When using a wired network, it is extremely difficult for an attacker to intercept your connection and steal bandwidth, whereas when using a wireless connection others can see and potentially access your wireless network, sometimes within seconds, enabling them to use your bandwidth and steal any information that is shared over the network. Wireless signals can be picked up from somebody in a neighbouring building or sitting in a car near your house, which is why they can be so unsecure. To make the problem worse some routers get delivered with encryption disabled, meaning anybody can connect to the network without having to enter a password, most homeowners don’t know that they need to enable anything leaving them very vulnerable.
The good news is that it is not very hard to make your wireless network secure, which will both prevent others from stealing your internet and will also prevent hackers from taking control of your computer through your own wireless network. Changing the SSID will make it harder for hackers to find out what router you have, if you leave the SSID as “BtHomeHub-4106” Then any attacker will be able to see you have a Bt HomeHub, they can then try the default admin password and could gain access to your routers admin settings. You can even turn SSID broadcasting off, meaning when a user searches for a wireless network, yours will not appear. You can then connect to your network manually by supplying the SSID name. The most popular method of securing a wireless network is using encryption such as WEP, WPA, or WPA2. WPA2 is the most commonly used type of encryption as it is the most secure and most updated version. Using encryption will mean that anybody trying to connect to your network will have to enter a passphrase, without the unique passphrase they will be denied access to the internet, therefore making your network more secure. This however can still be bypassed my skilled attackers, to make encryption even more secure, it is important to change the default passphrase so it is 100% unique, this is because attackers can sometimes crack default passphrases and still gain access to your network. Ensure you change the passphrase to something very secure; you can do this by making it long and including characters, numbers and symbols.
The most effective and secure method is by disabling DHCP, meaning your router will not automatically assign IP addresses to anybody that wants to connect to the network. Instead you can assign static IP addresses and give the router a list of MAC addresses. This means that only the computers you have listed are able to connect to the network, making it virtually impossible for an attacker to gain access to your network, unless they physically break in and use your own computer. Putting your router in the middle of you house, rather than next to a window will also help make it secure, this will mean that anybody outside of your house will have a poor connection if they do manage to connect to your network.
Wired networks are generally considered more secure, this is because to gain access to the network you need to be physically connected via a wire. They are not however completely safe, there are a number of things you can do to ensure your network stays secure. The main obvious one being the physical security, keeping server roomed locked and only allowing access to authorised members of staff will greatly decrease the chance of a security breach.
Using a shielded cable is another good method of keeping your wired network secure, if you use and unshielded cable somebody could place a tapping device on the cable and pick up all data flowing through it, therefore accessing your data. Having cables on show is another security risk, it is best to keep them on the ceiling or somewhere out of reach or even underground. IPSec (Internet Protocol Security) is a set of protocols developed to support secure exchange of packets at the IP layer. When communicating over the network having IPSec will ensure the packets of data are not tampered with. Having a strong security policy and training staff properly so they are aware of the risks should also prevent any security breaches.
Using security tools and applications to monitor the network will help secure both wired and wireless networks; applications that could protect the networks include IDS, proxies and firewalls to restrict user usage and other things.
It is ideal to have physical security for both wired and wireless networks; this is like the first line of defence for the network. If someone gains access to the physical network they will be able to do a lot of damage. Also having firewalls, IDS and anti-virus is recommended for both types of network. Keeping the operating system and all applications up to date is also very important, this might help the software run faster and detect any new viruses or security threats.