Almost all wireless devices (bridges, hubs, switches, repeaters, routers, or wireless access points) are now equipped with an embedded web-based (hypertext) interface that allows you to administer/manage them from anywhere on the wired/wireless network using a web browser such as Netscape, Internet Explorer, Opera, or Firefox, etc.

When you use a web-browser to administer your wifi gear, you are doing so using HTTP protocol, or by accessing your wifi gear using Telnet or SSH. You simply launch your web browser (or your Telnet/SSH app) and point it to the IP address (192.168.0.1 for most D-Link products, for example) of your wireless device.

While it may be really convenient to be able to get to your wireless access points and routers using airwaves from anywhere within your WLAN, configuring your wireless gear using wireless access exposes your wlan to significant security risks.

All your wireless packets can be easily collected and subsequently disassembled/decrypted offsite at your intruder's convenience -even if you are encrypting all of your radio transmissions using traditional data encryption methods. WEP (Wired Equivalent Privacy) -most commonly used method for encrypting wireless data streams -is, for example, a weak/flawed implementation; and has been shown to be breakable.

While it is true that better data encryption methodologies such as RSA Security’s RC5™ encryption algorithm for WTLS or Wireless Transport Level Security specifications, Wi-Fi Protected Access (WPA), WPA-Enterprise for large wireless networks, and WPA-Personal using a WPA-Preshared Key (PSK) or WPA Passphrase, etc.) for small/home WLANs are now being incorporated in personal computers and various wireless devices; there is no such thing as truly unbreakable encryption -it is often simply a matter of how motivated, skillful, and resourceful an intruder is.

Fortunately, most devices allow you to configure whether or not administrative application can be accessed over the wired/wireless (or both) interface. While it is certainly convenient to have full access to the admin screens using wireless, you may want to take a safer route and disable access to your wireless Router/AP/Bridge/Gateway administration screens over the air. By doing so, you will be effectively blocking out everyone else from administering your wlan -except for those that have physical access to your wired LAN. Refer to your product manual for specific steps on how to disable wireless access to the administrative screen of your wifi gear.