Why Your Business SSID Should Be Named Anything Else
Businesses not interested in offering free wifi to their customers are making the mistake of naming their wifi networks after their business. Sure they are secured with a password, but that really isn’t much security these days. WEP password encryption is old can be cracked easily. Even newer WPA and WPA2 can take no time to crack. Using Backtrack 5 r3 I have retrieved a WPA/WPA2 in as little as 32 seconds. Instead of relying on new technologies to protect you there are a few simple things that you can do to make your network a little less vulnerable.
- Don’t name your wifi network after your business. If you don’t want people in your network then why give it a name that a potential intruder will recognize and target right away?
- Don’t broadcast your SSID(name of your network). Much like the the name of your network not being your business name there isn’t a good reason to broadcast to the public your network SSID. This means to join your network, most users will have to be told the name of your network and type it in.
- Turn off WPS PINs(a “Simple Config” setting on most routers) on your router if it has them. Backtrack 5 targets this vulnerability and does a great job of it.
- Turn on MAC (unique Media Access Card number)Address authentication. This is a number identifying the ethernet or wifi card you are using to access the network. Sure it’s an older way and MAC Address are easily spoofed, but every hurdle you can place in an attackers way helps. You only want certain approved devices on your network anyhow.
- Learn where to view router logs and the connected devices lists. Logs of traffic can tell you if someone has been slipping in and playing in your network. Not a bad idea to check every so often or if you suspect anything is going on.
- Change the default log in and password for your router. If someone can crack you wifi password that is NO reason to just also let them play in your router settings.
- Long multi-character passwords. This is good advice on all passwords.