With the introduction of ADSL Internet connections, TVL is also offering a couple of options for sharing that connection – both consist of multi-function devices, one requiring a cable from each sharing computer, one providing wireless access. Anyone using or thinking of using the wireless option (or using wireless for any computer connections for that matter) should make sure their security protections are effective.
Wireless security applies to two areas. Firstly, to prevent other people from using your internet connection for their own purposes (a practice known as “war-driving”). Secondly, to prevent other people from snooping on what you do over the wireless link (eg. copy ing your data files, reading your email, stealing your user-names and passwords).
Wireless security is still harder than it needs to be, but all the same is not difficult. There are three levels of security to consider ; encryption, announcement, and guest-list.
Most important is to encrypt the data that is sent out over a wireless link. Remember, this is a radio technology, whatever you do on that wireless link is broadcast over a wide area. It has been reported that standard wireless signals can be captured up to a couple of kilometres away – switch on in Malapoa and over at Numbatu someone could be watching what you do. Encryption technology started with WEP (wireless encryption protocol) but this is widely discredited as being relatively easy to break using tools that can be downloaded off the internet. The current standard is WPA (WiFi Protected Access), so make sure that you are using this type of encryption.
Wireless base stations (the device to which your wireless computer(s) connect) need to be given a name, so that you know you are connecting to the right one. By default, this name (the SSID) is broadcast to all and sundry, which makes detecting your wireless link easy. It is possible to switch off the broadcasting and manually tell your computer what the SSID is.
Finally, you can tell your wireless base station to ignore all requests for connection unless the requester is on a list of permitted devices. In other words, “yer name's not on the list, yer not comin' in!” as nightclub bouncers would put it. This entails finding the 'MAC address' of all wireless computers and putting it into the base station's list of authorised devices then telling it to ignore everyone else.
The latter two steps (switching off SSID broadcast and restricting MAC addresses) can also be defeated by a determined hacker, but at least they make things difficult. Most important is to make use of effective encryption between your computer and your base station – taking your internet connection is rude, but reading your email and capturing your passwords is dangerous. Make sure you are protected if you want to enjoy the freedom of wireless connections. Most IT providers should be able to help if necessary.
Any IT questions & comments? Email
- Tony Phelps is part of the Merlin Pacific IT team, dedicated to effective & efficient business IT (see www.merlinpacific.net).
