Securing your WLAN access point
Wireless Internet access is ever so convenient; no need for messy ethernet cables when sitting with your wifi-enabled laptop in the sofa relaxing. This convenience can come at a price though. Your wireless access point (WLAN access point, WAP) could probably do with some locking down, especially if you’ve never even visited the administration interface of it.
Most WLAN access points are NOT secure out of the box.
Consult your WAP manual and make sure you at least do the following:
- Enable password protection/change default password for administration interface
- Enable logging
- Disable broadcasting of SSID
- Enable WEP (Wired Equivalency Privacy).
This encrypts data transmitted over the air. WEP has flaws which can be exploited, but it’s still better than no encryption at all. - Use MAC access control list.
This makes sure your access point only talks to your computers. You may find a record of your computer’s MAC address in the WAP log (you did enable logging, didn’t you?) - Disable remote SNMP
- Turn off your wireless access point when not in use.
For additional protection:
- Turn off any file- and printer sharing on your computer.
- Install a personal firewall.
- Install anti-virus software and keep it updated.
- Make sure you have the latest patches for your operating system.
- Look into deploying some sort of VPN-solution between computers connected via WLAN and your gateway.