Many people try to secure their network by keeping unauthorised people off their networks. But WiFi devices can provide a way to hackers to get into their network. Because WiFi signals travel through walls of houses and building, which invite the hackers to play with the wireless devices. Hacking wireless devices is the favorite job of cyber criminals.
Once your network is hacked, hackers can do lot of scary stuff in your network. They can:
|Use device’s camera and other hardware||Control the system remotely|
|Discover devices connected to the same network||Gather detailed information about connected networks|
|Access any account on the network||Use a compromised computer as a pivot to hack other systems|
|Intercept network traffic & modify it on the fly||Read, write and execute files on compromised system|
|Sniff network traffic such as Usernames, Passwords, URLs, Videos, Images etc.||Spy on users, can capture keystrokes on a compromised system|
Here are the few steps to make your wireless network secure from cyber criminals.
Use WPA/WPA2 Encryption instead of WEP Encryption
Some WiFi networks still use old WEP encryption for securing their network.Hackers can break into WEP WiFi Network easily and there are lot of methods to crack it. This network can be easily hacked. Straightforward: Just don’t use WEP. Instead of using WEP encryption, it is necessary to use WPA/WPA2 encryption.
Use Push Button Authentication for WPS (WiFi Protected Setup)
Some WiFi devices offer a feature of WPS which provide a convenient way to connect the wireless devices with the router. It allows the wireless devices to connect to the network without the password. This feature can be misused by the hackers to retrieve the password of WPA/WPA2 network because WPS pin is only 8 digits. This PIN can be used to get WPA/WPA2 password.
If you still want to use WPS, use push button authentication for the router instead of normal PIN authentication. Otherwise best way is to disable WPS settings for the router.
Use Secure Password for WPA/WPA2 Networks
If you use a common passphrase or small password for your network, it is easy to crack WPA/WPA2 WiFi network. Make sure your password is long and not common, which cannot be easily guessed.
Choose a long password for your WiFi network, which are the combination of uppercase letters, lowercase letters, digits and special characters. There are many cracking tools available which use advanced wordlist attacks for cracking the passwords and these wordlist attacks work against all the networks. Password can be cracked as long as it is the wordlist.
Change Default Settings of your Router
Many routers comes with the default settings such as with the default username and default password. Change the default username and password settings of your router which makes it more difficult for the hacker to gain access to the network.
Create Separate Network for Your Guests
If you want to allow internet connection to your guests, create a separate guest network for them. By doing this, they will be unable to connect to your internal family or personal network. This setting will secure your network and also prevent your network from infecting with viruses.
Guests networks can be created using 2 ways. One way is to use 2 separate internet connections with their own routers. Use one internet connection for personal use and other one for guests. 2nd way is to change the settings of your primary internet connection and create a guest network with its own SSID and Password.
Hide Your Network Name from the People
Routers are normally configured by default to broadcast the name of your wireless network – known as the service set identifier or SSID – to make it simple to find and connect to. SSID can also be set to “hidden”, so the other people can’t see your network name.
Besides the password of the network, you should also remember the SSID name of the network. Although it is still possible that hackers can find your network using WiFi scanning tool called airodump-ng even when it is set to hidden. But still it will give some sort of privacy and security because security is about giving many layers of protection.
Restrict Network Users by Enabling MAC Authentication
By enabling MAC authentication, we can authorize certain users to use your wireless network and restricting others to use the network. Each wireless device have a different serial numbers identified as a MAC address and administrator of the network change the settings of the router in such a way that only certain MAC addresses will be allowed to use the network. This stops unauthorized devices from accessing the network resources and acts as an additional obstacle for hackers who might want to penetrate your network.
Use of Virtual Private Network
A Virtual Private Network helps you stay safe and secure online while keeping your stuff hidden from others. They keep your data hidden from spying eyes or hackers by encrypting it. Hackers can still enter into your network but they will not be able to harm your system.
Don’t use Captive Portals for your WiFi Network
Captive portal is a web page that is accessed through a browser. The web page is shown to newly connected users of WiFi before they are given access to Internet / Network. Don’t use captive portals for your network because they are open networks and no encryption is used and there are lot of ways to get into the network.
Evil Twin Attack
An Evil Twin Attack is a fake access point which appears to be real but it is created to spy on your wireless network. This attack rely on the users that use the network and exploit the users. It work against all the networks.
The only way to prevent you from this type of attack is to educate the users and make sure that they are not the victim of social engineering attack. Ask them to always connect to the right access point. Make sure that the network users are connecting to is using encryption and they are not open networks.
Donations/Tips for Technibuzz.com
Do you find my tutorials useful? Please consider supporting my website. It is hard to keep the site running when so many people block ads. Donating money to Technibuzz is easy!
The tutorials here on Technibuzz.com are provided free of charge. If you wish to make a small contribution, you can choose one of the following options:
- BTC (Bitcoin) Address: 1BfQdqBs4sVBUijX4m8jTri51ET2w1FmrH
- ETH (Ethereum) Address: 0x498e0bf35d20b1ed80dbe9cd7437808adc5e603f
- XMR (Monero) Address:
- Paypal: firstname.lastname@example.org