Tip & How-To about Computers & Internet
Anyone with a quality Internet connection who uses a WiFi network to
broadcast it always runs the risk that someone is going to steal their
internet using one of the many hacking and piggybacking tools available
freely from the net.
So, what do you do if you want to be able to keep that bloody expensive connection all to yourself. I'll discuss some solutions for varying levels of network size and security, and you can pick which one works best for you.
An easy one is to set a network password. Wireless keys simply block easy access unless you enter in the right password. Of course, like any password, this can be cracked with some freeware and a bit of computer smarts, but it's quick, easy and will deter the local neighborhood kids. Make sure you choose WPA, not WEP, since WEP is so stupidly easy to crack it's not even worth it. When you choose a key, my best suggestion is this : make it completely random. Basically, start punching your keyboard and keypad until you have a satisfyingly long and complex combination of letters and numbers that nobody could ever guess it. Write it down somewhere safe, and then bid good luck to anyone who tries to crack it.
Try using either WPA as above, or if you want to get more into it, you can choose WPA2 Enterprise, which requires a username and password. Of course, you're going to need some pretty serious server architecture on the server-side but it's very strong. You can even specify groups for users and limit access to connections or network resources by which groups your users belong to. This means you can even grant access to your network without endangering your internet, or the other way around. For this, you are probably best running Windows Server possibly with ActiveDirectory on your server and set it up between you router and your server from there.
If you want to get really serious, you can take it to the next level. Use WPA2 Enterprise, requiring a username and password, but then also require certificate authentication. For this, you will again need a lot of server-side work to make it reliable and functional, but it could be worth it. This way, you can control who logs onto your network, and from where/what. Create a network certificate (I won't go into the details here) and specify any details you need, then distribute it to the clients you want to connect. I find the easiest way of doing this is to drop it onto a small-capacity USB drive and share that around, installing the certificate as you go. I've also heard of people programming incredibly intricate certificates with full call-home procedures to ensure security, which you can try if you're feeling a bit weird. Of course, then, you will need to configure your network to accept logins and then to check the certificate and you need to set up every client computer's network settings to submit it's certificate. But of course, by this time, there is just about nothing on the outside which could easily get in.
So, if you implement any of these, (or all of them, as I've seen before, with varying degrees of success) you should find that your connection is pretty secure from all those outside intruders and you're safe to stream, torrent and generally throw yourself about on the interwebs with a bit more confidence...
Posted by Alistair... on
Mar 23, 2015 | Compaq Computers & Internet
Feb 04, 2011 | Apple iPod touch
Dec 17, 2010 | Archos 28 Internet Tablet
Oct 24, 2010 | D-Link AirPlus DI-524 Wireless Router
171 people viewed this tip
Usually answered in minutes!