Like a lot of people my home network wasn't really planned, it just happened. Two PC's, a hub, a network. Then came connections for a couple of laptops and an old X-Window work station and the hub was full. All of this was in one room, internet connectivity came from ICS on the main PC, and security was not a significant issue. When I decided to implement a wireless network that all changed and a lot about the net had to change too. The following outlines the steps that I took to ensure that the new network was secure.

Changes to the Basic Net

1) Network name: Yeah, when I started out I just left the default 'Mshome' as the net name. This was the first change. What you change it to doesn't matter a great deal as long as you are NOT using the same one as 99% of the other home networks in the world.

2) IP Addresses: I am also guessing that 99% of the home networks in the world start their addressing with 192.168.0.1 with subnet 255.255.255.0. I decided on an address field of 32 ID's so selected a subnet mask of 255.255.255.224 (I specifically wanted a mask that was not comprised of full and empty octets). I also did not want a network address that ended in 0 so selected 192.168.1.64 as the network ID. I set aside the addresses in the .65 to .69 range for network hardware, .70 to .79 for static IP's on wired systems, and .80 to .89 for wireless DHCP.

Once the wired network was reconfigured, working, and tested I proceeded to the wireless implementation.

Wireless Configuration:

1) Password: Every Linksys router made is shipped with a default password of "admin" and every hacker in the world knows it. I have been lax about using strong passwords for stuff around the house that no one else has access to but wireless is a whole new game and I highly recommend them in this situation.

2) SSID: Every wireless router comes with a default SSID or network name. Every hacker in the world knows all the default names. Changing it is a no-brainer, it has to be done. I made mine the same as the name of my wired net but you can use whatever you like as long as it is not the default.

3) SSID Broadcasting: Now that I had a new name I didn't want to tell anybody what it was. My router came with broadcasting enabled. What this does is advertises your wireless net to anyone who might be in the area. It's a simple matter to turn it off.

4) MAC Address Filtering: This feature allows you to control which particular wireless NIC's are allowed to join the network. I use it. Every time that I buy a wireless device I register the MAC with the access point. I don't find it a great bother. This ensures that only those devices can actually connect to my net.

5) Encryption: At this point I had a network with a hidden name, a strong administrative password, and a list of authorized systems. That still doesn't stop someone from detecting the presence of the network and sniffing the packets that flow back forth as RF signals. My router supports four different encryption methods and I chose WEP with 128 bit key as the most secure.

After doing all of that I did go back to the individual systems and review the files and folders that were being shared and added password protection to a number of them individually. So far, so good.

Just wanted to say that this was a great article and thought that I might add my two pence worth as well!

I'm not sure if the Linksys router supports it but the best Wireless Security that you could use at the current time would be WPA in a home environment!

It may be possible on your Linksys router to enable it but if there is no option for it, you may be able to get this security feature by updating the firmware on your Wireless router.

WPA provides better security then WEP because it uses a pre shared key which changes on a regular basis, thus preventing the password from being hacked! The WEP key's do not change and so it is much easier for a determined hacker to gain access to your password and your network!

It's also worth noting that using MAC Access Control lists only prevents users from physically getting onto the Wireless Network it does not prevent your data travelling accross your wireless network from being sniffed. For this reason it is best to use a combination of both MAC filtering and one of the Wireless encryption protocols.

WEP keys are broadcasted in clear view from what I've read, so that's a no-no

Of course, your 70 year old neighbor may not know how to get around that....but their grand kids MIGHT

About the SSID broadcasting, I dont know if it's a Windows muck-up, or Linksys....but I couldn't get it to work, to turn off SSID broadcasting; because my Windows machines couldn't connect to the router.

MAC Filtering, though sounds fancy, I heard it's also a no-brainer to "crack"/sniff.

In regards to what ahoier said. It is true, you can sniff the packets to find the MAC addresses of the devices and clone them. Wireless is not secure at all.