If you are using a wireless router,
you need to configure wireless security and networking options after
installing your network adapters. You need to do this even if you are
just using it for its wired Ethernet connections, and don’t plan on
using its wireless capability.
You really do have to worry about
wireless network security. In my home, I can pick up signals from four
separate wireless networks: mine, the house next door’s, and two others
(I can’t tell whose they are). It’s not uncommon to find that you can
receive signals from several neighbors. And people do actually drive
around with laptops in their car, looking for free Internet access. To
protect against both freeloaders and hackers, one or two protection
techniques are used: encryption, which scrambles data, and authentication,
which certifies that a given computer should be allowed to connect to
the network. You can use either encryption alone, or both encryption
and authentication.
1. Wireless Network Setup Choices
To be able to distinguish your network’s
signal from others and to secure your network, you will be asked to
make the following choices when you set up a wireless network:
• An SSID (Service Set Identifier)—A
short name that you give your network, up to 32 characters in length.
This could be your last name, your company name, your pet’s name, or
whatever makes sense to you.
• A security type—The
authentication method that your network uses to determine whether or
not a given computer should be allowed to connect. For home and small
office use, the choices are as follows, in order of increasing security:
• No Authentication (open)—No authentication is performed; any computer can connect to the network.
• WPA-Personal—A
method that uses a passphrase to validate each computer’s membership in
the network. The passphrase also serves as an encryption key. Like WEP,
it has been found to be insecure. Don’t use it unless your wireless
router can’t use WPA2 and its software can’t be upgraded
• WPA2-Personal—An improved version of WPA-Personal. This is the best choice for home and small office networks.
On corporate networks, other security
types are sometimes used: 802.1X, WPA-Enterprise, and WPA2-Enterprise.
These systems use a network server, smart card, or software certificate
to validate network membership.
Caution
If you want to use file and printer sharing on your wireless network, you must use wireless security. Otherwise, random people will be able to get at your computer.
If you want to set up an “open” wireless
hotspot to share your Internet connection with friends, neighbors, or
the world, that’s great, but you must not use file and printer sharing
on the same network.
• An encryption type—The
encryption method used to secure network data against eavesdropping.
The options available depend on the security (authentication) type
selected. The choices, in increasing order of security, are as follows:
• None—No data encryption is performed. This option is available only when the security type is set to No Authentication.
• WEP—Data is encrypted using the WEP protocol, using a 40-, 128-, or 256-bit key. WEP encryption can easily be broken by a hacker.
• TKIP—An encryption method that can be used with any of the WPA security types. A better choice is, however, is AES.
• AES—An improved
encryption method that can be used with any of the WPA security types.
AES is more secure and may offer faster network transmission. This is
the best choice for home and small office networks.
• An encryption key—The
key used to encrypt and decrypt data sent over the network. The
different encryption methods use keys of different lengths. Longer
(more bits) is better.
• For WEP
encryption, Windows 8 supports 40-bit and 128-bit security. A 128-bit
WEP key must be exactly 26 hexadecimal digits—that is, the numerals 0
through 9 and the letters A through F. It could look something like
this: 5e534e503d4e214d7b6758284c. You can Google “Random WEP Key Generator” if you want help coming up with one.
A 40-bit key consists of exactly ten
hexadecimal digits. Windows 8 will let you join an existing 40-bit WEP
network but not create a new one.
Some routers and some earlier
versions of Windows let you enter a WEP key as a text phrase, but the
text method was not standardized, and was pretty much guaranteed not to
work across brands of wireless routers and access points, so it has
been abandoned.
• For WPA or WPA encryption, enter a
passphrase: a word or phrase using any letters or characters, of eight
or more letters—the more the better, up to 63. The passphrase is case
sensitive and can contain spaces, but must not begin or end with a
space. You might use two random words separated by punctuation symbols
(for example, something like “topiary#clownlike”).
• The encryption key should be kept
secret because, with it, someone can connect to your network, and from
there get to your data and your shared files. (I usually write it on a
sticky note that I put on the bottom side of the router.)
• A channel number—The
channel number selects the frequency used to transmit your network’s
data. The channels used in North America are usually 1, 6, and 11. The
other channels overlap these and can interfere with each other. For
double-bandwidth Wireless-N, the choices are 3 and 11. The preferred
channel numbers are different in other countries.
Why are there so many different security
methods? Because thieves, like rust, never sleep, and it seems that as
soon as a new, safer method is standardized, someone figures out a way
to break it. WEP stands for Wired-Equivalent Privacy, but that turned
out to be a bit too optimistic—a determined person can break WEP
security in as little as a minute. WPA (which stands for Wi-Fi
Protected Access) uses an improved encrypting scheme, and can deter
most attacks, but it, too, turns out to be crackable. WPA2 is a further
improvement upon that, and it’s the best option we have at present. It
should deter even the most determined hacker (although I suspect that
it wouldn’t keep the National Security Agency scratching its collective
head for too long, if you know what I mean).
Note
If you don’t use a router, but just want to create a wireless network between two or more computers, you are creating an ad hoc
network.
Finally, one more bit of nomenclature: If you have a router or access point, you are setting up what is called an infrastructure network. Windows 8 has a wizard to help you choose the correct settings. We’ll go through this in the next section.
Which methods should you
use to set up your network? On a home or small office network, you’re
limited by the least capable of the devices on your network—your
weakest link. So, use the strongest encryption method and the longest
key that is supported by all of the devices and computers on
your network. This means that if you have even one computer that
doesn’t support WPA, you need to use WEP, and if you have even one
computer that doesn’t support 256-bit keys, you have to use a 128-bit
key. If you have a router, access point, or network adapter that
doesn’t support WPA, it’s worth checking to see if you can update its
internal software (firmware) or drivers to support this stronger
encryption method.
Note
Windows 8, 7, Vista, and XP with
Service Pack 3 all have built-in support for WPA2. If your router
doesn’t support WPA2 or WPA, you might be able to install updated
firmware to get it. If that’s not possible, a new wireless router
shouldn’t set you back more than $40 to $90.
