So you're having a big party and inviting friends over who are bringing their friends along. No doubt you have everything ready to throw a big bash.
Except one thing….
Is your home network secure enough to handle that dodgy looking friend - friend who ask you if he can have the password to connect to your wireless network?
This is when reality sets in and you realize more attention should have been made with locking down devices on your network. Time to panic.
Instead of having moments like this, let's look at some tips for locking down your home network from the inside.
Tip #1 - Use Wireless Router Guest Mode
If there was one feature with wireless routers that is worth every penny, it's guest mode (as long as router manufactures don't botch guest mode implementation….yes Linksys is one of them).
Using guest mode isolates your main network and prevents guests from casually snooping around on the network. It also prevents the use of sophisticated network tools from scanning the inside network.
Sort of like locking the refrigerator and making guests use the cooler full of cheap beer. It can also prevent malware from infiltrating devices on you main network.
The other benefit of guest mode, is that you don't need to give anyone your normal Wi-fi passphrase. All you need to do is give them the guest passphrase. Then the next day you can change the password, so nobody from the party can park outside your house and hog your bandwidth. Make sure you reboot the router so everyone gets kicked off your Wi-fi connection and can no longer reconnect (because the password has been changed).
Also with guest mode, you will actually provide a service to your guests, since the connection will be WPA2 encrypted which prevents passwords from being sent in the clear over the network when they log into Facebook or access email.
Tip #2 - Use A Password On Your Computer
Do you usually leave you computer on all time? Is it in a room that's centrally located? If so, now is a good time to password protect it so nobody can walk up to it and start using it. Think about what you have on your computer - files with personal information, a browser with a gold mine of browsing history, or your music library that can easily be copied to a USB drive.
Sure it can be a hassle at times to always log on to your computer after start up or when it's idle and the screen saver kicks on, but after a while you will get used to it. Just make sure to use a hard to guess password. Check out these tips for making strong passwords that are easy to remember
Tip #3 - Disable WPS (Wi-Fi Protected Setup)
Speaking of walking up and using your devices. The same can be said with wireless routers and the Wi-Fi Protected Setup (WPS) functionality. If you router WPS is push button (usually found on back of router), and depending on how WPS is implemented on the router, anyone can walk up and push the button allowing them to easily connect to your network.
In a nut shell. WPS lets you join a secure Wi-Fi network without selecting the network name and entering the password. When the button on your router is pushed, network discovery of new devices is turned on. At his point, all you need to do on your smartphone is select the network and your device is automatically connected.
Not something you want in your house, just for the sake of conveniently connecting devices to the network.
Another reason to disable WPS, is if PIN functionality is used. While it may sound like the use of a PIN is secure, the problem is with how its implemented and that it is vulnerable to brute force attacks. To learn more about the issue with WPS and PINs, check out the following article at Digital Citizen.
Not all routers allow WPS to be disabled and that's a shame. But if your router does, now is a good time to disable it.
Tip #4 - Easy Access Means Shenanigans At Your Expense
One thing that irks me with technology, is with convenience over security.
For example, can your printer configuration be accessed with a web browser on your wireless network with out entering a password? If so, you may want to set a password (especially if guest mode is not an option on your router) to avoid any mischievous activity with someone jokingly printing all night long.
Unfortunately not all printers can be password protected. If this is case, there is not much you can do, other than unplug it from the wall outlet (hey…it's only for one night and better than finding all the paper on the floor than in the tray).
Tip #5 - Anything Else On The Network?
You remember that commercial - "What's in your wallet"… well the same can be said about - "What's on your network".
With everything becoming Internet smart, from refrigerators, to TV's, to thermostats, who can keep track of all network connected devices? No time for lazy thinking.
The easy way to find out, is by logging on your router and see what devices are connected. If for some reason your router does not have this capability (might be a good time to buy a new router
), you can easily discover connected devices from your smartphone with the tool Fing. To learn more with how to use Fing, check out the article: How to Hack Your Family and Friends Wireless Network.
Once you have identified all connected devices, look and see if they are secure. If they are not, can they be secured either with a password or some other means. Otherwise, Tip #6 may be the last alternative you have for securing devices.
Tip #6 - When All Else Fails, Shut it Off
Sure it may sound extreme, or even paranoid. But it's better than being hacked by a prankster.
And there is no better way to squash that prankster than by unplugging things that cannot be secured. Just for one night of course.
Remember, its your place. Unfortunately wireless networks has no boundaries other than distance. But with a little common sense, you can have more control with locking down access to your domain.
P.S, your not really serious about putting cheap beer in the cooler… 😉
Comments on How To Secure Your Wireless Network From Guests On Your Home Network
Nahh I don't think that anyone will go through the effort of attending a party just to hack someone who is connected on the same local network. Even still, I get the point. Thanks for the help.
I learned two new things from here.