Protecting Your Access Points

While discussing default settings, I mentioned changing default administrative passwords and IP addresses. These two steps are important to help protect your access point. If you fail to do these things, it can be easy for an intruder to take control of it. Once he does that, he grants himself legitimate access and circumvents all your security precautions.

If an attacker knows what kind of access point you have, maybe because you're still using the default SSID, he will know what the default IP address range is. If you're still running DHCP, once he connects to your WLAN, he can look at the IP address your access point assigned him and, voila, he knows the address scheme. From there, he can guess the IP address of the access point.

For example, if you have a Linksys wireless access point, the default address range is usually 192.168.x.x. The default IP address for the access point itself is probably 192.168.1.1. If it isn't 192.168.1.1, then it's probably another number close to that (192.168.1.2, 192.168.1.3, and so on).

Almost all wireless access points have a Web interface that allows you to configure the access point using a Web browser. If the attacker knows the access point's IP address, all he has to do is enter it into his browser to connect to the Web interface. Provided that you haven't changed the default username/pass-word, he can enter those as well because he will know what they are, and he will be in control.

Take the time to change the defaults in order to protect your access point. If you don't do this, you will undermine all of your other security measures.

Using a layered approach

Besides changing default settings to secure your access points, there are some other tools in your arsenal that you can use to protect your data. By using all of these tools, you can take a layered approach to security, with each tool addressing a different threat. The first layer of defense is changing all the default settings and using encryption to secure the network against intrusion to the best of your ability.

Using firewalls and antivirus software, you can extend the protection to individual computers and protect your data if your first line of defense ever falls. Even though no security is totally invulnerable, each layer adds to the robustness of your defense and makes it more of a headache for any cracker trying to get to your data. We're adding more bricks in the intellectual firewall.

Leave a Reply

Related Contents

Digidealers.com © 2009. All Rights Reserved.