Using file and printer sharing behind a router and/or with a firewall is pretty safe. The router acts as firewall and no one outside of your local network can access your files. As soon as you add wireless capability, all of that changes, becuse now, on an unsecured wireless network, people that can access your wireless network, can also access your shared files. Thus, it is important to secure your wireless network.
Changing the SSID from its default setting and hiding the SSID is the first step, but still does not make the network secure. You should also change the password on your router from its default value, and enable MAC address filtering. With these steps, someone that wants to break into your network will have to guess the SSID and find a way to spoof the MAC address of a network card that is allowed onto your network.
These steps will likely stop casual hackers. To provide even more security, you should limit the number of available IP addresses that can be assinged by the router, and enable encryption. Most newer routers and network cards support WPA encryption which is more secure than the older WEP encryption. With encryption enabled, it will be more difficult to connect to the network and it will also be more difficult for someone to intercept your wireless signal and steal any sensitive information being transmitted across the airwaves.
I sincerely doubt that even these steps will make the wireless network 100% secure. But, it will make it very difficult for hackers to break in unless they are willing to invest a large amount of time in doing so. For most hackers, there are so many other easier targets (people that have not taken any security measures) out there, that they will hit those first. In my neighborhood alone, I can see 5 unsecured networks, and although I have warned my neighbors countless times that they are vulnerable, they have not yet gotten around to securing their networks. I guess I should be grateful, as any drive by hacker will hit those networks first and probably not even realize that my network is present.
If you enable the hihgest encruption possible, chnage the SSID name, disable the boradcating of the SSID, and use a strong password for the router no self respecting hacker is going to waste the time fooling around to hack your home LAN. You just removed yourself from the low-hanging fruit crowd. That pool, my friend, is full of fish.
volcano11
2 Intern
•
28K Posts
0
May 6th, 2005 02:00
Using file and printer sharing behind a router and/or with a firewall is pretty safe. The router acts as firewall and no one outside of your local network can access your files. As soon as you add wireless capability, all of that changes, becuse now, on an unsecured wireless network, people that can access your wireless network, can also access your shared files. Thus, it is important to secure your wireless network.
Changing the SSID from its default setting and hiding the SSID is the first step, but still does not make the network secure. You should also change the password on your router from its default value, and enable MAC address filtering. With these steps, someone that wants to break into your network will have to guess the SSID and find a way to spoof the MAC address of a network card that is allowed onto your network.
These steps will likely stop casual hackers. To provide even more security, you should limit the number of available IP addresses that can be assinged by the router, and enable encryption. Most newer routers and network cards support WPA encryption which is more secure than the older WEP encryption. With encryption enabled, it will be more difficult to connect to the network and it will also be more difficult for someone to intercept your wireless signal and steal any sensitive information being transmitted across the airwaves.
I sincerely doubt that even these steps will make the wireless network 100% secure. But, it will make it very difficult for hackers to break in unless they are willing to invest a large amount of time in doing so. For most hackers, there are so many other easier targets (people that have not taken any security measures) out there, that they will hit those first. In my neighborhood alone, I can see 5 unsecured networks, and although I have warned my neighbors countless times that they are vulnerable, they have not yet gotten around to securing their networks. I guess I should be grateful, as any drive by hacker will hit those networks first and probably not even realize that my network is present.
Steve
volcano11
2 Intern
•
28K Posts
0
May 6th, 2005 02:00
Just to add to the above, take a look at the following Microsoft article on wireless security:
http://www.microsoft.com/windowsxp/using/networking/learnmore/bowman_05february10.mspx
Steve
jmwills
2 Intern
•
12K Posts
0
May 7th, 2005 08:00