Have you ever noticed when you connect wirelessly how many other networks are in the area? Maybe you didn't pay much attention, but think about it. You can see your neighbors' connections and they can also see yours. That means that if you didn't protect your network, they can connect to you and maybe see your bank information, or maybe put files on your computer. What would happen if the neighbor you hate put some child pornography on your computer then made an anonymous call to the cops? Scary right?

But relax; by setting some basic security controls, the chances of that happening become far more remote. Since I have Verizon FiOS (as of the time this article was written), I'll use that to demonstrate.

There are many different wireless router configuration and control screens, but the following techniques should be available for all of them. Keep looking until you find them!

Let's start with some basic settings:

Basic Settings

Change the SSID

The SSID is essentially the name of your wireless network. You'll need to know it to connect to the network and it's what shows up when you see all those networks in your neighborhood as in the picture above.

The reason you want to change this is that the default is often the brand and model of the router. If you're trying to be secure, broadcasting that information only makes it easier for the bad guy to know what kind of equipment he's up against.

Doesn't matter what you change it too as long as it's not the default

Change the Channel

Wireless routers operate on a few basic radio frequencies called "channels" to keep things simple. By changing the channel your router uses, it will be harder for bad guys and snoops to connect, but even more importantly, the default channel (usually 6) is going to be crowded. Changing to anything else will likely improve your connectivity too!

Doesn't matter what you change it too as long as it's not the default

The next section is for wireless security, but don't do it here. The only option available is WEP which doesn't work. Hit the advanced settings screen to find strong encryption options. For Verizon, here's the advanced settings screen where we can get into the meat of security:

Under Wireless Settings, you'll can find this Advanced Settings screen

Advanced Settings

Encryption

Turning on encryption is important to keep prying eyes from seeing what you transmit and also to keep them from connecting to your network. While ANYONE can connect to a completely unsecured network, there are simple tools that can be found online to break through the oldest encryption methods WEP and WPA.

Unless you want to be caught with your pants down like TJX, don't use weak security. Right now, the most effective option is to set WPA2.

Once you click the button for WPA2, you'll see several options. First, enter a nice strong password. When given the option, use AES encryption or better (better would be AES+something, but make sure AES is in there somewhere).

The Verizon FiOS WPA2 security settings screen.

SSID Broadcast

Your wireless router is likely set by default to broadcast it's SSID (which is used to make a connection to you). That's like a soldier deep in enemy territory calling out "HERE I AM" every few seconds. Step one is to turn that off!

Turn OFF SSID so no one knows you're there.

When you turn off SSID, it will make it so your network doesn't show up in the "Available Networks" box. This isn't perfect because there are still ways to find you, but at least you're not shouting your presence to the whole world anymore.

MAC Authentication

In this case, MAC doesn't refer to a certain apple-themed computer company, but instead to network card serial numbers (called MACs). If you only have a few computers and don't have people coming to visit all the time that want on your network, this is great security technique. Think of it this way, you set a list of computers that can connect to you and anyone who's not on the list is rejected.

Step 1 is to get the MAC addresses for all your computers. Write them all down or make note of them in some way.

Step 2 is to use the MAC authentication screen in your router to make your "list" of computers that are cleared to enter.

That's it! The key here is to remember that if a cousin or friend visits and needs to get online, you'll have to go to your router and add their MAC. Same if you buy a new computer and want it to connect.

Change the Router Password

One last, and very important, thing; change the stinking default administrator password! There are several ways to bypass all your other security if you leave it blank or default.

Change that default password!

Note I'm not talking about your wireless password here, but the password you use to connect to the administration screens for your router. And remember to use good passwords!

Connecting to a Secured Network

Now that you're locked down and everything is good, here's the step by step for getting any computer connected to your router:

1. Get the MAC address of your computer's wireless network adaptor.
2. Get on a computer that's already connected to the router or is connected physically and use your spiffy new administrator password and log into your router's control screen (usually by entering either 192.168.1.1 or 192.168.0.1 into your browser's address bar).
3. Find the screen for MAC authentication and add the new wireless card to the OK list.
4. Get on the computer that you're adding and set up a new wireless network manually.

   Manually adding a wireless network in XP

   1. Click Start > Control Panel > Network Connections
   2. Right-click your wireless connection and click Properties
   3. Click the tab labeled "Wireless Networks"
   4. Click "Add" and in the screen that appears, enter all the data for your network
   

   Adding a wireless connection manually in XP
5. Click OK on each menu

That's all!

Wireless routers are great aren't they? With them, you can connect desktop computers without running wires all over the house and your laptops will work upstairs, downstairs, outside or whereever you are.

But maybe you've noticed when you try to connect that there's lots of other wireless networks around. Have you ever tried to connect to one? If your neighbor has left their wireless open and unlocked, you can get on their home network and maybe browse their files. Well that also works in reverse; if you haven't set your network up right, your neighbors might be browsing through your computers.

1) TJX is the parent company of several other companies including TJ Maxx. Each of those companies shared data with TJX creating a massive database (and a single target for the hackers).

2) TJX (and others) shouldn’t have stored the credit card data in the first place and when they did, they should have used better security.

Though they’ll blame “clever hackers” for the breach, the fault instead lies squarely with TJX who’s business practice of storing credit cards against people’s will along with negligent use of outdated wireless encryption (WEP) first created a giant target and then then left a gaping hole for the bad guys to be able to go and get it.