If you already have several computers networked in your home, you can create a wireless network with a wireless access point. If you have several computers that are not networked, or if you want to replace your ethernet network, you'll need a wireless router. This is a single unit that contains:
A wireless router allows you to use wireless signals or ethernet cables to connect your computers and mobile devices to one another, to a printer and to the internet. Most routers provide coverage for about 100 feet (30.5 meters) in all directions, although walls and doors can block the signal. If your home is very large, you can buy inexpensive range extenders or repeaters to increase your router's range.
As with wireless adapters, many routers can use more than one 802.11 standard. Normally, 802.11n routers are slightly less expensive than others, but because the standard is older, they're also slower than 802.11ac or 802.11ax.
Once you plug in your router, it should start working at its default settings. Most routers let you use a web interface to change your settings. You can select:
- The name of the network, known as its service set identifier (SSID). The default setting is usually the manufacturer's name.
- The channel that the router uses. Most routers use channel 6 by default. If you live in an apartment and your neighbors are also using channel 6, you may experience interference. Switching to a different channel should eliminate the problem.
- Your router's security options. Many routers use a standard, publicly available sign-on, so it's a good idea to set your own username and password.
Security is an important part of a home wireless network, as well as public WiFi hot spots. If you set your router to create an open hot spot, anyone who has a wireless card will be able to use your signal. Most people would rather keep strangers out of their network, though. Doing so requires you to take a few security precautions.
It's also important to make sure your security precautions are current. The Wired Equivalency Privacy (WEP) security measure was once the standard for WAN security. The idea behind WEP was to create a wireless security platform that would make any wireless network as secure as a traditional wired network. But hackers discovered vulnerabilities in the WEP approach, and today it's easy to find applications and programs that can compromise a WAN running WEP security. It was succeeded by the first version of WiFi Protected Access (WPA), which uses Temporal Key Integrity Protocol (TKIP) encryption and is a step up from WEP but is also no longer considered secure.
To keep your network private, you can use one or more of the following methods:
- WiFi Protected Access version 2 (WPA2) is the successor to WEP and WPA, and is now the recommended security standard for WiFi networks. It uses either TKIP or Advanced Encryption Standard (AES) encryption, depending upon what you choose at setup. AES is considered the most secure. As with WEP and the initial WPA, WPA2 security involves signing on with a password. Public hot spots are either open or use any of the available security protocols, including WEP, so use caution when connecting away from home. WiFi Protected Setup (WPS), a feature that ties a hard-coded PIN to the router and makes setup easier, apparently creates a vulnerability that can be exploited by hackers, so you may want to turn off WPS if possible, or look into routers that do not have the feature.
- WPA3 was released in 2018 and became the security standard as of 2020. It aims to solve some of the vulnerabilities in WPA2 by putting much more complex encryption on both the router side and client side of the connection. This encryption also changes over time, meaning if a hacker had managed to access an unauthorized connection at one point in time, they would be locked out again the next time they try to connect. WPA3-enabled devices can also add some client-side encryption while using open public networks.
- It's worth noting that no matter how secure, a wireless network will surely have some method of exploit that can be used by hackers. When it comes to sensitive government or corporate data, a simple wired connection is the more secure alternative. In order to access or spy on a wireless network, a hacker has to be within physical range of the router, so attacks at home are not very likely to occur.
- Media Access Control (MAC) addresses filtering is a little different from WEP, WPA or WPA2. It doesn't use a password to authenticate users — it uses a computer's physical hardware. Each computer has its own unique MAC address. MAC address filtering allows only machines with specific MAC addresses to access the network. You must specify which addresses are allowed when you set up your router. If you buy a new computer or if visitors to your home want to use your network, you'll need to add the new machines' MAC addresses to the list of approved addresses. The system isn't foolproof. A clever hacker can spoof a MAC address — that is, copy a known MAC address to fool the network that the computer he or she is using belongs on the network.
You also can change other router settings to improve security. For instance, you can set it to block WAN requests to keep the router from responding to IP requests from remote users, set a limit to the number of devices that can connect to your router and even disable remote administration so that only computers plugged directly into your router can change your network settings. You should also change the Service Set Identifier (SSID), which is your network name, to something other than the default so that hackers can't immediately tell what router you are using. And selecting a strong password never hurts.
Wireless networks are easy and inexpensive to set up, and most routers' web interfaces are virtually self-explanatory. For more information on setting up and using a wireless network, check out the links that follow.
Originally Published: Apr 30, 2001