There are many reasons to shut out any intruders, certainly not least to protect your privacy and security.
Here are some rules to always follow, keep in mind also that just set these basic security rules at the beginning and you will already have a high level of security for your Internet connections.
1. Always use the best wireless encryption system your modem or router has! Many devices are WPA2 as the default encryption level (since 2006), but WPA / WPA2 encryption must be enabled, if possible, on every home wireless network. So, as a first task: check the encryption level of your connection and change it if you have previous and therefore insecure encryptions.
Wireless networks can use various encryption methods to protect data that is sent over the network. WPA (Wi-Fi Protected Access) or the latest WPA2, are certainly the best wireless encryption standards currently available for most users of wireless networks.
If your modem / router does not include WPA or WPA2 encryption, the purchase of a new device is strongly recommended, moreover the prices are strongly down. A small outlay of money that will guarantee you a peaceful night’s sleep!
It is absolutely necessary to understand that the WEP (Wired Equivalency Privacy) encryption system is old and outdated, it is undoubtedly the weakest form of encryption and should never be used if WPA or WPA2 are available. WEP is vulnerable to piracy attacks and although, unfortunately, some game consoles only allow the type of WEP security, it is always better than nothing, but keep in mind that you are vulnerable!
Warning: even WPA is attacked by hackers, but if you have entered a fancy name with letters and numbers, without therefore existing on a vocabulary, you will certainly be safe.
2. Always use effective network passwords or network keys!
Hackers are able to use various methods to compromise weak passwords. As a general rule, the longer and more complicated the password, the more difficult they are to identify. We recommend a password of at least eight characters to allow access to the wireless network. Obviously the longer the password, the less chance there is that your wireless network can be compromised.
The password (or network key for wireless devices) should include a combination of uppercase letters, lowercase letters, numbers and symbols (if the device accepts them) to avoid identifying them.
Using random letters instead of words or phrases can be difficult to remember, but will help protect against attacks known as “dictionary” (attempts to use common words as passwords) and also “brute force” attacks (multiple attempts in seconds of a large number of different passwords).
You will never have to use the same password to control or access more than one system or program and never use your wireless network name as a password! Otherwise you will make things too easy for hackers!
3. Choosing not to transmit the SSID (network name)
It is not clear why (here also the manufacturers are guilty) most wi-fi modems and routers automatically (and continuously) transmit the name of the wireless network (or SSID – Service Set Identifier).
This setting can usually be disabled by the user, all modern routers / modems do it precisely because a first “port” to identify and attempt to access the private wireless network. Disabling your SSID will make the network name invisible to most people, but will still allow those who know the network name to connect to it.
It is certainly true that particular “sniffers” will still be able to detect the network, but normally having the SSID hidden still offers an additional level of security. Also because the attacker normally tends to exclude networks with hidden SSIDs because he already knows that they have been “calibrated” by very careful users, users who have certainly entered very strong passwords with WPA – WPA2 encryptions.
4. Change the modem password! Immediately!
The wireless network, as already explained, should have a WPA / WPA2 encryption, a strong password / network key and also a hidden network name (SSID), but what about the router? How safe is yours?
Most modems / routers have a good variety of configuration which can be changed according to the user’s needs. Almost all these devices also allow remote access (away from the actual modem) to adjust the settings. Is yours too?
Wireless devices are set to use a default password such as “admin”, “password” or the name of the manufacturer. These settings are easily accessible to a user when the modem and the network is under construction, but because they often use weak passwords and if you do not change them they will provide easy access for anyone.
Keep in mind that the default passwords for modems and routers are easily found on the Internet. Changing the default password of the modem or router is absolutely necessary and essential. Even the passwords for accessing the wireless service must be changed because programs that have managed to encode the algorithm that creates them are increasingly seen on the Internet. The main rule is therefore to change all the default passwords already entered on the device, even if they seem very long and complex.
5. Remote Administration Modem.
Most modems or routers can be administered remotely over the Internet. The problem, however, is that someone besides you can potentially locate the Internet Protocol (IP) modem and perform a hacker attack to enter the control panel.
A simple fix for this vulnerability is to disable remote administration of the modem or router. Generally for home networks, remote access is not necessary and the safest thing is to disable this type of possibility. Of course you can always access the panel, but only via the lan cable connected to the router, undoubtedly much more secure.
6. Filtering MAC addresses .
What computers are connected to the wireless network? How can you know or control the devices that access the network?
Clarified that both WPA2 encryption and strong passwords are the best methods for controlling who is accessing the network, however most modems and routers offer additional methods for controlling access to the network.
Each computer or smartphone capable of accessing a wireless network has a unique identification number known as the MAC (Media Access Control) address. By now almost all modems / routers also offer the possibility to limit access to a wireless network only to devices included in a special list on the router.
Many of you will already know that this method of protection is not as strong as it may seem. In fact, it is possible that some people make real MAC address spoofs to identify the serial number that has access to the network and modify another device capable of overcoming this protection, but this method still offers an additional level of security that can help protect your network.
Please note that if you set MAC filtering incorrectly your devices may no longer connect to the network. Nothing dramatic: just reopen the router configuration panel and enter the right number in the list of MAC Addresses, a list that will be stored in the router and will not have to be re-entered every time (unless new additions).
7. How strong should your wireless signal be?
How strong is the wireless signal? How far does it have to go to make the most of your connection?
In most houses, about 20-30 meters (in a straight line) is more than enough, so why transmit the signal to the whole neighborhood giving more possibilities for further attacks?
Not all modems and routers allow (in the configuration panel) to adjust the signal strength, but if the relative option is present we recommend that you “calibrate” the range well, so as to avoid further temptations. Without signal it is impossible to enter the network!
8. Activate the firewall integrated in the router / modem
Many modems and routers come with a built-in firewall. A firewall can prevent unauthorized people from accessing the network, and it is also able to control which programs work within the network. The modem / router firewall must be enabled through the configuration panel. It is usually disabled by default, perhaps due to initial connection problems, check.
There is also to consider that some wireless devices include in their firmware some security programs generally known as intrusion detection systems (IDS) . These systems are able to detect attempts to gain unauthorized access to the system, protecting and blocking a good number of attacks outside the network.
In case you are about to buy a wireless modem or router ask if it is equipped with IDS, this function could cost a little more, but it is definitely recommended.
9. Is your modem updated?
Modems and similar devices work thanks to software known as “firmware”. This firmware, like other software programs, sometimes requires an update to make sure it always works with maximum efficiency and to improve your / your safety.
Many modems supplied directly by Internet Service Providers (ISPs) offer an automatic firmware update. In this case, check with your provider if this occurs.
If not, firmware updates will have to be done manually by logging on to the modem manufacturer’s website. Do not use firmware found on the net or unofficial, use only that of the manufacturer because more and more “tarot” software circulating specifically created by hackers to access private wireless networks.