
If you have wireless network router, you have more to do. Some wireless routers allow anyone nearby to use them
to access that network and hence the Internet. That means not only your son or daughter in the upstairs bedroom,
but the neighbour next door and the hacker parked at the curbside can access resources inside your home and that
does happen more than you may think.
Lock down your wireless network by, you guessed it, reading the manual and learning how to configure passwords
and implement any other security features that maybe available on your particular gear.
You do not need to dedicate your life to becoming a home wireless network security expert in order to safeguard
your resources, but having a home network connected to the Internet via a home router, puts you at extra risk
compared to dial up users.
Just by spending a modest amount of time to take simple steps today will reap it's rewards in the future. If you
don't take steps today, who knows how much more time you will spend after you have been hacked.