Chapter 2
Wireless Security Checklist
3
Wireless ADSL2+ Modem Router
Chapter 2:
Wireless Security Checklist
Wireless networks are convenient and easy to install, so
homes with high-speed Internet access are adopting them
at a rapid pace. Because wireless networking operates by
sending information over radio waves, it can be more
vulnerable to intruders than a traditional wired network.
Like signals from your cellular or cordless phones, signals
from your wireless network can also be intercepted. Since
you cannot physically prevent someone from connecting
to your wireless network, you need to take some additional
steps to keep your network secure.
1. Change the default wireless
network name or SSID
Wireless devices have a default wireless network name
or Service Set Identifier (SSID) set by the factory. This is
the name of your wireless network, and can be up to 32
characters in length. Linksys by Cisco wireless products
use linksys as the default wireless network name. You
should change the wireless network name to something
unique to distinguish your wireless network from other
wireless networks that may exist around you, but do not
use personal information (such as your Social Security
number) because this information may be available for
anyone to see when browsing for wireless networks.
2. Change the default password
For wireless products such as access points, routers, and
modem routers, you will be asked for a password when
you want to change their settings. These devices have a
default password set by the factory. The default password
is admin. Hackers know these defaults and may try to
use them to access your wireless device and change your
network settings. To thwart any unauthorized changes,
customize the device’s password so it will be hard to
guess.
3. Enable MAC address filtering
Linksys by Cisco routers and modem routers give you
the ability to enable Media Access Control (MAC) address
filtering. The MAC address is a unique series of numbers
and letters assigned to every networking device. With
MAC address filtering enabled, wireless network access
is provided solely for wireless devices with specific MAC
addresses. For example, you can specify the MAC address
of each computer in your home so that only those
computers can access your wireless network.
4. Enable encryption
Encryption protects data transmitted over a wireless
network. Wi-Fi Protected Access™ (WPA™/WPA2™) and
Wired Equivalency Privacy (WEP) offer different levels of
security for wireless communication.
A network encrypted with WPA™/WPA2™ is more
secure than a network encrypted with WEP, because
WPA™/WPA2™ uses dynamic key encryption. To protect
the information as it passes over the airwaves, you should
enable the highest level of encryption supported by your
network equipment.
WEP is an older encryption standard and may be the
only option available on some older devices that do not
support WPA™.
General Network Security Guidelines
Wireless network security is useless if the underlying
network is not secure.
• Password protect all computers on the network and
individually password protect sensitive files.
• Change passwords on a regular basis.
• Install anti-virus software and personal firewall
software.
• Disable file sharing (peer-to-peer). Some applications
may open file sharing without your consent and/or
knowledge.
Additional Security Tips
• Keep wireless routers, access points, or modem routers
away from exterior walls and windows.
• Turn wireless routers, access points, or modem routers
off when they are not being used (at night, during
vacations).
• Use strong passphrases that are at least eight characters
in length. Combine letters and numbers to avoid using
standard words that can be found in the dictionary.
WEB: For more information on wireless security,
visit www.linksysbycisco.com/security