There are cases of people piggybacking on WiFi networks. Such squatters sometimes take up space in stores to use this 'free service'. How can a network be configured to deal with this?
Some Wireless Routers allow you to have 2 SSID (Wireless Network).SSID is the name of the Wireless Network you connect to (e.g. WirelessSG in Singapore).
1.Assign different attributes to the two SSIDs.
SSID1: "Main" is your for your own usage. You can secure this connection by configuring it as WPA2-Personal with TKIP or AES Encryption so no one can access your network.
SSID2: "Guest" can be used for guests who use this access temporarily. You can decide if you wish to let users of this SSID have the same privileges or access as those set in SSD1.
2. Hide the SSID of "Main", so people are not able to see your Wi-Fi access.
3. Reducing the antenna strength / wireless signals helps to prevent or reduce piggybacking. This restricts the range so people can't pick your network up.
You can also set a time limit to each access that kicks users offline after a specific period of time.
Here are some things to take note of:
Secure your router’s setup by changing the administration login. It will be useless to use a password for the Wireless connection if someone has access to the router configuration page other than the owner. Some actually leave it on its default settings.
Many routers today have a WPS (Wireless Protected Setup) button. You may use this instead of handing out the password. This allows “pairing” to occur between the device and the router. The other device connecting should support WPS though.
Change the Client Lease Time in the DHCP Server settings. Based on experience, no one stays longer than 2 hours unless they’re heavy gamers. I changed mine to 90 minutes. This allows the router to check at a set interval if the IP Address handed to the client still exists and releases or puts back the IP Address to the DHCP pool if not in use. Releasing or freeing the IP doesn't disrupt currently connected clients since the router will see if the IP is still in use.
Use a Static DNS setting to improve DNS Caching, Resolution and filter unwanted sites. I used OpenDNS.
Use the current Wi-Fi Encryption standards (WPA2-AES) to secure client to router authentication and resist attacks.
Turn on the Filter settings of the Router's Firewall except for the web filters since they may disallow browsing sites that support Java, ActiveX, and Cookies.
You can also enable an intranet site as the home page (server based) that had several reminders for safe browsing using IIS.