The IT Guy: How to keep your home's Wi-Fi secure

Wi-Fi is everywhere these days -- I rarely see anyone with a broadband connection who isn't using a Wi-Fi router with it anymore. Even my mom has Wi-Fi at home (admittedly, I might have had something to do with that).

Thankfully, most Wi-Fi hot spots that I encounter are password-protected -- a far cry from even a few years ago, when you could drive down a neighborhood street and have your choice of any unsecured hot spot to jump on. However, even today there are still more than a few wide-open connections out there, just asking for anyone and everyone to come join the party. This makes us IT droids cringe!

On March 7, a husband and wife in Buffalo, N.Y., were rudely awakened by the sound of federal agents breaking down their door in the middle of the night. Lying on their living room floor with assault weapons aimed at them, they were told they had downloaded thousands of images of child pornography and were under arrest.

Of course, the couple hadn't done any such thing, but they had just bought a wireless router and were fed up with trying to figure out how to set up a password. Their network unsecured, a neighbor in an adjacent apartment building was able to log on and take what he wanted.

Thankfully, after examining the husband and wife's computers the Feds realized they had the wrong people and were able to then find the neighbor and arrest him.

The couple was issued an apology by a U.S. attorney, but the damage was done. So the next time you think it's too much of a hassle to secure your connection, just think about the potential consequences.

Still, I do understand the temptation to leave your network wide open. In addition to not wanting the hassle, maybe you have friends over all the time and want them to be able to use your Internet connection without going to a lot of trouble.

Heck, I've even heard of people sharing their connections with their neighbors and in return getting $10 a month in some kind of Internet connection symbiosis. But no matter the reason, you should always have a strong password protecting your network.


Here's a couple of other security procedures to further help protect your network:

  • Turn off the SSID broadcast: This is a simple security step that will keep 95 percent of strangers off your network. In your Wi-Fi router's preferences, uncheck the box that says "Enable SSID broadcast" or something to that effect. When you first set up your router, you are asked to give your Wi-Fi network a name -- its SSID. This name is then sent out by the router letting the world know it's there. It's little more than a convenience. If you can simply remember the name of your network instead of broadcasting it, most folks in range of your network won't know that it's there and you can enter it in manually to any device to connect to your network.
  • Now, this isn't fool-proof -- your network is still there, and can be seen with a Packet sniffer (the original name for this column, by the way). However, most likely you aren't living next door to a hacker, so this is just an extra layer of protection.

  • Use MAC address filtering: No, this isn't a reference to Apple computers, but MAC (Media Access Control) address filtering. It should keep out another 4 percent of strangers. The MAC address is a unique identifier for each device that has an 802.11 or ethernet interface.
  • A digital fingerprint, no two MAC addresses are the same, so in your router's settings you can tell it to only allow devices on your network with MAC addresses that you specify. The MAC address is a 12 character code separated by either dashes or colons. To find the MAC address on your individual device, just Google "find MAC address (your device here)."

    Again, this isn't fool-proof protection either as MAC addresses can be spoofed, however most hackers would probably just skip your house rather than go to all the trouble.

    Morgan Bonner is Pre-Press Manager and a systems administrator for the Packet and Gazette.