Beginners Guides: Securing A Wireless Network
Securing a wireless network is as
important as locking the passenger door on your
car when you leave it in the parking garage. - Version 1.2.0
wireless networking products are inexpensive, simple to set up and
very convenient. They are also full of holes... security holes, that
The reason for this can be traced to
the popularity of wireless. Wireless networking is firmly entrenched in the home computer
market, and that means that the people buying the products cannot be assumed to
have any form of expertise in IT; hence, the products had better be extremely
easy to set up, and use.
Ease of use and security tend
to be mutually exclusive. So for wireless manufacturers, the reasoning goes that while the
average Joe or Jane Smith at home has nothing they'd really care to hide
from the world, or that the world would really care to find out
about them, they will get very peeved if they cannot get their new wireless router up
and running quickly and without help.
Unfortunately, the only way to
make a complicated appliance like a wireless router idiot proof is to
use default settings that will not require the user to change a single
settings on any of their other wireless hardware. By extension, this means that any wireless
device can connect to said router using default settings.
To repeat, this
means that ANY wireless device in range can connect to the Smith's new router.
Now, if you are Joe Smith, do you have anything you'd like to hide?
There are a couple of reasons why wireless networks are currently less
secure than their wired counterparts. First off, there is the fact of their physical
nature. They are wireless, broadcasting a signal out over an area. Any computer
within this area with the correct equipment can be considered to be 'connected'
to the network.
No wires equal easier access
to the network for everyone. This also makes one of the most
popular 'hacking' tactics vastly easier: 'packet sniffing,' or capturing data sent over the network
to analyze it for information. Anyone in range can receive all traffic
sent over the wireless network.
Secondly, current security methods
for the most widely available wireless technology, 802.11b, are either easy to
defeat or difficult to implement.
The two most common methods of securing 802.11b
networks are WEP (wireless encryption protocol) and MAC address
filtering. WEP (64-bit, or 128-bit)
protects wireless traffic by using a key to encrypt data, shared between all
computers that need access. WPA (WiFi protected access) which is just now emerging, address all of
WEPs shortcomings, and so we'll touch on that a little later on
in the guide.
Unfortunately, WEP is rather easy to crack with the correct (and freely
available) software, and its wireless nature makes it easy for intruders to
capture enough of your encrypted traffic to give the cracking software something
to work with.