5 Steps to a Safer Wireless Network
Florida police faced a porn paradox. They were investigating a complaint by Tallahassee Community College that someone was subscribing to porn Web sites on the school's nickel. They traced the prurient behavior to the apartment of two women who had no criminal records and denied wrongdoing.
Investigators gave the residents the benefit of the doubt and kept on probing. They discovered that a neighbor had hacked into the women's wireless network and connected his computer to theirs (all the while getting his fill of porn, illegally billing a college account).
Turns out, the women had never changed the password on their router, giving the intruder easy access to their wireless fidelity, or Wi-Fi, connection. "If you run Wi-Fi…you need to take the time to secure it," says Bob Breeden, assistant special agent in charge at the Florida Law Enforcement Dept. The Florida residents are hardly alone. Their experience is replicated countless times across the country on a daily basis. Most people don't even know when their Wi-Fi is stolen, Breeden says.
CINCH TO HACK.
And the problem may only worsen as more people surf wirelessly on laptops. JiWire's Wi-Fi Hotspot Finder, an online Wi-Fi hotspot directory, found 114,910 free and paid Wi-Fi hotspots worldwide in January, an 87% increase from a year earlier.
The hardware needed to get a wireless connection is much more prevalent now too. Round Rock (Tex.)-based Dell (DELL), for example, says that about 90% of the notebooks it sells in the U.S. include a wireless card. It has been a standard feature on their new computers since 2003.
But wireless surfing on a laptop — whether at home or in public — is often a cinch for hackers to intercept. When people set up wireless network connections at home, they don't always have the technical knowledge to enable security. And safeguards for public network connections can be looser still.
"When you go into a wireless environment, the dangers are so much worse" than on a regular Internet connection, says Richard Rushing, chief security officer at security provider AirDefense.net. Savvy wireless hackers don't even have to attack your computer to break into it on a wireless connection — they can just sit and wait for you to provide your information to them. When you're out in public and happen to find something that says "Free Internet Access," you're essentially trusting an unknown network, Rushing says.
Of course, most Wi-Fi freeloaders are looking for little more than a free surf on an open Internet connection. But some can break into an insecure network to read the data stored on a hard drive, plant malicious software on a computer, or, as the Florida case shows, commit criminal activity using someone else's computer address.
Here are some easy steps to network security that won't cost much extra time or money. While these won't guarantee laptop safety, they add an extra layer of protection beyond a firewall and antivirus software.
1. Use Your Corporate Network. If your company provides you with a laptop that accesses the corporate network, use it for wireless surfing whenever possible. Virtual private networks, or VPNs, hide your communication with the office network.
Mani Dhillon, director of product marketing for Linksys, says that whenever he surfs wirelessly in a public environment like a hotel, he uses the company's VPN. "When you're in a Starbucks, everyone is sitting next to each other with PCs, and anyone willing to pay money for [the Wi-Fi hotspot] has access to the airspace," Dhillon says. "In that case, I would recommend you use a VPN."
2. Keep a Clean Preferred List. The preferred list is like speed dial. Since it puts your most recent network connections at the top, it takes the longest to seek out the first places you visited—typically the relatively secure ones like your home network. "You want to keep that list short," says Rushing.
If you look at the settings for the wireless connection on your PC, you'll see a list of wireless devices that your computer can connect to automatically—just press the "start " key and highlight "settings." From there you can reach your "network connections" and choose your wireless one. After you've highlighted it, click on "wireless properties" and look for the second tab labeled "wireless networks." Your preferred list is tucked all the way inside there.
Also, when you're surfing in a public place, don't simply turn off your computer and leave when you're finished. Remember to click on the icon that disconnects your computer from the wireless networ. Otherwise, that network address will remain in your preferred list. If you have a coffee-shop hot-spot in your list, you might connect to it automatically the next time you go there to work while drinking a latte. Without your noticing, the preferred list might even automatically drop you from your corporate network and put you on the coffee-shop network instead.
3. Enable Security on Your Router. When you buy a router for wireless surfing at home, its security doesn't normally go on automatically. Some providers have online tutorials that describe how you can enable the router's security. Linksys, for example, lists every step in detail at its Web site.
Once you've finished that process, you can check to make sure you did everything correctly by using the free download from McAfee's (MFE) Wi-FiScan.
4. Pick a Good Password. Your login information may be available to the public, unless you change it. Ulrich Wiedmann, director of research and development at McAfee, says he was able to uncover the default login and passwords for three of his neighbors' networks by entering the name of their router maker into a simple Google search.
5. Enable Web-Mail Security. Call your e-mail service provider to find out how to enable the security for your Web-mail. While the security options vary, many don't automatically turn on.
Those who use the Atlanta-based Internet service provider EarthLink (ELNK), for example, have their login password and usernames protected by default from hackers. If you want an extra layer, you must go inside your preferences folder and look at your Web-mail options. The last option on the list, "session security", starts in the off position. Once you turn it on, EarthLink will prevent wireless hackers from reading your connection with the service provider, essentially hiding the e-mails you receive. You can see the change when the address in your browser changes to "https" from "http."
It takes about five minutes to perform this step and doesn't cost extra for the user. But remember that the messages you send out to cyberspace remain unprotected. Most of your friends (maybe even your freelance accountant) will be receiving your e-mail from an http site, where hackers will be able to see what you sent.
Of course, nothing you do is foolproof. "There's a lot of advice and misinformation floating out there," warns McAfee's Wiedmann. "People will recommend things like hiding your network—except that you can't really hide it. You'll only hide it from people who don't have hackers' tools." Even if complete security is an unreachable goal, taking a few simple steps is better than doing nothing at all.