Types of Security Problems

There are many goals for attacks. Don't assume your network is safe just because you don't do critical work on it.

1. Snooping. Reading private mail and other personal files.
2. Destroying or corrupting computer data: Making files unusable, or making a whole computer unusable.
3. Stealing computer data: Taking credit card numbers, email addresses, company information, etc.
4. Stopping computer from functioning properly: Blocking incoming traffic so that intended users cannot get access, etc.
5. Misusing computer resources: Sending spam without you knowing it, etc.
6. Pranks: practical jokes, breaking in just because it's a challenge.

While wireless networking with Windows XP is great, you have to be mindful of the fact that it works like radio broadcasts: anyone with the proper motivation and equipment can "listen" to your wireless communications. You should secure your network by carrying out all of these steps:

1. Change the default Service Set Identifier (SSID). The software that came with your Wireless Access Point (WAP) will allow you to change the SSID (the SSID is the name that appears for the wireless network when Windows XP detects the network).
2. Stop your WAP from broadcasting your SSID. This means that anyone who wants to connect to your WAP will need to know the SSID in advance; they can't just get within range and pick up the name automatically. On some Access Points to turn off SSID broadcasting set your home AP to closed network. This turns off the SSID broadcasting feature on the AP.
3. Evaluate whether to turn on Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) on your home network. WEP is a protocol that encrypts data as it travels across a wireless network, making it unreadable even if it's intercepted. If you use one machine both at home and at work, you may need to turn WEP on for your home network and turn it off when on the work network. Yes, WEP has been cracked, but it takes time and effort. WPA is wireless security with far greater protection than WEP. It avoids most of WEP's vulnerabilities. WPA is effectively unbreakable with current technology [more info].
4. Use MAC address controls. Your WAP software allows you to specify which wireless network cards are allowed to use it, based on the Media Access Control (MAC) address. Every computer has a different MAC address assigned to its network card.

While no security scheme is perfect, carrying out the above steps is like locking your doors before you go to bed and turning on your alarm system. With enough determination, a bad guy can still get in - but you've made it harder.

If one day you notice one or more strange computers on your wireless network its probably your neighbors' with a wireless access point installed. Hopefully you have secured your wireless network with an encrypted WEP and hid the ID of your access point as instructed above. Is there a way to notify your neighbors' that they are broadcasting all over the neighborhood? Yes there is a way if your know what their IP addresses are.

Wireless security is a huge issue. Best practices dictate using Wired Equivalent Privacy (WEP) encryption and changing the default SSID and default administrator password, but it's very common for people to leave their wireless access points (WAPs) with the default configurations. This leaves the networks to which these WAPs are connected wide open for anyone to connect to. There are several ways you can let people know that they have an open WAP, but you have to be careful because "no good deed goes unpunished." You have to make sure you don't access any resources on their networks, or else you could be prosecuted in some jurisdictions. One thing you could do, without accessing anything on the other network, is use the Messenger Service. Open a command prompt and type the following:

Net send COMPUTERNAME Your Wireless Access Point is Unprotected!

and press ENTER. The COMPUTERNAME is the name of the computer you're seeing in your My Network Places window. If your neighbor left the Messenger Service running (and they probably did, if they left the WAPs unprotected), they will get the message.

NOTE: Do you have multiple Wireless Access Points (WAPs) in your home or business? If so, you need to be aware that Windows XP SP1 ignores the preference order you set in your wireless configuration properties if one WAP broadcasts its SSID and the other doesn't.

If you are interested in learning more:  Firewall and Perimeter Security