Securing Your Wireless Network; Understanding Wireless Bridges
by David Chernicoff, firstname.lastname@example.org
My commentary about solving wireless networking problems (May 11, 2006,
InstantDoc ID 50339) generated quite a few reader questions, primarily
about security and using wireless bridges. Based on those reader
questions, my commentary details how to secure your wireless network
and explains more about wireless bridges.
5 Things You Can Do to Secure Your Wireless Network
1. Put a password on your wireless router/access point (AP).
It's amazing how often I come across wireless networks that retain the
default router name and password. Every other security option is
meaningless if the router isn't secured. You might also consider
disabling remote administration unless you have a reason to administer
the router from a location other than the local network.
2. Turn off broadcast of the Service Set Identifier (SSID).
By default, your router will broadcast your wireless network's SSID.
The SSID will then be visible to anyone with a computer and a wireless
networking card. However, before you turn off the SSID, you need to
know the name of the wireless network should you want to access it, as
turning off the SSID means you won't automatically be able to get that
3. Consider disabling DHCP.
If only a few systems access the wireless network, you might want to
turn off DHCP and give the clients static IP addresses, which have to
be assigned manually and must match the IP address range supported by
the router. Otherwise, if you use DHCP, any DHCP client that finds the
network will be assigned an address. Disabling DHCP is simple and
prevents unauthorized users from getting a network-supplied IP.
4. Use MAC-address filtering.
MAC addresses are specific to individual network devices. When you type
"ipconfig /all" at a command prompt in Windows, one of the items
returned is titled Physical Address and consists of six pairs of
numbers. These numbers are the MAC address of the adapter, which is
stored in the network adapter ROM. You can lock down your wireless
network by configuring your router to accept only connections from a
specific list of PCs by their MAC address. Unfortunately, this is a
time-consuming task if you need to add hundreds of PCs to the list.
Once the list is created, however, adding individual PCs to it is
5. Enable encryption.
Although Windows defaults to the 802.11 Wired Equivalent Privacy (WEP)
standard when encryption is enabled, consider upgrading to Wi-Fi
Protected Access (WPA). WPA provides a stronger security model than
WEP, and you can download WPA support to Windows XP (if you don't
already have Service Pack 2--SP2--which already has it). My tip (see
below) references a URL for downloading the WPA support patch as well
as other helpful URLS related to WPA. Regardless of which encryption
method you choose, you should use one, even if WPA isn't supported on
all your clients.
Many brands and models of wireless routers and APs support these five
tasks and when combined with them will provide solid wireless network
Understanding Wireless Bridges
You can find a broad range of wireless bridges, from products capable
of connecting networks that are 50 miles apart to products that enable
building-to-building connections to simple bridges that allow wireless
networks to connect back to wired components. I mentioned the last type
in the May 11, 2006, "Windows Client UPDATE." These simple bridges are
inexpensive units (typically from $100 to $400 depending on
capabilities) that let you connect a wired Ethernet component to your
existing wireless network.
In my home, I use a simple wireless bridge to connect my Turtle Beach
AudioTron digital music player, which is attached to the stereo system
in the family room, to my wireless network for access to the music
server, which is on a wired network in my home office. The bridge also
provides general Internet access to the player so that I can listen to
Internet radio stations. This same type of bridge could connect any
wired Ethernet networking device to a wireless network.
The more expensive wireless bridges offer greater management
capabilities and are often referred to as workgroup bridges. They are
generally used to connect wireless workgroups to larger wired networks.
Copyright 2006, Penton Media, Inc.