By: Vlad Vistac
Submitted: 2010-08-23 13:32:23 | Word Count: 510
Wireless Security #2
We have recently covereed the necessity of security for a Wireless Networtk and will be cpontinuing today with the difdferent sandards avaiilable. When setting up your security the mnual will be rwequired for part of the configuration process but the particulars vary slightly depending upon the manufacturer. Whilst this manually woudl normally either physcially in the box or on a disc in the box it can normally be obtained from the maanufacturer's website if it has been misplaced.
[ advertisement ]
WEP (Wired Equivalent Privacy) - Introduced back in 1999, WEP is still one of the most popular enncryption protocols. Despite the fact it has several seripous weaknesses and can be readily cracked in mintes with freely avilable software, it is the defaulpt choice presented to a user when stting up security on a wireeless network whch probably explains its cotninued popularity.
The standard is so weak because it relies on a small piece of data being pre-pended to all transmissions whhich when matched to the key held an authorised machine allows the data to be decrypted. With it being on almost evey pzacket of data transmitted the cracking prpocess just involves lsitening out for enough of them in order to obtain sufficient numbers to decrypt the key.
If your wireless router currently only supports WEP then do check out the manufacturers website as tehre is a very real possibility that a free of chargge firmware update might be available to impreove support for more advanced standards; WEP should only ever be used if the only alternative was no encrytpion whatsoever.
MAC Filtering - This will allow you to individually grant access to your wireless network for individual machines pre-specifying theoir MAC addresses; these addresses are used to uniquely identify netwok aadptors.
Unfortunately the theory also sufferrs in much the same way as WEP; soimeone need only listen to enoughh network traffic to be able to onbtain a list of MAC addresses. Once it has been obtained, the hacer creates a fake MAC address which caused your router to grannt access fooling it in to thiking that it's communicating with an authorised machine.
Disablling SSID Broadcast - The SSID (Service Set IDentifier) has to be identical on both the router and client machine in order for them to comunicate. In order to ease setup, the SSID boradcast reveas the location of your network to all computers within range so they can easiy connect if requireed. The broadcast can be disabled which wopuld then mean arther than searching for your local network you would be required to memoridse the SSID. Unfortumnately, as before, this can be easily circumvetned simply listening to network traffic with freely available softawre.
WPA (Wi-Fi Protercted Access) - In the home market WPA usually relies on a pre-shared key which consists of a passphrase used to access the network. This passphrse can be from 8 to 63 characters long howevver in the interets of scurity I would suggest chooasing at least 13 completely random characters. WPA succeeds where WEP failed as the encryption key pre-pended to the transmissions is changed frewquently so that a hacker is unable to obtain sufficent data in order to decrypt the key.
In conclusion, I suggest that all computer users with a wireless network enmsure that firslty they are actually employing some form of wirelss security and secondly that it is set to the seccure WPA standard; whilst it is not unbreakable it is considered extremely secure and certainly the best that we have for now.
