As wireless network access points (APs) and wireless network adapters become cheaper and more prevalent, many students, faculty, and staff have begun using them in the dorms and their homes. While these devices deliver great convenience, they also pose a significant risk. Most access points or routers are not 'secured' by default, leaving your network traffic and computer vulnerable to a variety of attacks.
Eavesdropping
Wireless cards use radio frequencies. If your data is not encrypted, anyone with the right software can capture and read your transmissions right off the air. They could be in the lounge, out in the quad, or in their car in the parking lot...and you would never know.
Sucking Signal
If your wireless access point is not secured, other people with wireless capabilities can connect to it. Unrestricted use of your access point can lead to a loss of network performance as suitemates, neighbors, and strangers piggyback on your network service.
Masquerading
Software has been written that allows a computer to impersonate a wireless access point. Instead of connecting to the network through your AP, you could be connecting through someone else's laptop. This would allow an intruder to save and examine all your network traffic before passing it on to the regular network uplink.
How do I Secure My Wireless Access Point
First, don't panic! You only need to change five (5) settings.
| Action |
Benefit |
| 1. Change default ID . Don't use your name or "UAlbany." |
With #2, prevents generic log-ins to your AP. |
| 2.Change default Admin pw on your AP. |
Prevents others from changing your settings. |
| 3. Disable broadcasting of your wireless AP's ID. |
Won't be seen by other users. |
| 4. Limit access to the AP to your machine(s). |
No loss of performance; no additional liability. |
| 5. Enable the highest level of encryption supported (e.g., WPA2) |
Protects you from snoops! | |
Unfortunately, every wireless access point manufacturer has a different way of performing the above actions. Further, there may be variations from model to model by the same manufacturer. We've tried to put together a collection of instructions for the following vendors.
Note: All configuration changes should be performed while you are connected to to the access point via an Ethernet cable, not via a wireless connection.
UAlbany WiFi
UAlbany WiFi service is secure and limited to University students, faculty, and staff. Your Net ID and UNIX password are required for authentication. For more details, please see these instructions.
Wireless access points on campus (with the exception of the residence halls) must be installed and configured by Telecom. Personal and privately installed access points are not allowed. For additional information about installing UAlbany access points, please call 437-3800.
Public wireless services are generally insecure. Avoid sending unencrypted, sensitive information over public wireless services.
