Security

Reducing Wireless Signal Range for Increased Security

How can wireless signal strength be configured to reduce unauthorized use?  What else can be done to reduce wireless signal leakage?

     The security of your wireless network is crucial in ensuring your data is well protected and your network is operating at peak conditions. There are several easy things one can do to improve the security of a Wi-Fi system, and some deal specifically with reducing the wireless signal’s leakage.

Turning off SSID broadcasting and changing its name can help limit your network’s exposure. Attackers commonly know the default names that ISPs and router manufactures use, so if an unauthorized user knows what type of router you use (often by looking at the default name of your network), they can then create a customized attack. I tend to find the network name (FBI Van 1) humorous and further thwarts undesired eyes from your network. Although it sounds simple, many users forget that just turning off your network when you are not using it can also reduce the time that a malicious attack can be made against it.

While guest networks have benefits such as not allowing guests to access your entire system, they are somewhat of a double-edged sword. Guest accounts are helpful in small businesses such as coffee shops, where customers may want to use a computer and only need access to specific content. However, if guest accounts do not have any form of password to log in, you are opening yourself up to anyone who wishes to access your network; for a hacker, this is often the only foot in the door they require.

A rogue access point is defined as a wireless access point that has been installed on a private company’s network (or home/personal network) without proper authorization. These rogue access points can create quite a massive headache unless defended against.

How your company’s IT department discovers rogue access points are critical as well. Sniffing tools can be used to physically survey the various facilities for wireless LAN signals and determine which ones are rogue. These LAN signals can even be coming from loading docks, truck terminals, and smaller areas that can go unnoticed. Constant maintenance of these areas mentioned can strengthen your defense against rogue access points. An IT department must continuously teach the other employees about safe internet usage and inspect the company for rogue access points without rest.

With the increase of popularity of cell phones that can act as Wi-Fi access points, these previously mentioned defense tips for protecting against rogue access points will need modifications, such as controlling the use of Wi-Fi access points and even inspecting employee’s cell phones if a higher level of security is desired.

Routers only support a certain amount of square feet in coverage, sometimes needing additional routers or repeaters. In an office setting, a more advanced router will be required due to the higher traffic load, external line costs, and congestion. An adequately positioned router or WAP will pay attention to how far their wireless signals can reach; providing access from outside of a building can be limited by reducing the signal via software, using building material that creates interference (such as anti-Wi-Fi paint), using the “radio power” setting that some routers come with, or by merely moving the location of the router/WAP to a more centralized position. If a router has antennas, they can be altered as well, facing different directions. If one wanted, they could literally turn a building into a giant Faraday cage, which is something that I am sure is done when highly sensitive data is concerned.

References

Hoffman, C. (2017, July 5). How To Get a Better Wireless Signal and Reduce Wireless Network Interference. Retrieved May 17, 2021 from https://www.howtogeek.com/126327/how-to-get-a-better-wireless-signal-and-reduce-wireless-network-interference/.

Simpson, M. T., & Antill, N. (2017). Hands-On Ethical Hacking and Network Defense. Boston, MA. Cengage Learning.

Categories: Security

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s