Results 1 to 4 of 4

Thread: Introduction to Wireless Network Security

  1. #1
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830

    Introduction to Wireless Network Security

    This is my own work. It is an article I originally wrote for my About.com site on Internet / Network Security. Part of the article is included below as well as a link to the original at About.com which has links to other sites and resources on the subject:

    It wasn’t too long ago that computers were a luxury rather than a necessity. Only the lucky and the wealthy had even one in their home and a network was something reserved for large corporations.

    Fast forward a decade or so and everyone has to have their own computer. There is one for the parents (sometimes two if the parents can’t share nice) and one or more for the kids to use for homework and games. Home users have gone from no Internet access to 9600 kbps dial-up Internet access beyond 56 kbps dial-up access and are moving on to broadband connections to rival or match the T1 connections they relish at work.

    As the Internet and the World Wide Web have exploded into our culture and are replacing other media forms for people to find news, weather, sports, recipes, yellow pages and a million other things, the new struggle is not only for time on the computer at home, but for time on the Internet connection.

    The hardware and software vendors have come forth with a variety of solutions allowing home users to share one Internet connection among two or more computers. They all have one thing in common though- the computers must somehow be networked.

    To connect your computers together has traditionally involved having some physical medium running between them. It could be phone wire, coaxial cable or the ubiquitous CAT5 cable. Recently hardware has been introduced that even lets home users network computers through the electrical wiring. But, one of the easiest and least messy ways to network computers throughout your home is to use wireless technology.

    It is a fairly simple setup. The Internet connection comes in from your provider and is connected to a wireless access point or router which broadcasts the signal. You connect wireless antenna network cards to your computers to receive that signal and talk back to the wireless access point and you are in business.

    The problem with having the signal broadcast though is that it is difficult to contain where that signal may travel. If it can get from upstairs to your office in the basement then it can also go that same 100 feet to your neighbors living room. Or, a hacker searching for insecure wireless connections can get into your systems from a car parked on the street.

    That doesn’t mean you shouldn’t use wireless networking. You just have to be smart about it and take some basic precautions to make it more difficult for curiosity seekers to get into your personal information. The next section contains some simple steps you can take to secure your wireless network.
    Full Article: Introduction to Wireless Network Security

  2. #2
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Before you read, take note: I am EXTREMELY clinical !

    First, I liked the article ... as geared toward the ignorant masses ( or the sloppy informed )

    I took some exception though.

    First, the article, as linked, was not dated ( time stamped if you will. ) This will undoubtably change as it becomes archived, but I think a date on the outset would have been nice ( nit-picking I know )

    Second,
    Only the lucky and the wealthy had even one in their home and a network was something reserved for large corporations.
    Since you later speak of the decade later I take exception ... or rather maybe am the exception. Since you refer to fast forwarding a decade ... I had a home network since Linux was viable ... long before home routers, etc. And I am not wealthy nor rich. I saved my pennies and worked hard for what I believed in, and what I believed was knowledge of such things would help my children in their future.

    There is one for the parents (sometimes two if the parents can’t share nice)
    I get along with my wife very nicely, thank you!!! But she has exclusive control of the main computer ( unless I say otherwise, but we don’t talk about that ... it just happens ... and usually only when upgrades are needed. Otherwise she gets priority and I get older outdated networked machines in the basement, some of which were thrown out by others. )


    Home users have gone from no Internet access to 9600 kbps ...
    When I started my oldest son ( even my daughter, but I couldn’t really afford it then ) the Internet was only in “future VP Gore’s “ imagination ( not the AO member's, as he was in diapers ) . More like 300 kbps ... and I was Livin’ ! )

    The hardware and software vendors have come forth with a variety of solutions allowing home users to share one Internet connection among two or more computers. They all have one thing in common though- the computers must somehow be networked.
    This was, IMHO, pushed not-so-much by consumer demand but by GREED. Then they convinced the consumer they “needed” it.

    You get the idea, and I really am not criticizing ... just trying to point out possible inaccuracies.

    I think you did the general public a service in pointing these things out ... but do you really think they understand the term “ubiquitous” ? ( BTW, my house is now wired completely with CAT5e )`

    As I have said before, ,anything that can bring to the attention of the masses the problems with WI-Fi and security is a good thing.
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    It was an OK tutorial, however there were a number of things that could have been done better. For instance, you don't mention how to enable MAC restrictions, and it should have been covered in a wireless security tutorial IMO.

    In your preface about home networks, you inaccurately state:
    Home users have gone from no Internet access to 9600 kbps dial-up Internet access beyond 56 kbps dial-up access and are moving on to broadband connections to rival or match the T1 connections they relish at work.
    It should be 9600 bps.

    Your security in 6 easy steps is flawed:
    A) #2 can cause XP to start dropping wireless connections on certain routers, and enabling/disabling SSID broadcast won't do much -- indeed, any of the so-called hackers you mention who are capable of downloading netstumbler will be able to find it. Giving users a false sense of security is a Bad Thing™.
    B) #5 should be #2.
    C) In #3 you fail to mention key rotation and why it is important and can help.

    Personally, I think you failed to observe the two basic reasons why people want to secure wireless networks.
    1. To prevent malicious users from obtaining network access.
    2. To prevent malicious users from grabbing network traffic -- things like CC #s, banking information, etc...

    A rethink on those two primary issues may be in order, and it might lead to better clarity on certain issues.

    Originally posted here by IKnowNot
    Second, Since you later speak of the decade later I take exception ... or rather maybe am the exception. Since you refer to fast forwarding a decade ... I had a home network since Linux was viable ... long before home routers, etc. And I am not wealthy nor rich. I saved my pennies and worked hard for what I believed in, and what I believed was knowledge of such things would help my children in their future.
    Your exceptions don't reflect the truth of the matter. HOME networks even in 93-94 were really rare. I was lucky enough to have one at home as early as '90.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  4. #4
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    SC
    Posts
    718
    Tony, nice little tut on wireless security. I have just a few suggestions though:
    Even easier than WPA is WPA-PSK(Protected Storage Key). Setting up WPA-PSK is as simple as deciding on a passphrase and the rest is rather simple. I set mine up in probably about 10 minutes tops. I'm not entirely sure as to the availability of WPA-PSK in all Windows OS's though.
    I know of at least a few Linksys wireless routers offer WPA-PSK. The only problem I had was setting up some versions of laptops I connected to the network (running XP) because the WPA-PSK option wasn't available in the wireless setup dialogue box. I had to go to MS's site and download this patch on a couple occasions. Again, I don't know what OS's can use WPA-PSK as I'm mainly familiar with/use XP on the wireless network.
    Next thing is that I like to limit my IP range that the DHCP can hand out. I have only enough IP's to cover the computers connected to my network. There's no reason for me to allow my wireless router to hand out 100 IP's when I have less than 10 computers on my network.
    Also, like chsh said, enabling MAC filtering is a key element in keeping people out of your wireless network. Granted anyone can spoof a MAC, but add MAC filtering along with other security measures and you can really fortifty your wireless network.
    In any event, that's my thoughts. Nice article though.
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •