Another default setting that can help to undermine your best security intentions is the automatic broadcast of a service set identifier. Simply put, an SSID is the name of a wireless LAN and can be thought of as a label that distinguishes one WLAN from another.

Wireless access points are often preconfigured with a default name for the SSID, and that is usually vendor-specific -- such as "linksys," "netgear" or perhaps a generic name like "default." An SSID may contain up to 32 case-sensitive alphanumeric characters. Because the SSID is configured within your access point, I recommend changing it to one of your own design.

Another point of concern is the SSID broadcast. Most wireless routers or access points by default will automatically transmit their network name -- the SSID -- into open air at regular intervals so they can be found and connected to. By disabling the SSID broadcast, your wireless access point becomes invisible to all except wireless clients that already know the SSID.

The truth is that the security gained here is marginal at best, since anyone with the right packet-sniffing tools can still detect the SSID by sniffing different messages in the Wi-Fi protocol. Despite this shortcoming, I still like to disable the SSID broadcast, because it does make it less likely that casual intruders will discover and attempt to enter your wireless network.

Another feature that is usually turned off by default is MAC (media access control) address filtering. A MAC address is a hexadecimal hardware address that identifies each node of a network. Each wireless client will have one, and they can't be changed because they are "burned" into the hardware. You can, however, control any client access to your wireless network by turning on "MAC filtering" in your access point or wireless router.