This can be a complicated topic, but to keep it within the level we are comfortable within the group, I centred on the following aspects.
- SSID
- Channel Frequencies
- Encryption Protocols
- Secure Passwords
If all you remember about routers is the above information, you'll do well. To no understand, could potentially allow security to be compromised and also possibly allow others unauthorised access to A) your Internet Connection, and B) worst case scenario, access to your files!
The Basics: What is a Router?
A router is a device that forwards data packets between computer networks, creating an overlay internetwork. A router is connected to two or more data lines from different networks. When a data packet comes in one of the lines, the router reads the address information in the packet to determine its ultimate destination. Then, using information in its routing table or routing policy, it directs the packet to the next network on its journey. Routers perform the "traffic directing" functions on the Internet. A data packet is typically forwarded from one router to another through the networks that constitute the internetwork until it reaches its destination node.
Here we have a picture of a BT Home Hub - which is there router for the home. It is combined in this instance with a telephone base unit. |
The most familiar type of routers are home and small office routers that simply pass data, such as web pages, email, IM, and videos between the home computers and the Internet. An example of a router would be the owner's cable or DSL modem, which connects to the Internet through an ISP. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.
What is an SSID? What does it stand for?
The SSID (or Service Set IDentifier) names and identifies a wireless network, It is something that access points broadcast to client devices to announce the presence of the access point. The SSID denotes the name of a network on a Wireless Local Area Network (WLAN), and could be any name up to thirty-two (32) characters in length.
For security reasons, broadcasting of this SSID is commonly turned off on some routers. All access points and all devices using a specific wireless network must use the same SSID.
Channel Frequencies: Changing them for Improved Performance
When talking about wireless networking, a channel is simply another term for the frequency at which your wireless router broadcasts its signal.
The Channels you can set your Router to. (Click the image to enlarge) |
Click this weblink to read more about Changing Channels
What are Encryption Protocols
You're gonna love this.....great bedtime reading!!! It’s critically important to secure your wireless networks, but security can be complex, particularly when it comes to configuring each network component appropriately. Routers allow you to encrypt data as it travels in and out of your network, making it much more difficult to be read or altered by hackers trying to steal confidential information. Most small business routers let you choose which data encryption protocol you want to use, but in order to make the best choice for your network, you need to understand the differences between encryption protocols.
For wireless networks, the data encryption protocol is WPA, or Wi-Fi Protected Access. WPA was introduced in 1999 after significant flaws were discovered in the original wireless encryption protocol, WEP (Wired Equivalent Privacy); even though many routers still include WEP, it’s too insecure to rely on to protect your business. Instead, opt for one of the protocols in the WPA family.
Since the introduction of WPA, one more encryption protocol has been added to the family, along with two different modes: WPA2 and the WPA2-PSK (Pre-Shared Key) and WPA2-ENT (Enterprise) modes. Using WPA2 has become the general default, but the mode you choose depends on your business needs and IT environment.
Launched in 2004, WPA2 is even more secure than WPA. It is the full implementation of the 802.11i standard for securing wireless networks, while WPA was a subset of the standard and intended only as a stop-gap solution until WPA2 was completed. WPA2 uses the AES (Advanced Encryption Standard), which provides government-grade encryption capabilities that are stronger than the TKIP (Temporal Key Integrity Protocol) used by WPA. In fact, AES is thought to be uncrackable by even the most skilled hacker.
The two other WPA protocols are designed for different types of networks. WPA2-PSK is intended for home and very small office networks. Each wireless device is authenticated by the same 256-bit key. With this mode, you set an encryption passphrase that must be entered by each user when connecting to the network. This passphrase can be stored on each computer, but it must be entered—or changed—individually for each device. All users share a locally stored passphrase, which can be found and copied from a computer by anyone. This makes WPA2-PSK less secure than the WPA2-ENT mode.
WPA2-ENT is made for the enterprise network, but it’s a smart choice for any business network. It provides security against more attacks than WPA2-PSK and separates users from the router’s passphrase to the network. WPA2-ENT creates new encryption keys each time users log on to the network with their unique passwords, and the passphrase to the network is not stored locally. It also allows for centralised control over users’ access to the wireless network, which makes management easier than with the WPA2-PSK mode. In a nutshell we don't have to worry about WPA2-ENT ;)
No matter which mode you choose, you must set all of your wireless networking devices to the same one for them to communicate properly.
Secure Passwords, and Why we Should Use Them.
Password strength is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly. The strength of a password is a function of length, complexity, and unpredictability.
Using strong passwords lowers overall risk of a security breach.
When it comes to setting a password on your router, the more complicated the better. As suggested if it's too easy, and simple, it could be easy to guess.
Click this link for some additional information on Strong Passwords.
No comments:
Post a Comment