Tag Archives: home

Wireless Security – a 5 star need of today

Market is flooding with a lot many wireless devices, for home and business applications. Also, many wireless devices, especially wireless routers / access points are available at attractable prices.

Many of us purchase them, set up them, and often forget the rest – once we get it functioning.

But, setting up primary security is a very next step after setting the device and testing it.

Recent terror attacks was a red signal for many wi-fi home users.

Here is a brief idea, how we can set up primary but essential security with the available wireless router.

  1. Change default user name and password, few routers do not support change in user name. Default user name is generally admin in most cases. Use combination of aLpHaNuM3R1C (alphanumeric) and $peC|@l (special) characters as password. Keep password as long as possible to avoid break by bruit force technique. Providing sp a ce (spaces) in between password character increases strength in most cases.

  2. Once password is tightened, now it’s time to reduce number of maximum (possible) users. In DHCP settings, generally a lot – like 100 of users can be connected. If in actual situation, say there can be maximum of 2 users at a time, keep maximum user figure as 2, or keep IP allocation in such a fashion that the DHCP will be in position to allocate only 2 IPs, even if more attempt to connect. Of course, disabling DHCP, and allowing only manual configuration, is always best practice, since it is difficult to guess the settings by hacker, if IP allocation is made smartly.

  3. Now, actual security comes into picture. Disable SSID broadcast, unless it is very important. This makes it difficult to identify network name in wireless coverage area without smart tools. You may also reduce connection idle time and other router specific features to reset connection with client device such as laptop or PDA in case of idle time.

  4. Keep the SSID difficult to guess. Always change default SSID of your router.

  5. MAC filtering is another and important feature. MAC is a universally unique number of any network equipment. Typically for known usage, set MAC filter with allow policy viz. Allow devices to be connected only with mentioned MAC numbers, reject rest. Of course, MAC spoofing is possible through few tools, however for an attacker, it is very difficult to guess correct MAC without touching the device, without making single connection, or unless the user reveals it. :p

  6. Next in picture comes software enabled security, typically Keys. Define and set different set of keys and use appropriate method of key to set up and avoid unauthorised access to network. This will deny network connectivity to the client in case it is just standing before the network door. Without a key, the router does not allow access. Of course, few techniques and few weak key algorithms are there, those can be broken. 🙁 But, combination of all mentioned techniques, here, is a fruitful solution to increase security.

  7. Port(s) blocking and service(s) disabling is also helpful, feature available in most of today’s routers.

A before buy tip – do not be trapped in marketing blues….. The salesperson will mostly encourage to buy best (in features and price too!) device. Go for a device which is good enough for security measures, and not really more that what you want – say wireless coverage area. If the need is max. 90 feet, a router with coverage up to 100 feet is best, no need to offer a chance to neighbor hacker, by purchasing a router with 150 feet coverage range! Of course, your needs are the best judge to decide suitable product, not always the sales person!! Buy and set the device in center area of its potential use, to utilise the covered radius area of connectivity.

Diwali @ home

Perhaps after few years, this time it’s planned celebration at home! Usually we celebrate the festival of lights along with vacation tour or picnic.

Diwali blasts….

Preparing Rangoli

Final Result is out….

Diya offerred to god.

%d bloggers like this: