Locked Down!

When Is Wireless Security Too Tight?

I've had my WiFi router hooked up for a while now, but I never got around to setting up the security features. Yeah, I know, this is less than good, but I figured none of my neighbors were really that computer savvy, and my router is in the basement to reduce the range. Also, I used the ultimate security feature- I shut the whole thing down when I'm not home so that it's 100% secure.

Anyway, a few weeks ago, I decided to lock it down, and I started to realize how vulnerable I had theoretically been. First of all, I named my wireless network for the brand of the company, Belkin. By doing this, all someone would need to do is go to the Belkin website and see what that company uses for an URL, type that in within range of my router, and they would be ready to get right in. There is a password to enable one to change settings, but I never bothered to set that up either. And of course, I didn't bother to setup any encryption protocol. In short- this was not the way to do things no matter how nice my neighbors are as one never knows who might be wardriving by.

So, I changed the name of the router to a different company to confuse would be hackers, and setup an administrative password to guard the settings. So far, so good. When choosing a wireless security protocol, it's a choice between WEP and WPA. The WEP (wireless equivalent privacy) is the older standard, but just about everyone agrees that it's real simple to break into, and offers almost no resistance to those that would want to get it. This is because the same key gets transferred back and forth, so that a diligent cracker will be able to grab the key. This leaves us with WPA (WiFi Protected Access) which is much more secure as a different key gets generated each time (kind of like "rolling code technology" for garage doors and car remotes). So I setup the router, and my desktop which uses a recent USB adapter, and had no problem with the WPA encryption. So far, so good, and I felt better about the security situation.

While I did this, my notebook was out of town on a trip to Texas. I decided to connect it to the internet this week, and it was a no go. Despite knowing the code for WPA, I couldn't get it to connect. I first tried the built in wireless, but it appears that the Averatec 3250HX's built in WiFi doesn't support WPA. I next tried the Belkin router card that goes with my router. I even tried removing the driver and reloading it. Apparently it does support it, but only if Windows manages the settings. While I get an option for a WEP key, there isn't one for WPA. It's kind of strange, but the choices get grayed out. I was about to accept the fact that maybe it would be just easier to plug it in directly to the router, but then I tried one more USB WiFi adapter from Zyxel. For whatever reason, this one worked fine with the WPA, and I could enter the key and get online with no issue. This is a better solution than having to nuke things and try reloading in the hopes that one of the settings got screwed up. Weird, huh?

So, that is the tech adventure of the week. I'm starting to wonder if I would have been better off leaving the router open and not wasting time with this. Perhaps that is why there are so many open networks out there. At least I proved that my network is secure- maybe a little too much at this point.

--Jonas