Wireless Home Networks: The Dangers of Plug-and-Play

LongIsland.com

By Cory Rau Most families (my in-laws notwithstanding) have a broadband Internet connection and more than one computer. This requires the use of a broadband router so that a single Internet connection may be shared ...

Print Email

By Cory Rau

Most families (my in-laws notwithstanding) have a broadband Internet connection and more than one computer. This requires the use of a broadband router so that a single Internet connection may be shared between multiple computers. Linksys, NetGear and Apple all make devices that are capable of fitting the bill.

And, if you're like me, you've also got a computer or two with wireless networking capability so you can browse the web wherever you are in the house. This setup requires a wireless broadband router.

If you're still reading, it probably means that you either already have such a device or you're considering one. For the most part, each wireless router hosts its own wireless network. In order to join the network created by your router, you may need to start up your computer and choose that network from a list of available wireless networks within range of your computer. This is where it gets interesting.

Most wireless routers will work out of the box with most of the Internet connections providers install these days. All you really need to do is plug in the power cable and connect your broadband modem to the router via a standard network cable and you're ready to go. A Linksys router will automatically create a network called "Linksys" or something like it. Join that network and you're probably immediately able to browse the web wirelessly. Mission accomplished, right? Well, if you're the type of person who would leave his/her car with the windows down and the keys in the ignition overnight in a shady neighborhood, then yes, you're finished.

If you're not that type of person, you'll need to secure that router so that joining its wireless network requires a password. Think about how easy it was for you to join that network. Why would you think it would be any more difficult for someone parked outside your house to do the same? Don't get me wrong. I'm all for sharing my Internet connection with any stranger who just wants to check e-mail quickly or get some movie reviews.

If those were the only types interested in joining my network, I'd probably leave it open to the public. The fact of the matter is, there are people out there who roam around looking for unsecured wireless networks to join; and they're not checking movie times. Once they've joined your network, they have the freedom to monitor and capture all the network activity on your network (which may include web site passwords and credit card numbers) and attempt to hack into your computer at their leisure and install all sorts of nasty programs.

Keep in mind that there's no alarm on your computer that alerts you to this type of activity. It's completely transparent to you and potentially devastating to your bank account. The fact of the matter is that it's not very difficult to secure your network with a password. The directions are included with the setup guide that came with your router. If you've lost that, you can download the guide specific to your router model from the manufacturer's web site. For most people, I would advise using WPA as opposed to WEP as a means of securing access. WPA is easier to use and more secure.

A number of people have told me that they don't want to put a password on their router because they don't want to have to enter it every time they connect. This argument is baseless, however, because any computer, Windows or Mac, will offer to "remember" that password for you the first time you enter it so it won't be required on subsequent web surfing expeditions from that computer.

While we're discussing passwords, it pays to mention that your router came with a configuration utility built into it. In the case of a Linksys device, all you have to do is obtain the router's address, type it in to your web browser, type in the administrator's password at the prompt and you're in. It's a whole web site dedicated to the configuration of your router. I'd be remiss not to mention that this administration utility came out of the box with a factory standard password. That means that if you haven't changed it manually, any data thief worth his/her salt will be able to log in to your router and configure it in any way he or she sees fit. Scary, right?

There are essentially three things you should change to the factory configuration of your new router:



  1. The network name (sometimes known as the SSID). It should be something other than the default "Linksys" or "Netgear". I would suggest naming the network something that does not clearly indicate who or where you are.


  2. Enable WPA security to require a password for access to your network (make it difficult to guess).


  3. The administrator password used to alter the device's configuration.


These three changes will take only a few minutes of your time. In exchange for this minimal effort, you will gain a significant measure of protection against theft of your personal information. Hackers will always find a way around security but they tend to go for easier targets. . .like your neighbor down the street who hasn't read this article.

----------
Cory Rau is the Managing Director of

Bullpen Tech Services

, a technical services company serving small and medium sized businesses on Long Island. He has also been the Information Technology Director of Bullpen's parent company, Edwin B. Stimpson Company, for over 16 years.