Print This Issue

One Step Ahead
April 3, 2007, Volume 53, No. 28

One Step Ahead

Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.

A Home Wireless Network

The affordability and ease of use of basic wireless access points (WAPs) has prompted many Penn users to set up “hot spots” at home. If you choose to set up your own wireless network, be aware of the following security issues and guidelines to prevent others from accessing your network and your data.

• Change the default passwords on all WAPs you use on your wireless network to strong passwords of your own choosing. This prevents intruders from taking control of your network by using published lists of manufacturers' default account names and passwords or by simply guessing frequently used ones. Being in control of your own network is just as important as being in control of your own computer.

• Change the default  SSID, or “name,” of each WAP to a unique name of your own  choosing.

• Disable  broadcasting of your network name (SSID) to make your network less visible  to unauthorized users.

• Enable and require the strongest encryption that your WAPs offer in order to encrypt traffic traveling across your wireless network. In many cases this will be 128-bit Wireless Encryption Protocol (WEP), but many units now offer a superior alternative, Wi-Fi Protected Access (WPA).

• Regularly check  for, and install, updated versions of the firmware for your WAPs and  software drivers for your wireless Ethernet adapters.

• Enable and require  MAC (Media Access Control) address filtering on each WAP. This will let you specify which individual computers may access the WAP, identified by  the unique MAC addresses associated with their Ethernet adapters.

For more information about securing home wireless networks, read the Guide to Information Security at www.upenn.edu/computing/security/brochure/brochure_current.html.





For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/.

Almanac - April 3, 2007, Volume 53, No. 28