Securing Your Wireless Network | Absolute Beginners Guide to Tablet PCs

Although it is easy to connect to wireless networks, that ease is also its greatest downfall. Security is a concern that all wireless users should think about. In addition to setting up file security on your Tablet PC (covered in Chapter 11, "Data Management and Synchronization"), you need to secure your wireless network access points.

One of the best ways to secure your wireless network is to perform the following (you'll learn more about each of these steps in the sections that follow):

Physically protect your Tablet PC.
Disable SSID broadcast and create a nonsensical SSID.
Enable WEP.
Change your default password.

Step 1: Protect Your Tablet PC

The first way to secure your data is to limit physical access to your Tablet PC. Carry it with you, lock it up, use mobile security alarms and locks, and the like. This is crucial if you have critical data on your machine.

In addition to limiting physical access to your Tablet PC, you should protect the files on your Tablet PC using file system security, as described in Chapter 11. Good security practices and data management will always be the first layer of protection. That way, even if people get onto your network, you can prevent infiltration by blocking them from your files.

Tip

To totally protect yourself when you're not using the Internet, disconnect your Tablet PC from the network and turn off your Wi-Fi connection. If you're not using it, why not have 100% protection?

Step 2: Disable SSID Broadcast

If your wireless access point or router broadcasts its System Security Identifier (SSID), anyone in the vicinity with a wireless network adapter will be able to detect it. Once that is done, the person can connect to your network just by clicking a button.

What's in an SSID?

An SSID is just the name of your access point. On Linksys access points, for example, the SSID is "Linksys". Since that's a known SSID, it is inherently unsecure. You can usually change the SSID to whatever you like, but you're limited to basic characters and no spaces.

Disabling the broadcast of your SSID will prevent the casual hacker one who is simply looking for open wireless networks to infiltrate from exploiting yours. More sophisticated intruders could be persistent enough to get your SSID, however, and thus access your network. If your access point does not broadcast the SSID, an intruder will have to guess (or use an application like Network Stumbler) in order to gain access to your network. Make sure your SSID is not composed of words or numbers that relate to you or your organization, such as the company name, an address, a person's or pet's name, and so on.

For a person to connect to your network, that person must have the correct SSID assigned in his or her wireless network settings. If you have created a nonsensical SSID and stopped broadcasting it, you will prevent the majority of casual intruders.

Step 3: Enable WEP

Once you have disabled SSID broadcast on your access point, the next thing to do to increase protection is to enable Wired Equivalent Privacy (WEP). WEP, though basic, is the most common form of security in wireless networks. Although WEP is not perfect, it is a second measure that can enhance security. Some people use WEP instead of disabling the SSID broadcast, but used in combination, they provide a formidable defense against intrusion for the novice wireless hacker.

WEP is a security method used by most Wi-Fi access points. Enabling WEP can enhance security significantly, but it is not bullet-proof. When you enable WEP, you should create a WEP pass phrase that is nonsensical (for example, h7kqY73). This pass phrase will be used on both the access point and the wireless network adapter to create a "handshake." This handshake ensures that both sides of the connection know about the other side. By using the same pass phrase, the access point identifies your Tablet PC as friendly.

Not all access points use pass phrases, however. If yours doesn't, you will be asked to enter a WEP key. A key is 10 or 26 hexadecimal characters (0-9 plus A-G). You can use 40- or 128-bit encryption (protection scheme). A 40-bit key will use 10 characters, whereas 128-bit encryption requires a 26-character key. 128-bit encryption is stronger.

If you enable WEP on either the access point or your Tablet PC and not the other, you will be unable to connect. Make sure all your WEP settings are identical on your access point and your Tablet PC.

Step 4: Change Your Default Password

Once you have your access point/router configured, change the default password. Most hackers can guess the device's default password if they can determine the manufacturer of your network device. Changing the password to a "strong" password will prevent a hacker from changing your access point's configuration. A strong password consists of upper and lowercase letters, numbers, and special characters such as punctuation marks.

One last note on Wi-Fi security: As of September 1, 2003, the Wi-Fi Alliance requires all wireless products to have Wi-Fi Protected Access (WPA) security in order to carry the Wi-Fi compliant seal of approval. WPA is a subset of the 802.11i standard that is mentioned in the following sidebar.

Developing WI-FI Standards

A few new standards are just over the horizon that promise to improve Wi-Fi: 802.11e and 802.11i. 802.11e adds Quality of Service (QoS) functionality that lets it stream video and audio more capably than any of the other Wi-Fi standards. By giving priority to audio and video streaming, 802.11e can improve streaming quality, making Wi-Fi more capable in home theater and broadcast situations. 802.11i promises significant security enhancements by improving the way wireless devices connect and transmit data. This is a much-needed upgrade to Wi-Fi, as Wi-Fi is mostly unsecure.

The Absolute Minimum

Here are the key points to take away from this chapter:

Use wireless networking to be more mobile and to escape the tyranny of the wire.
Be diligent in security, because others can access your machine when you are connected over wireless.
Enable the wireless network icon in your system tray so that you will be notified of available connections.
Define the characteristics of your preferred networks. If you don't, you may not be able to connect.
Turn off wireless networking when you don't plan to use it in order to further protect your Tablet PC and your files from others.
Connect to wireless hot spots when you want to get on the Internet and are away from home.
Enable security on your wireless connections so that you will be less exposed.