You can test if your wireless connection is having regular lags by opening the Windows command line (Windows-r, type cmd, hit enter) and use the ping command to ping a local or remote IP address (e.g. ping -t 192.168.1.1).

If you see time spikes you are affected by the issue.

Reply from 192.168.1.1: bytes=32 time=1ms TTL=64
Reply from 192.168.1.1: bytes=32 time=1ms TTL=64
Reply from 192.168.1.1: bytes=32 time=1ms TTL=64
Reply from 192.168.1.1: bytes=32 time=1ms TTL=64
Reply from 192.168.1.1: bytes=32 time=1355ms TTL=64
Reply from 192.168.1.1: bytes=32 time=2ms TTL=64
Reply from 192.168.1.1: bytes=32 time=1ms TTL=64

The WLAN AutoConfig service is responsible for the scans which are executed even if the computer is already connected to a wireless network. Users have reported connection issues for up to five seconds during scans which is especially problematic for Internet gamers and users who use streaming media services.

It is not possible to disable the WLAN AutoConfig service right away, as it is needed to establish the connection.

The free software program WLAN Optimizer resolves the issue by disabling background scans once a wireless connection has been made.

The portable program displays all options in two tabs in its interface. The status tab displays a pulldown wireless network adapter selection menu and the status of the tweaks the program offers.

The settings tab displays options to enable background scan and streaming mode. It is not recommended to disable autoconfig in the menu, but the option is available.

WLAN Optimizer is however not the only software that disables wireless background scans. The free tool VBGScan is also capable of disabling the scans. It has been developed for Vista, and it is not clear if it works under Windows 7 as well.

Just use the basic interface to configure the software. It offers the same features as WLAN Optimizer. (via)

NetSurveyor is a free wireless network discovery software that collects and processes information about wireless access points in real time. The program can be used for multiple purposes, including:

• Making sure the wireless network is properly set up, that antennas and wireless receivers are positioned for maximum efficiency and reliability.
• Troubleshooting an existing wireless network, for instance if users connected to it experience poor network performance or interruptions.
• Analyzing all existing wireless networks in the vicinity.

The software scans for wireless access points and traffic on startup. All access points that it discovers are displayed in a list at the top.

All are listed with their SSID, visibility, MAC address, channel, beacon strength, encryption, signal quality and various other parameters. Graphs below visualize the data. The graphs are divided into tabs in the interface. This includes channel usage and a channel heatmap, a channel spectogram and access point timecourse and differentials.

NetSurveyor is a diagnostic tool that falls under the category of WiFi Scanners or 802.11 Network Discovery Tools. The best known in this category is NetStumbler. A discovery tool reports the Service Set Identifier (SSID) for each wireless network it detects, along with the channel used by the access point (AP) servicing that network. The way this works is that roughly every 100 mSec an AP sends an “I’m here” beacon – and the discovery tool (running on your laptop and using its 802.11 wireless adapter, also known as a station or STA) picks-up that beacon and adds the SSID to its list of known wireless networks. In addition, the discovery tool reports the RSSI (Received Signal Strength Indication) for each AP, which is roughly an indication of how close the AP is to your current location (i.e. how close it is to the client STA). Just to be clear, the RSSI reflects the strength of the beacon as received by the STA – it is not an indication of performance.

It is possible to select some or all wireless access points for inclusion in the graph. Many information go beyond what Pc users need to configure their wireless network properly. These information aim at professionals who need to configure larger wireless networks or troubleshoot networks in business environments.

NetSurveyor records data all the time. It is possible to pause the scanning at any time. The program supports the generation of pdf reports under File > Create Report.

The basic information provided by the software are beneficial to all users who want to set up or troubleshoot a wireless network. Especially the signal strength quality and channel display is helpful in this regard.

Interested users can download NetSurveyor from the developer website.

Update: The program appears to require the Microsoft .NET Framework 2.0.

Sometimes though things do not go as planned. Maybe you cannot establish a connection successfully, or you notice connection drops or other issues that you need to resolve.

A software like TekWifi can aid you in that process. The program is a wireless connection and diagnostic tool for Windows PCs. All you need to do is to run it after unpacking it on the system. The program will automatically display all available WLAN connections that were picked up by the computer’s wireless module. You see the Wlan’s name, type, authentication, cipher and signal in a table like structure.

You can select a wireless network from the list by double-clicking it. This opens the Diagnostic tab where you can enter the key for the wireless network. A click on Connect will establish a connection to the network. If that fails, you can click on Diagnose to get diagnostic information right in the same window.

The diagnostic test checks for DNS and Hotspot server accessibility, the default gateway, ISP home page and Internet connectivity.

The program runs basic tests only that can aid you in diagnosing connection issues.

TekWiFi is compatible with all 32-bit and 64-bit editions of the Windows operating system. It even runs under Windows 8. Please note that it requires the Microsoft .NET Framework 3.51 to be installed on the system.

Interested users can download it from the developer’s website. (via)

Wireless networks have disadvantages as well, especially so if they are not well protected. Anyone in reach of the signal can theoretically try and “get in”. That’s obviously simple if the Wlan is not protected at all. Protected Wlans on the other hand can be attacked as well.

Lets say you operate a Wlan in your house, apartment or local shop. You may want to know if anyone else is currently using your Wlan besides you and other authorized users. But how do you do that?

That’s where Wireless Network Watcher comes into play. The free portable software for the Windows operating system displays all devices and computers that are currently connected to a computer network.

Each device is listed with its IP address and name if available. The listing also includes the MAC address of each device, the network adapter company and if available other device information.

The program works under all NT based Windows operating systems, starting with Windows 2000 all the way up to Windows 7. The computer you are running the software on needs to be connected to the same wireless network to scan for other connected devices. You can switch network adapters easily with the F9 key, which can be handy if the wrong adapter gets picked automatically, or if you have more than one installed on the computer.

The data can be exported into HTML, XML, CSV or plain text files, and also copied to the clipboard and pasted into a spreadsheet application.

Wireless Network Watcher is a handy application for Windows users who want to check up on their network from time to time to make sure that no one in the neighborhood is logging into your network.

Your first step will be to buy yourself a wireless transmitter that is suitable to act as a repeater. Most transmitters have the function to do this these days, so you should find one quite easily. It’s always recommended to buy a repeater that is the same make as your existing router to avoid compatibility problems, but this is optional and most makes will talk to others.

Once you’ve unboxed your repeater and switched it on, you’re going to want to log into your existing router. Do this by logging in the way you usually do, and enter your username and password. Now, all routers are different, but the setting you’re looking for is the SSID name, or the wireless network name. It may be under wireless settings. You need to note the existing name, or change the name to something that means something to you. You should also at this point check the mode or speed your wireless is operating at, and choose “auto” or the fastest speed your router will allow.

The next step is to check the security options. For the purposes of this tutorial, we’re going to use “none”, but you should really use WEP or WPA2-Personal as your security, that way unauthorized people can’t log onto your network. If you do set up security, which is strongly advised, you’ll have to set up a password. You’ll need this for your repeater too, so write it down and don’t forget it.

Now you need to find a section that may be called “Wireless Repeating”, again each router is different, so you may need to search around until you find it. It should still be under the wireless settings section, and shouldn’t be too difficult to find. There will probably be a check box where you need to enable wireless repeating, as it’s not usually turned on as standard, and then most routers have two options. The first will be to use this router as a wireless repeater, and the other will be to use this router as a base station. As this is our main router, we’re going to select to use it as a base station. At this point you’ll probably going to need to enter the MAC address of the repeater you’re going to use. So look on the back of your new repeater and you should find a sticker with the MAC address. The MAC address is a unique hardware address of the repeater and will be 12 characters long. Enter this number into the router setup screen. Click “apply” or “save” and you’ve successfully set up your router to act as a repeater base station.

Configuring your Repeater

In part 1, we successfully set up our existing Internet router to act as a base station for wireless repeating. Remember, we’re doing this so we can extend our wireless Internet connection to other parts of the house or even into the back yard.

The next step is to configure our repeater so that it talks to the base station and repeats the signal. First of all, you’ll probably need to connect your computer to the back of your repeater using an Ethernet cable. This is because we haven’t configured anything on it yet, so we need some method of communication with the device.

You’ll have to read your device instructions to find out how to connect to your new repeater, but usually it’s just a case of using an Internet browser with a default username and password. You’ll find all these details in your instruction booklet. Once you’ve logged into the repeater, just as before with the base unit you’re going to need to find the wireless network setup screen.

You need to set up the wireless network with the same SSID name, or wireless network name, as your base unit. For the mode, or speed of the network, you should again choose the fastest speed your network can communicate at, or just choose auto. Finally, you need to set your repeater to have the same form of security as your base station. We’re choosing “none” for the time being, but later on you can come back to these settings and choose WEP or WPA-2. Once you’ve done all these things, you can save your settings and go back to the home screen of your repeater setup.

Just as in the base station setup, you now need to find the setting called “wireless repeating function” or something similar. You’ll need to check the box to turn on wireless repeating, but instead of choosing base station, this time we’re going to choose “wireless repeater”. At this stage, you’re going to need to give your repeater an IP address on your network. If your router is 10.0.0.2 (for example), you might want to give your repeater the next number in line, say 10.0.0.3. This will depend on your network and how many computers you already have set up. If in doubt, use a high number that isn’t likely to be already in use, such as 10.0.0.240.

The next step will be to type in the base station MAC address. In the same way the base station needs to know the hardware address of your repeater, your repeater needs to know the MAC address of the base station. Again, you can find this address on the back of your router. It will be 12 digits long.

Now we have all the information needed for our repeater set-up, we’re going to click on “apply” or “save”, and you’ve successfully set up your repeater. All you need to do now is move the repeater to somewhere where you want to extend the range of your network. Remember, it has to be within range of the base station as well.

You can backup the wireless network settings from Windows 7 and these settings can be easily saved to a USB stick. You simply use the USB stick to import the settings to laptops and desktops added to your network, even if they are using XP or Vista. To do this, follow these simple steps and set your network up for a no-hassle system.

Click the wireless network symbol from the taskbar and then click “Open Network and Sharing Center.” Alternatively, you may go to the Start Menu and open the Control Panel > Network and Internet > Network and Sharing Center.

In the left control pane, you will see “Manage wireless networks”. Click on this and it will open the Manage Wireless Networks window. Here you will see a list of all wireless networks to which you have connected in the past.

In this example, only a single network is listed. That is because all other networks were intentionally removed for security reasons. This is not normally necessary, but should you decide to delete a network, simply highlight it and press Delete.

Double-click the network that you want to manage and a window showing all of its properties will be presented.

Click the bottom blue link next to the Windows shield in order to save these network settings to a USB flash drive. The flash drive that you choose does not need to have a high capacity. Preferably, use a 1-2GB flash drive and use it solely for the purpose of importing network settings. Once you click the link to copy the network profile, the Copy Network Settings wizard will initiate.

Now plug in your flash drive and wait just a moment while the drive is detected. When the drive is detected, the Next button will turn blue. Click the Next button when it is ready. The settings will only take a matter of seconds to copy to the flash drive. When it is done, click Close.

If you go to the Computer Panel and double-click your flash drive, you will see one new folder, “SMRTNTKY” and you will also see a new file called “setupSNK.exe”. These are the saved network settings, so do not delete them.

To import the Wireless Network Settings, first plug the flash drive in a laptop or other USB accessible device, such as a printer, which you want to add to your network. To keep it simple, let us say it is a laptop. The Wireless Setup Wizard will launch. Click on Yes and the settings will be automatically imported. You will most likely receive a notification of this. Click OK and the laptop is now connected to the network. You can use this for multiple computer additions to your network without the need for going through an extensive setup procedure. This is very helpful indeed and saves time.

That could leave their wireless routers open for unauthorized access, especially if no encryption or weak encryption is configured.

The best option here is to use the strongest encryption possible. That however may not be always possible, if devices that need to connect to the wi-fi router do not support that.

Wireless Network Watcher is a free software program that scans a wireless network for connected computer systems. It displays all computers that are currently connected to the network in its interface, making it dead easy to identify unauthorized access to the network.

Each connected device or computer is represented with an IP address, device name, MAC address, company that created the network adapter and device information. These information can be exported and saved to various formats including html, xml and text files.

The program is fully compatible with 32-bit and 64-bit editions of the Windows operating system. It supports all Windows versions from Windows 2000 to Windows 7, including Windows Server versions.

The program can only scan the wireless network the computer it is running on is connected to. Users who want to scan a network that they are not connected to need to connect to it first before scanning it.

It can happen that the wrong wireless network adapter is identified by the program. It is possible to select the right one under Advanced Options (F9).

Wireless Network Watcher is a portable program that will start the scan automatically right after it has been started. It can take a few seconds before the list is populated.

Windows users can download the program from the official website over at Nirsoft.

Heatmapper is a free software for Windows that can visualize the coverage of detected networks in the vicinity. That’s not only helpful to determine the best locations to go online but also to find out if your wireless network extends to neighbors, of if their network covers your home as well.

The application can display the coverage on a grid or, if available, a map of the neighborhood. The application supports various image formats that can be loaded so that the coverage is displayed directly on the map which improves identification a lot.

The application itself detects Wi-Fi networks automatically and displays them on the map or grid. It is possible to list the networks based on signal, channel, SSID, Mac address or security settings.

It is important to walk around to survey the coverage from different rooms or locations to get detailed information about the coverage.

It goes without saying that this is easily done with a laptop or mobile computer. Desktop owners on the other hand usually do not need the additional information, unless they are looking for a good spot to place their computer desk and computer on.

Heatmapper is compatible with 32-bit and 64-bit editions of Windows. The program can only be downloaded after a short registration on the developer site.

The test will be performed in Internet Explorer after accepting to install an Active X control in the web browser. It will test the network devices, the computer, router and network, wireless security and Internet threats.

Not all of the tests can be performed on all routers and networks and the online application will list those that could not be tested in the scan results.

An overall security score will be displayed after the test has finished that indicates how poor, fair or good a network is protected.

These results again have to be taken with a grain of salt as some results have been interpreted incorrectly at least on our network environment.

The network security scan did not recognize the security software that is installed on the computer system the test was running on which dropped the score of the network. It also reported the hosts file had been modified even though it was the default host file of the operating system (Windows 7 Professional).

Pure Networks Security Scan is still an interesting online service regardless of the improper analysis of some of the scan results. It can hint at problems that exist in the computer network that need to be addressed by the user.

Windows users who want to try the test can point their Internet Explorer browser to the Pure Networks Security Scan page at Linksys.

KDE 4.3 is out now and the KNetwork Manager has matured quite a bit. Now this KDE tool has reached a point where it not only works consistently, it’s also quite easy to use – almost surpassing the GNOME Network Manager in user-friendliness.

But for those who have grown to depend on other means of connecting to the net (in KDE 4.x) by other means, the KNetwork Manager might seem a bit unfamiliar. In this tutorial you will see just how easy it has become to connect to a network (specifically a wireless network) with the help of KNetwork Manager.

Installation

You will be glad to know that there is no installation necessary for KNetwork Manager. But you will want to make sure you have the latest KDE updates. But you will want to make sure you are using the most recent version of KDE (As of this writing, KDE 4.3.2). To find out what version you are using open up the Dolphin file manager, go to the Help menu, and click “About KDE”. If you are using a version prior to 4.3.2 you will want to go to your update manager and check to see if there are any updates for KDE.

Accessing KNetwork Manager

Figure 1

If you look in the notification area you will find the KNetwork Manager icon (see the icon in the black square in Figure 1). If you click this icon (either right or left click) a menu will pop up that:

• Shows you if you are connected to a network.
• Allows you to stop an active network connection.
• Connect to a new network.
• Enable/disable wireless.
• Open the connection manager.

Figure 2

To create a new wireless connection either select “Connect to Other Network” or open the Connection Manager. Let’s start from the Connection Manager. Select that entry to open up the Connection Manager (see Figure 2).  As you can see there are already two network connections available. Let’s create a third.

Figure 3

In order to create a new network click the Add button, which will open up the New Network tool (see Figure 3). In this tool you can either add all of the information manually or you can click the Scan button to find the network you want to add. The scan tool is one of my favorite aspects of the new KNetwork Manager.

The Access Point Scanner (see Figure 4) gives you a graphical representation of all available wireless networks and their relative signal strength.

Figure 4

Obviously the network that appears closest to the PC icon in the window will have the strongest strength. And since that is the network I want to connect to I will select it and click OK. Unfortunately, by selecting a particular access point, the only configuration this adds to your connection is the SSID. You will have to go through the rest of the configuration and set the connection up. Make sure you  click on the Wireless Security tab (see Figure 5), select the proper security type, and enter the correct password for the security.

Figure 5

Once you have configured the connection you can OK this window to apply the changes and dismiss the connection wizard. All you then need to do is click the KNetwork Manager icon and select your new network connection to connect.

Final thoughts

I am very pleased with how the KNetwork Manager tool has matured. Prior to 4.3.2, the network tool was nothing I would ever recommend. Now, however, I can safely recommend this network manager to anyone.

Graphs are shown below the table that visualize the signal strength of the selected wireless networks over time. It is possible to select some or all of the wireless networks and observe their performance.

The visualization can help the user troubleshoot the wireless network. It could for example be that all or most of the wireless networks in the area are concentrating on specific channels for the communication. It could then help to switch to one of the transmission channels that are the least used in the area to improve the speed and performance of the wireless network.

InSSIDer is an Open Source software program that might be useful for users who want to troubleshoot, optimize or configure their wireless networks. Beta 1.2 of the program has been released a few days ago and is available for download on the developer’s homepage.

The wavemon tool is a very handy tool to have in your arsenal that will help you gather information you might not otherwise have. With wavemon you can see Signal levels, Noise levels, Signal to noise ratios, frequencies, TX power, sensitivity (if available), bitrate, and so much more.

One of the only issues that might turn you off of wavemon is that it is an NCurses tool. This means the tool is run in a terminal window (I have found it runs best under Eterm) and uses ASCII to create the information it offers. Don’t let this cause you not to want to use wavemon because it is a very useful tool.

Getting and Installing

Wavemon is downloaded and installed from source. Download the tarball from the Wavemon site and save it to your hard drive. The installation steps are simple:

• decompress wavemon with the command bunzip2 xvzf wavemon-current.tar.bz2
• untar the archive with the command tar xvf wavemon-current.tar
• cd into the newly created directory with cd wavemon-current
• generate the make file will ./configure
• install wavemon with make ; make install
• start wavemon with the command wavemon

Wavemon Info Window

As you can see, in the image on the left, the Wavemon info window offers a lot of information.

At the bottom of the screen you will notice there are 10 possible options (of which some have no entries). Each of these options are different screens you can view.

The list of windows is:

• F1: Info. This is the main window that opens upon start up. This is where you get most of the information from wavemon.
• F2: Level Histogram. This displays a real-time bar-graph of Signal level, Noise level, and Signal-to-Noise Ratio.
• F3: Access point list. This feature has not been implemented yet.
• F7: Preferences. Configure Wavemon.
• F8: Help. Like a lot of Linux applications, wavemon shows the developer has a sense of humor. When you hit F8 for help it displays the message “don’t panic”. That’s it. There is more help by reading the man page (issue the command man wavemon).
• F9: About. Get all the information you need about the current wavemon release.
• F10: Quit.

You can also start wavemon with a few handy options. Those options are:

• -i This will override auto detection and use a specified network interface.
• -l Use linear level scales instead of logarithmic scales.
• -r Generate random levels for testing.

Final thoughts

If you need more information than your standard networking tools offer, and do not want to dump any extra cash into a third party offering, wavemon is just the tool for those looking to know everything there is to know about their networks. It’s easy to use, offers a ton of information, is open source, and has a tiny foot print.

How easy you ask? Let me show you.

Locating the applet

The first thing you need to do is find the applet which will be in your system tray either in the top or the bottom panel on your GNOME desktop.

Network Manager Applet

How many bars do you have? As you can see I am already connected to a network. But what if I am not? Simple if you right click the applet a menu will appear which contains the “Edit Connections” entry.

Right Click Menu

Select the Edit Connections entry to open the Network Connections menu.

Network Connections

Click on the Add button to create a new network. This will bring up a simple window where you will enter basic wireless information.

Add Network

The first bit of information you should enter is the network SSID (the name of the network). Once you have that done you can click over to the Wireles Security tab, select the type of security (WEP, LEAP, WPA, etc), enter the Password, and click Apply.

Once you have created the network you can select the network by left clicking the applet to reveal the network listing.

Select Network

Of course the system will scan the surrounding networks and any network found will be listed in the Wireless Network listing.

If you select an already discovered network you will be prompted to enter the networks password.

Connecting

Final Thoughts

Connecting to a wireless network has become as simple as it is in any operating system. With the GNOME, as long as your card is supported, you should have your wireless connected in no time.

The commands to backup and restore wireless network profiles on the command prompt are netsh wlan export profile name=”name” folder=”folder” and netsh wlan add profile filename=”name” just in case you are asking. Regular users however will never discover this possibility and that’s where Wireless Migrator comes into play. Actually it’s of course also helpful for tech savvy users who want to speed up the process.

The software comes as an executable named BackupWireless.exe that automatically creates the backup RestoreWireless.wnb of all wireless network profiles upon execution. Executing RestoreWireless.wnb will restore the wireless network profile on the computer.

The tool wants to register the wnb file extension at first start. To remove those Registry settings use the switch BackupWireless.exe /remove. To restore a wireless network profile without registered file extension use the command BackupWireless.exe RestoreWireless.wnb. A tool cannot be easier than this one, great work.

While it does not seem to be that bad that someone else would use your wireless internet connection for surfing the web it becomes a very important matter if this is abused. Someone could download warez, pornography, commit fraud, send thousands of emails or share software in p2p networks. You will be held responsible for abuse that is done with your connection.

You need to know the basic information about your wireless router before you can begin to protect it.

• Who is the manufacturer
• What is the name of the wireless router

Visit the manufacturers website and search for updates for your router. Updates are normally in the form of firmware updates which update the internal functions to a new version which could result in additional features and security. Please consult the website for instructions on how to update the firmware of your router.

Make sure you update it using a wired connection because wireless connection tend to become unstable in the wrong moments. (Murphy’s law)

It is now time to protect the router further. Connect to the interface which is normally done by opening the IP of the router. (default 192.168.1.1 most of the time) Enter username and password and change them when your are logged in. Many routers get hacked because the user did not change the default login data that ships with the routers. Everyone can look them up and it is really easy to access the router even though everything else might have been optimized for security.

Now it is time to configure the security settings of the w-lan router. Add a service set identifier (SSID), it does not really matter how you name it, just remember the name. Make sure you disable the SSID broadcasting afterwards, this ensure that your wireless router does not show the SSID and it is a little bit more difficulty to find it out.

I know that this is a weak security tip but it could mean that this in addition with other security measures poses a problem for so called script kiddies.

Enable the strongest encryption method available, this is normally WPA2 with AES. If you have an older router or a device that does not support WPA2 you should think of buying a new router or updating the devices. Make sure you use a large string with numbers and letters. A good value would be between 20 and 30 chars for the key, make sure you remember it because you need to supply the key to the other devices that have to connect to the router.

Enable Mac filtering, look up your mac address by using the command line in Windows XP and typing ipconfig /all. The physical address is your mac address. This ensures that only computers with a Mac address that is listed in the router can connect to it. Please note that the Mac address can be faked.

If you do not need the full transmitter power because your router and computer are physically close to each other you could reduce the transmitter power to reduce the chance that someone from outside your walls will be able to find the router and connect to it. Please be aware that a good antenna on the device that wants to connect to your router is able to counter this strategy.

Here is a list of other ideas that are worth investigating.

• Disable all services that you do not need.
• It is a very good idea to power off the router when you do not need it to prevent anyone from connecting to it while you are away. Alternatively turn off the wireless function of the router.
• If you have the means monitor the traffic of your wireless connection to find out if someone else uses it as well.
• Enable the firewall of the router and configure it properly
• If the router has a logging feature enable it and analyze it regularly.
• Limit the maximum number of DHCP addresses if you use that feature.
• Use Authentication if possible.

We had to do a scan of the surroundings of course and found lots of unsecured wireless lan networks. I don´t know why people keep these unsecured, maybe its laziness, maybe they simply don´t know the risks involved. Its like leaving your doors open when you leave your house. Lots of things can happen..

Others could use your internet connection to surf the web, to spam, download copyrighted files or hack other servers, and do even worse stuff. All using your connection. Guess on whose door the police will be knocking ?

Router / Access Point

This is your main configuration unit. If someone gets access to it he will be able to change lots of preferences like passwords, encryption and mac address. Most routers have default passwords and SSID´s which have to be changed by their owner to make the entire system more secure.

1. Default Login

Your first task is to change the default user login to something else. Routers normally have default usernames and passwords like admin / 0000 or similar. You normally configure your wlan router using a web browser and the routers ip. Those are the username and password you enter when you want to change the configuration.

2. Updates

Visit the manufactures website and look for updates for your router / access point. Often those updates include security updates as well, recommended to to every once in a while.

3. Infrastructure / Ad-Hoc

With infrastructure mode enabled all deviced connected to the wireless lan communicate through the access point / router while the Ad-Hoc mode allows for direct communication. Disable Ad-Hoc mode if available.

4. SSID

The SSID, Service Set Identifier, identifies your router. Companies use default ones like wireless or wlan which are easy to guess. Choose a more secure password, best is a combination of letters and numbers.

Disable the SSID Broadcasting, which transmits its name to everyone in range.Wireless stations searching for a network connection can ‘discover’ it automatically, not needed if you know the SSID and configure your computers the way. It does not make sense to change the name but leave broadcasting on.

Note its still possible to sniff the SSID, its still send in clear text when a client associates with the router / access point.

5. Pings

Turn of Broadcast pings on the access point / router this makes it invisible to 802.11b analysis tools.

6. Mac Address Filtering

Every network device has in theory a unique MAC address. You can configure your access point / router the way that it only accepts connections from the mac address(es) you specify. Its possible to sniff your mac addresses and fake them, don´t rely on this alone.

On windows open the command prompt and enter ipconfig /all

The Physical Address is your MAC address, make sure you selected the right device, a wlan pci card for example.

If you are not using windows go to, it explains how you find it on your operating system. [Update: the website is no longer available]

7. Remote Management

Disable if not needed.

8. WPA, WPA2 or WEP

If your access point offers WPA2 encryption use it. WPA2 uses AES encryption. If you have an older access point use WPA and as last resort use WEP. Make sure you chose passwords that are more or less immune against dictionary attacks and chose the highest available encryption option (232 ->104 -> 40)

9. Wlan Coverage

It does not make sense most of the time to provide wlan coverage for a wider area than your own appartment. You can experiment with lowering the transmit level and the use of directional antennas to reduce the area your wlan covers.

Its a good idea to change the encryption keys and the SSID every now and then. The best protection is of course to turn your wireless network off if you don´t need it.