Tip & How-To about Computers & Internet

Secure a WiFi network

Anyone with a quality Internet connection who uses a WiFi network to broadcast it always runs the risk that someone is going to steal their internet using one of the many hacking and piggybacking tools available freely from the net.

So, what do you do if you want to be able to keep that bloody expensive connection all to yourself. I'll discuss some solutions for varying levels of network size and security, and you can pick which one works best for you.

Very small-scale:
An easy one is to set a network password. Wireless keys simply block easy access unless you enter in the right password. Of course, like any password, this can be cracked with some freeware and a bit of computer smarts, but it's quick, easy and will deter the local neighborhood kids. Make sure you choose WPA, not WEP, since WEP is so stupidly easy to crack it's not even worth it. When you choose a key, my best suggestion is this : make it completely random. Basically, start punching your keyboard and keypad until you have a satisfyingly long and complex combination of letters and numbers that nobody could ever guess it. Write it down somewhere safe, and then bid good luck to anyone who tries to crack it.

Try using either WPA as above, or if you want to get more into it, you can choose WPA2 Enterprise, which requires a username and password. Of course, you're going to need some pretty serious server architecture on the server-side but it's very strong. You can even specify groups for users and limit access to connections or network resources by which groups your users belong to. This means you can even grant access to your network without endangering your internet, or the other way around. For this, you are probably best running Windows Server possibly with ActiveDirectory on your server and set it up between you router and your server from there.

Large Scale:
If you want to get really serious, you can take it to the next level. Use WPA2 Enterprise, requiring a username and password, but then also require certificate authentication. For this, you will again need a lot of server-side work to make it reliable and functional, but it could be worth it. This way, you can control who logs onto your network, and from where/what. Create a network certificate (I won't go into the details here) and specify any details you need, then distribute it to the clients you want to connect. I find the easiest way of doing this is to drop it onto a small-capacity USB drive and share that around, installing the certificate as you go. I've also heard of people programming incredibly intricate certificates with full call-home procedures to ensure security, which you can try if you're feeling a bit weird. Of course, then, you will need to configure your network to accept logins and then to check the certificate and you need to set up every client computer's network settings to submit it's certificate. But of course, by this time, there is just about nothing on the outside which could easily get in.

So, if you implement any of these, (or all of them, as I've seen before, with varying degrees of success) you should find that your connection is pretty secure from all those outside intruders and you're safe to stream, torrent and generally throw yourself about on the interwebs with a bit more confidence...

Posted by on

Computers & Internet Logo

Related Topics:

Related Questions:

1 Answer

Why are both the Wireless and WPS lights on my modem\router always on solid green, when I only have a DSL connection?

The wireless and WPS lights solid green mean that the wifi and WPS are active. It also means that your home network is exposed to anyone with a laptop/pad/smart phone who knows how to hack into systems that have not been set up properly with the proper security.
I see the following security issues with your router:
1. The router's password is still the default or it does not have one.
(This means anyone who knows your router maker and model can easily break into your network and systems and steal your info, the router maker is broadcast by your wifi SSID, so they know it)
2. WPS is enabled and active (WifiProtectedSetup)(this service is a major security hole that is used by hackers to gain access to routers, it must be disabled for protection)
3. The wireless (wifi) connections are open (not encrypted), anyone can intercept the wireless traffic and read it. WPA2/AES encryption needs to be configured for the best protection.
4. The router's built in firewall may not be configured correctly exposing you to drive-by hacking.
To resolve these issues requires someone who understands router security and is best done onsite.
You need to engage someone you trust to check and configure your router and computer systems properly to protect yourself.

Mar 23, 2015 | Compaq Computers & Internet

1 Answer

who can I get wifi outside my home?

One of the first things you need to know is that the internet you use at home is only available at home.
To get an internet connection away from home, you need to go to places that offer a free wifi connection. Some public places like a mall, restaurant - like Starbucks, the Apple Store, and libraries offer free WiFi. Be sure to ask them about it first. because some times there are networks labeled "Free WiFi" but they don't even connect to the internet and really just look to steal your information - so always ask first!

Feb 04, 2011 | Apple iPod touch

1 Answer

how to connect wifi network in archos 28 internet tablet

This is normal. To save energy, the ARCHOS always starts up with the WiFi set to off. You must manually use the Fn-F3 keys if you want to activate the WiFi connection.
I cannot connect to the Internet over WiFi, what's wrong? Make sure that your WiFi is activated. This can be turned on and off with the blue function key pressed down and then the F3 key. The blue WiFi indicator just below the touch-pad will light indicating that it has been turned on.
My WiFi router/modem is on and working, but it does not show up in the list of wireless networks. What's wrong? It could be that the WiFi modem/router is hiding its SSID. This is done for security purposes sometimes. You can either change this on the WiFi modem/router (see its instructions) so that it broadcasts its SSID (and then you'll see it in the list on your ARCHOS 10) or you can go into the advanced settings of the Wireless Network Connection screen to the Wireless Networks tab and 'add' a new connection. You will need to know the SSID name and its other connection parameters.

Dec 17, 2010 | Archos 28 Internet Tablet

1 Answer

How do you keep people that live around you from stealing your internet. How do you program your router to keep hackers out?

Login in using your browser and go to the wireless settings and set-up a wireless password/key. Remember the key because each device will now need it to connect. You can also turn OFF Broadcast SSID and your network name will not be shown on anyone's device. You must remember the network name when using this method. I would change the network name (SSID) if people have connected to your router before and hide (do not broadcast) so they will not see it on their WiFi devices.

Oct 24, 2010 | D-Link AirPlus DI-524 Wireless Router

Not finding what you are looking for?

171 people viewed this tip

Ask a Question

Usually answered in minutes!

Top Computers & Internet Experts

Doctor PC
Doctor PC

Level 3 Expert

7733 Answers


Level 3 Expert

102366 Answers

David Payne
David Payne

Level 3 Expert

14161 Answers

Are you a Computer and Internet Expert? Answer questions, earn points and help others

Answer questions