How to Secure Your Wireless Network
Following a few easy steps can ensure that no one intercepts your Wi-Fi traffic.
Q. What are WEP and WPA encryption, and which should I use?
A. The first line of defense for your Wi-Fi network is encryption, which encodes the data transmitted between your PC and your wireless router. Unfortunately, most routers ship with encryption turned off, and many users don’t turn it on, leaving themselves completely exposed. If you haven’t already, enable your router’s encryption, and use the strongest form supported by your network. The Wireless Protected Access (WPA) protocol and more recent WPA2 have buried the older and less-secure Wired Equivalent Protocol (WEP).
Go with WPA or WPA2 if at all possible, since WEP is relatively easy to crack. (You have to use the same form on all devices on your network; you can’t mix WEP and WPA. And it takes less than 6 minutes) The keys used by WPA and WPA2 change dynamically, which make them nearly impossible to hack.
Q. How can I secure my notebook at public Wi-Fi hotspots?
A. Since public hotspots generally don’t use encryption, you should assume that anyone can see your Internet traffic unless you take precautions.
Make sure it’s a legitimate hotspot: Many types have been known to set up pirate routers with familiar SSID names like “wayport” or “t-mobile,” and then use them to capture unsuspecting users’ log-on information and other private data.
Verify that your PC’s software firewall is turned on, and that Windows’ file-sharing feature is off; it’s off by default in Windows XP with Service Pack 2. To check this setting, open Control Panel and choose Windows Firewall (you may have to click Security Center first in XP or Security in Vista). In XP, select the Exceptions tab, and look in the Programs and Services to make sure “File and Printer Sharing” is unchecked. In Vista/Win 7, click Change settings, then select the Exceptions tab and follow the instructions for XP.
Never send bank passwords, credit card numbers, confidential e-mail, or other sensitive data unless you’re sure you’re on a secure site: Look for the lock icon in the bottom-right corner of your browser, as well as a URL in the address bar that begins with https. Such sites build in their own encryption.
Always turn your Wi-Fi radio off when you’re not at a hotspot: Hackers can use it to create peer-to-peer Wi-Fi connections with your computer and access it directly.
The best way to protect a public wireless link is by using a virtual private network, or VPN. VPNs keep your communications safe by creating secure “tunnels” through which your encrypted data travels. Many companies provide VPN service to their mobile and offsite workers, so check with your IT department for connection instructions.