OK then, time to get semi-technical!
All current wi-fi products support an encryption protocol called WEP (Wired Equivalent Privacy). This protocol isn't turned on by default, out of the box, but is easily enabled. The wireless access point/router and all computers using the wlan need to have WEP enabled, and be configured with the same encryption key (64 or 128 bit keys are the usual options). Without this key, external users cannot access your wireless network. Now, WEP is widely regarded as a very weak encryption protocol, and is easily hacked...so, WEP enabled will keep your average neighbour off your network, but not a determined hacker.
Another way to keep people off your network is to configure your router to not broadcast the network's SSID (Service Set IDentifier). Older routers always broadcast this SSID, but newer ones have the option of disabling that broadcast. For a wireless device to attach to your network, it has to provide this unique SSID. NEVER set your SSID to ANY, because that removes the requirement for wireless devides to provide the correct SSID. Now, the SSID is actually transmitted in plain text across the airwaves, and can therefore be easily sniffed, but as with WEP this would only be done by someone intent on hacking, not your average neighbour.
Finally, for now, the wireless manufacturers have agreed on a new standard of wireless encryption, called Wi-Fi Protected Access (WPA). This is an interim standard while the industry waits for the IEEE to ratiify a new standard called 802.11i. WPA is intended to be used in conjunction with a RADIUS server (Remote Authentication Dial In User Service), which is responsible for authenticating access requests to the network. This is how WPA would be used in a commercial environment...however, few home users have RADIUS servers lying around, so WPA also supports a Pre-Shared Key (PSK) as an alternatative. Unfortunately, using a PSK suffers the same security flaws as WEP - it's relatively easy to break the key. Recent reports have recommended using keys of greater than 20 characters length, mixing letters and numbers - this should make the hacking of the key harder. Pretty much all the newer wireless-g kit being sold these days supports WPA, but older stuff doesn't (including older wireless-g). Wireless-b knows nothing about WPA.
And that's about it. In summary, turn on your encryption, be it WEP or WPA, and hide your SSID. Choose your encryption keys wisely (not plain words). Do that, and you'll be
relatively safe from hacking.
Oh, and all the above only refers to securing your
wireless access - preventing hack attacks coming from the internet is an entirely different subject!
<phew> finished.
