Wireless Technology Security

By Author: David Burton
Total Articles: 49
Comment this article

Wireless technology is currently treading a fine line; the technology inherently needs to be secure since the signal is usually broadcast well beyond the walls of our home that the network is designed to serve, however they are also designed to be used by computer users with only a very limited knowledge.It is reasoned by the makers that whilst the average man in the street probably doesn't have anything they particularly care to hide from the world, they would be rather irate if they couldn't get their wireless network working without assistance within 10 minutes of removing the router from the box.
The reality is that whether or not you have something to hide from the world, you don't want anyone with a wireless card in a 100 yard radius having access to your network. If we put aside the most serious possibility of someone obtaining confidential information from your compromised network there is also the fact they may simply abuse your Internet connection. There are people who want a wireless network card so they can access their neighbours' Internet connection for free; even if they only use it for simple tasks it ...
... will affect the speed of their network as well as counting towards any usage limit if on a metered connection. There is also the real possibility that if they use your connection for less savoury activities then it will have the IP address associated with your Internet account stamped all over it.

Securing your network is a simple process that shouldn't take more than a few minutes. There are several methods of securing your network from the popular WEP and the more recent and secure WPA standard. It is important to choose the right one as there are some serious security flaws in some of the standards.

To set up or alter your wireless security settings you will require the manual for your router as the configuration process varies from manufacturer to manufacturer. This should have been provided in the box in either paper format or on a CD-ROM but if you don't have either to hand then a copy should be freely available from the manufacturers website.

WEP (Wired Equivalent Privacy) - Introduced back in 1999, WEP is still one of the most popular encryption protocols. although it has several serious weaknesses and can be readily cracked in minutes with freely available software, it is the default choice presented to a user when setting up security on a wireless network which probably explains its continued popularity.
The standard is so weak because it relies on a small piece of data being pre-pended to all transmissions which when matched to the key held by an authorised machine allows the data to be decrypted. With it being on almost every packet of data transmitted the cracking process just involves listening out for enough of them in order to obtain sufficient numbers to decrypt the key. If your wireless router currently only supports WEP then do check out the manufacturers website as there is a very real possibility that a free of charge firmware update might be available to improve support for more advanced standards; WEP should only ever be used if the only alternative was no encryption whatsoever.

WPA (Wi-Fi Protected Access) - In the home market WPA usually relies on a pre-shared key which consists of a passphrase used to access the network. This passphrase can be from 8 to 63 characters long however in the interests of security I would suggest choosing at least 10 completely random characters. WPA succeeds where WEP failed as the encryption key pre-pended to the transmissions is changed frequently so that a hacker is unable to obtain sufficient data in order to decrypt the key.

MAC Filtering - This will allow you to individually grant access to your wireless network for individual machines by pre-specifying their MAC addresses; these addresses are used to uniquely identify network adaptors.
Unfortunately the theory also suffers in much the same way as WEP; someone need only listen to enough network traffic to be able to obtain a list of MAC addresses. Once it has been obtained, the hacker creates a fake MAC address which caused your router to grant access by fooling it in to thinking that it's communicating with an authorised machine.
Disabling SSID Broadcast - The SSID (Service Set IDentifier) has to be identical on both the router and client machine in order for them to communicate. In order to aid setup, the SSID broadcast reveals the location of your network to all computers within range so they can easily connect if required. The broadcast can be disabled which would then mean rather than searching for your local network you would be required to memorise the SSID. Unfortunately, as before, this can be easily circumvented by simply listening to network traffic with freely available software.
I myself believe the best form of security is the WPA standard although not 100% secure it's the best we have at the moment

Dave Burton
www.discount-notebooks.net
Dave is the owner of the web site www.discount-notebooks.net