Protect your Wireless Network

Old Wireless Router = Security Decoy

Many people today have switched from their old 802.11B wireless routers to an updated 802.11G. Considering that wireless G has a greater range and faster transfer rates many people have decided to ditch their old wireless routers. Well, don’t throw that old wireless router away just yet. You can use this old router to confuse and deter would-be hackers and wardrivers. If you have recently purchased a router (depending on the model) you have probably noticed an SSID option. Your SSID is simply the name you give to your wireless access point. For example, Linksys routers have a default SSID called “Linksys”. This means when you search for wireless networks you will see an access point based on their SSID name.

If you haven’t figured it out, having an extra wireless router can offer a special network security benefit. You can use your old wireless router by applying power to it and positioning it next to a window or outside wall. The old wireless router will act as a network decoy to the would-be bandwidth moochers or network attackers. They will see the stronger wireless signal and think they are connecting to your network, when in fact they will not be connecting to any part of your network.

Further Security Details

Your main wireless router should have some security features already in place. At minimum, those features should include:

• Encryption (WPA-PSK or WEP)

• SSID Modification

• A Router password

I will explain in a later Article how to apply encryption to your wireless network but for now know that if you have the choice between choosing WPA-PSK or WEP, choose WPA-PSK. WPA-PSK is easier to use and offers much better security features. (Do not use encryption on your decoy wireless router. We want people to be able to connect to the decoy with little or no effort.)

What is meant by SSID Modification? Simply put, you need to change your default SSID to something uninformative and mildly obscure. If your router gives you the option to turn off your beacon or turn off your SSID broadcast, then you should definitely employ this option. Let’s say you live in a neighborhood or an apartment complex and you choose your SSID to be “The Smith Family” or “John’s Network”, everyone who is in proximity of your wireless signal will see this description. Most hackers and attackers want to gain something from their efforts, so if you choose a descriptive name associated with your home or your person, hackers now have a target. (This precaution should also be taken for the decoy wireless router. You do not want to announce your location or the fact that you are hosting a wireless connection to anyone.)

Finally, you need to set an “Admin” password for your wireless router. In many cases, when you buy a wireless router there is no password set or it is manufactured with a default password. If a new password is not set, anyone that can connect to your router can also make changes to your router settings. If this happens, many critical security issues can arise and a more sophisticated hacker could forward all the information you send to and from other computers (i.e. bank servers) through his machine first. This is known as the ‘man-in-the-middle’ attack and your most secretive information can be compromised. Here is a bit of proof that your default passwords are not safe. It is also one more reason to change your default SSID, if I was connecting to a “linksys” router I would use this list to locate a linksys default password. (This precaution should be taken for the decoy wireless router as well, if someone could log into your decoy router they could easily find out that router’s purpose in your home.)

Re-Cap

You can use your old wireless router as a decoy for would-be hackers and bandwidth pirates.

First, you must secure both routers in the following manner:

• Main wireless router should employ at minimum:

• Encryption (WPA-PSK or WEP)

• SSID Modification

• A Router Password

• Decoy wireless router needs:

• SSID Modification

• A Router Password

Second, your decoy wireless router should be placed next to a window or outside wall and should ONLY have the power connected to it.

Finally, …monitor. Depending on your decoy router features you may be able to log the number of computers that connect to your decoy. If not, you can always monitor by logging into your decoy and looking at your LAN status. By monitoring the number of people that connect to your wireless decoy you can effectively gauge the traffic and potential risk you assume when you host a wireless network.