Beginners Guides: Securing A Wireless Network

Modern wireless networking products are inexpensive, simple to set up and very convenient. They are also full of holes... security holes, that is.

The reason for this can be traced to the popularity of wireless. Wireless networking is firmly entrenched in the home computer market, and that means that the people buying the products cannot be assumed to have any form of expertise in IT; hence, the products had better be extremely easy to set up, and use.

Ease of use and security tend to be mutually exclusive. So for wireless manufacturers, the reasoning goes that while the average Joe or Jane Smith at home has nothing they'd really care to hide from the world, or that the world would really care to find out about them, they will get very peeved if they cannot get their new wireless router up and running quickly and without help.

Unfortunately, the only way to make a complicated appliance like a wireless router idiot proof is to use default settings that will not require the user to change a single settings on any of their other wireless hardware. By extension, this means that any wireless device can connect to said router using default settings.

To repeat, this means that ANY wireless device in range can connect to the Smith's new router. Now, if you are Joe Smith, do you have anything you'd like to hide?

Tools that can discover wireless networks - Netstumbler - Kismet Linux-based tools/info for cracking WEP Encryption - Airsnort - WEPcrack - Wepattack Tools that can capture wireless packets - LinkFerret - Etheral - Kismet

There are a couple of reasons why wireless networks are currently less secure than their wired counterparts. First off, there is the fact of their physical nature. They are wireless, broadcasting a signal out over an area. Any computer within this area with the correct equipment can be considered to be 'connected' to the network.

No wires equal easier access to the network for everyone. This also makes one of the most popular 'hacking' tactics vastly easier: 'packet sniffing,' or capturing data sent over the network to analyze it for information. Anyone in range can receive all traffic sent over the wireless network.

Secondly, current security methods for the most widely available wireless technology, 802.11b, are either easy to defeat or difficult to implement.

The two most common methods of securing 802.11b networks are WEP (wireless encryption protocol) and MAC address filtering. WEP (64-bit, or 128-bit) protects wireless traffic by using a key to encrypt data, shared between all computers that need access. WPA (WiFi protected access) which is just now emerging, address all of WEPs shortcomings, and so we'll touch on that a little later on in the guide.

Unfortunately, WEP is rather easy to crack with the correct (and freely available) software, and its wireless nature makes it easy for intruders to capture enough of your encrypted traffic to give the cracking software something to work with.