Practical Security: Wireless Network Security & WPA

In light of the latest wireless vulnerability found, which can break “WPA” using “TKIP” for encryption, I thought I would advise everyone to review your home wireless setup.

The subject of securing your wireless (or wired) networks at home could be talked about for hours on end, and depending on what hardware (model/brand) you have, your set-up and configurations may vary. Please see the documentation that came with your device or the company’s website for more information on the specific model you have. Also, don’t hesitate to call or email the vendor for help if needed.

Basically it comes down to these few things:

  1. Don’t broadcast your SSID if possible. (See your manual, and see this link)
  2. Use Wireless MAC filtering if possible. (See your manual, and see this link)
  3. Don’t use WEP for encryption.
  4. Don’t use WPA w/TKIP (this is now breakable).
  5. Change your WPA from TKIP to AES for encryption. (See your manual)
  6. If your hardware (computer and wireless router) supports it, move to WPA2. (See your manual)

General Home Computer Security Info:

  1. Make sure your Anti-virus application is updating/updated and enabled.
  2. At a minimum, make sure the Windows Firewall is enabled (unless you are on a Mac, in which case you should turn yours on too).
  3. Use strong passwords comprised of alpha/numeric/special characters on all your “Admin” level computer accounts.
  4. If you have any files or folders shared over your home network, make sure they are password protected.

There are a million resources for articles on computers and security online, but here are a few good ones if you are new or inexperienced with the subject (or just need a refresher).

Microsoft Security Resource for Home Users:
http://www.microsoft.com/protect/default.mspx

US-CERT.GOV – Home Users:
http://www.us-cert.gov/nav/nt01/
http://www.us-cert.gov/reading_room/home-network-security/

CERT.ORG – Home Users:
http://www.cert.org/homeusers/
http://www.cert.org/homeusers/HomeComputerSecurity/
http://www.cert.org/tech_tips/home_networks.html

With all that said, have a safe, secure, and happy computing day.

About Will Chatham

Will Chatham is a Cyber Security Analyst, Ethical Hacker, and Penetration Tester at a federal data center in Asheville, NC. Since Netscape 2.0, he has worked in a wide array of environments including non-profit, corporate, small business, and government. His varied background, from developer to search engine optimizer to security professional, has helped him build a wide range of skills that help those with whom he works and teaches.
Bookmark the permalink.

Leave a Reply