Skip to main content

How to Secure Your Local Wireless Network from Hackers

Converting your office LAN in to wireless network can ensure the ease of networking by avoiding the coils of Ethernet cables. When I started my networking career, it was the confusing cables that welcomed me and my team in every office and it took time to understand which cable goes to which device since most of the Ethernet cables were not properly arranged. With the popularity of wireless network by the introduction of 802.11 ac and 802.11n, we do not need Ethernet cables to transfer data fast between devices in an office because both these wireless standards offer high data transfer speed. Though wireless makes an office looks smart, it has some security issues. It is true wireless networks are more prone to hacking compared to wired network.

Avoid Risks On Wireless Networks

A sophisticated hacker can easily intrude in to a wireless network compared to a wired network. It is because wireless offers a possibility to connect to the network if one user is in its range where in Ethernet LAN, there is no such an option. However, we can prevent any unauthorized access to a wireless network by following a set of precautions like enabling proper wireless encryption, allow guests to access just guest accounts, MAC Address filtering etc.

How to Secure A Wireless Network From Hackers

  1. Configure Best Wireless Encryption

    One of the most important steps to keep intruders from your wireless network is to enable proper wireless encryption. There are wireless encryption protocols like WEP, WPA and WPA2. Currently industry's best wireless encryption is WPA2. So it is recommended to use WPA2 for your wireless network. To read more about choosing right wireless encryption for your wireless network, read the Cisco guide.
    http://blogs.cisco.com/smallbusiness/understanding-the-difference-between-wireless-encryption-protocols/

  2. Limit the Wireless Network Range

    In most of the modern wireless routers and Access Points we have an option to set the range of the wireless network. It is wise to limit the wireless range of your network just in the boundary of your office. So anyone outside the office cannot join your wireless network even if he managed to break your wireless encryption. So your wireless network is safe from intruders.

  3. Enable MAC Address Filtering

    With MAC Address filtering you can provide another layer of security to your office wireless LAN. You can set which all devices can join office wireless network by specifying the MAC Address of the devices. Since MAC Address is physical address, no other device will have same address. However, you must understand by MAC Address spoofing a talented hacker can break this wireless security. However, this step can prevent a hacker device from joining the wireless network until he identify the barrier.
    Wireless Network Keep Connecting & Disconnecting

  4. Stop Wireless Network Name (SSID) Broadcast

    Though it is useless against a skilled attacker, by hiding SSID broadcast, you can make your wireless network invisible to common users. Your wireless network remain hidden and computers will not detect your wireless network by normal scanning for available wireless networks.

  5. Enable Guest Wireless Account

    Create guest account on your wireless router and let the guests and ordinary users in your office to join that network only.

  6. Set a Custom Router Password

    Though this step is not directly protecting your wireless network against hackers, it will protect router from users in your office to access the router setup page and change wireless settings. It is always advised to change default router password after configuring it.

Other Wireless Security Articles
  1. How to Start WLAN Autoconfig On Windows 8 Computer

  2. How to Configure D-Link Wireless Access Point

  3. How to Setup Wireless & Security On Teracom Modem For BSNL

  4. How to Configure Linksys Range Expander RE1000 & WRE54G

No:Recent Tutorials
How To Power Cycle a Modem
Setup Linksys WRT54G Wireless Router
3 How to Configure Idea 3G on Android Phone
PING: Transmit failed. General Failure
Solution for Destination Net Unreachable - Error
Destination host unreachable
How to Enable Disabled Adapter
Router Cascading Tutorial
Asianet Dataline Cable Broadband Modem WiFi Connectivity
How to Solve TTL Expired in Transit
Ping Request Could not Find Host
How to Block Websites Using D-Link Router In Home
How To Setup Cisco DPC2320 Cable Modem
How to Setup Reliance DSL Broadband Modem
How to Setup D-Link Wireless Router in to Bridge Mode
How to Setup D-Link Wireless Router Manually
How to find Login IP Address of a Router or Modem
How to Reset a Router Manually
How to Restart WZC

Comments

Sandeep R said…
Thank you Mr. George for this wonderful guide. I always Go with WPA2 enterprise encryption with RADIUS server. It is industry's best wireless security right now.
Admin said…
Thanks for your comment Sandeep
raj said…
Hi, I was said to have rom 0 vulnerability in my tdslw2type2 teracom router. I have made all tough set up , and still avast scan reveal that it is having rom 0 vulnerability. Can we block the rom O file from any body accessing thro router. There is no firmware update
i have disabled remote access, enabled SIP, disabled upnp, and changed the admin pw. Still i could not stop this problem your idea pl
Alex George said…
@Raj,

You seems have done almost every thing to prevent the rom 0 vulnerability. Only thing you can now expect is to have a firmware update from router manufacturer. May be the following link can give you more ideas but I believe you might have seen this link before.

https://discuss.howtogeek.com/t/what-is-rom-0-vulnerability-how-to-overcome-this-in-router-setting/41608

http://www.corenetworkz.com/2016/02/precautions-for-rom-0-router.html
raj said…
Hi, Thanks alex.
My router manufacturer site has an update, but there is nothing in the page 404 error.
I have seen your and HTG article. In fact, i have raised the thread there in the HTG link.
Yes of course, my dns server access point was changed by remote, preventing my internet access. I checked the gateway and then changed back to my preference to get my internet access.
Rom 0 is a configuring file, that one makes when changing the router pages, including bb pw and wifi.
What i want to know, is it flaw in net work, local area connection settings that need to be checked. Wifi limits your access to only two or three houses
Grc.com check finds, that all ports , common are stealthy. Does that not means they are closed . The gateway access point , i mention above was 169.254.90.67. I do not know which is accessing my pc to be made the internet access not available to me. Please answer
Alex George said…
@Raj,

I can recommend you add a network firewall if you are not in a limited budget other wise you must contact your router manufacturer technical support and ask them the recommended solution from their part since the update page shows 404 error.

I suggest you to install Avast and use the ''Home Network Security scanner' feature to test whether your device is still vulnerable.

If all the work-arounds fail, you will have only one option, change device. Latest models in the market seems free from Rom 0 vulnerability.



raj said…
Hi, I have changed the modem to dlink. Now i do not have rom 0 vulnerability, but instead shows weak password.
So, alex, it means that those who have older model will have to throw the device to switch to new device.
could not some provide a kind of lock of rom 0 file. I heard that when you just type your access point along with the word rom o, then it gives the option of saving your configure file. what a security lapse.
I also think that avast is doing a kind of aggressive scan and come with some kind of vulnerability or may be all the findings of avast are false positive. Thanks any how for the suggestions.
Alex George said…
It might be possible that Avast shows false alerts. If we are regularly updating the router firmware, we do not need to worry much about known bugs.

Recent Posts

Village Field Assistant in Kerala Revenue (123/2017) Examination

PSC has notified examination for the post Village Field Assistant in Kerala Revenue Department. Category number of the notification is 123/2017. According to this notification, anyone who has passed 10th Standard and having cycling skill can apply. There is no ineligibility for those having higher education standards to apply for Village Field Assistant. So, those who passed HSS, Degree etc can apply. Village Field Assistant is the new name given to the post Village Man in Kerala Revenue Department and is one of the few posts where PSC conducts direct recruitment to Revenue department. Public Service Commission conducts different examinations for each districts and there will be different question papers and cut off marks. Anyone who apply for Village Field Assistant can apply to only one district. Right now, only anticipatory vacancies are reported. So we do not know the exact number of vacancies in each districts. According to High Court verdict in 2006, women too can apply to Vill…

How to Configure Idea 4G & 3G on Android Phone -APN Settings

When you activate Idea GPRS, 4G or 3G Internet on your Android phone, your phone will receive the automatic settings. However, sometimes you may need to configure the Access Point and GPRS settings for Idea (both GSM second and third generation) connection manually on your Android phone. In case if you delete the previous configuration, it is better know how to setup the same settings again by yourself. A wrong Access Point Name can stop you from accessing their mobile broadband service. Otherwise after deleting the existing APN for Idea 3G or GPRS you may need to re-insert the SIM again to get automatic settings from them. If you know the manual configuration steps, you can avoid that hardware procedure. If you are looking for the steps to get maximum speed from Idea 4G, you may click the link below and follow the instructions. The below hack will increase the Idea 4G data transfer speed.


Boost Idea 4G Data Transfer Speed

Steps to Configure Idea 4G/ GPRS/ 3G on Android Click on Applic…

Eligibility and Exam Pattern CBI Officer Recruitment 2017 - Sub Inspector By SSC CGL

To become an officer in Central Bureau of Investigation ( CBI ) is a dream of many youth in India. Though this elite investigation agency is popular among public, many do not know the procedure to join CBI as an officer. This article explains the various criteria, eligibility, exam pattern and procedure to become a CBI officer. Two different agencies conduct examinations to fill vacancies in CBI. They are UPSC and SSC. To become a group A officer in CBI, you must choose Civil Service Examination conducted by UPSC and become an IPS officer. To join as Sub Inspector in CBI, you must go through SSC CGL examination.

Name Of the Post Recruitment Agency Group A OfficerUPSC (Civil Service Examination)Sub InspectorSSC CGL
Where to Apply
If you are dreaming to become an Officer in CBI, you must pass the Combined Graduate Level Examination (CGL ) conducted by Staff Selection Commission (SSC) in every year. You must wait for the next SSC CGL notification and prepare for the same. It is a 4 tier …

Kerala Government Higher Secondary School Teacher Recruitment

Kerala PSC has invited applications from eligible candidates to recruit Higher Secondary School Teacher for Kerala Higher Secondary Education Department. Vacancies are available for teachers in various subjects and the detailed information is provided in the chart below. Monthly starting salary of Government Higher Secondary School Teacher (Junior) in Kerala Higher Secondary Eduction is 32300-68700/-Indian Rupees. Age limit to apply for Higher Secondary School Teacher post in Kerala for general category is 20 -40 years. Usual upper age relaxation is allowed for candidates belongs to OBC and SC/ST category. Kerala Government Higher Secondary School Teacher Examination detailed syllabus and previous year question papers are updated in the charts below.
Notification NumberName of the Post Last Date to Apply 246/2017Higher Secondary School Teacher (Junior) English20-09-2017 247/2017Higher Secondary School Teacher (Junior) Political Science20-09-2017 248/2017Higher Secondary School Tea…

PING: Transmit failed. General Failure - Reasons and Solution

Yesterday while checking network connectivity, I received one error message while trying to ping loopback address from my Windows computer. The error message I received is "PING: Transmit failed. General Failure" and all the packets send from command prompt were lost. I tried to ping a different loopback address but the result was same. I fixed the issue by following a set of steps and sharing those troubleshooting steps in this tutorial hoping it may help in case if you experience the same error message PING: Transmit failed. General Failure.


Broadband Hack To Improve Speed

This is the output I received when I ping loopback address.

C:\Users\sijugk>ping 172.0.0.21 Pinging 172.0.0.21 with 32 bytes of data: PING: transmit failed. General failure. PING: transmit failed. General failure. PING: transmit failed. General failure. PING: transmit failed. General failure. Ping statistics for 172.0.0.21: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)


Reasons an…

Destination Host Unreachable - Reasons and Solutions

The error message "Destination Host Unreachable " tells that the ping request from our computer cannot find the route to the destination IP address(destination host). It means, the Packet send from your computer reached the destination network successfully but the remote gateway failed to find the destination host. So the remote gateway sends an Echo message Destination host unreachable. One major possibility for this error; there is no route listed in the remote gateway, for the packet send from your computer, to the destination host. If there is no route available, it is impossible to find the destination host and your computer will receive an error message "Destination host unreachable" from remote gateway. So one of the reason for this can be faulty routing table. If the destination host is down at the time the packet send, it may result destination host unreachable error message.


Home Made Tricks To Improve Broadband Speed

You may get Destination Host Unreacha…