Wireless Security

Wireless networks are common, especially in homes. They offer quite a few advantages (and often cause a few frustrations), and in a lot of cases it just comes built into the modem/router. It’s also another point of entry into your network (and your computer).

Risks:

The risk that a wireless network poses is mostly unseen. The more powerful and efficient the wireless equipment is, the further away it works from. Eg, your neighbours, passing cars, pretty much anyone within a few hundred metres radius of your home or office. In fact, an office is a greater risk because there’s likely to be other offices nearby and the data accessible from an office network would be more valuable.

Solutions:

I’ll get straight to the point here. The following solutions exist. Read on to learn which ones are good to use and which are completely useless:

  • WEP [not secure]
  • WPA [secure]
  • WPA 2 [secure]

Of these only WPA and WPA2 are secure. The WEP algorithm was cracked years ago and there are easily available programs to hack into a WEP protected network. It doesn’t matter how many bits of security are used, anyone who wants to connect to your network is able to with little effort.

WPA and WPA2 can be implemented in a few ways, and for homes and small offices the PS-KEY is the preferred method. This uses a PreShared Key, and you should really use at least 20 random characters. Medium and large organisations should be using something called a Radius server.

WPA2 has a few advantages over WPA:

  • It uses a more secure algorithm, meaning it’ll be some time before someone cracks it (eg, a few years)
  • WPA is vulnerable to denial of service (DOS) attacks, meaning that more advanced hackers can make a WPA network stop working (but at the moment cannot hack into it). This would be a nuisance for home users, and more than a nuisance for business users.

So why doesn’t the whole world user WPA2? WPA2 is fairly new and not many products support it. It seems to take years for computers, phones, and other gadgets to start using new protocols.

Since WPA has been around for a few years why doesn’t everyone use that? Again when wireless networks were first introduced a large number of devices were made that only supported WEP. Manufacturers were slow to update their software, and most consumers didn’t understand wireless security and hence didn’t care if it supported WEP or WPA, so the manufacturers had little reason to provide updates.

WPA is considered secure at the time of writing (2007). When the standard was created it was rushed and the main goal was to fix security problems without having to reinvent everything. So it was a compromise and it’s only a matter of time until some clever hackers come up with a way to break it. When that happens you’ll hear about it on this site.

So in summary,

  • If all your devices (wireless router, computers, games consoles etc) support the new WPA2 then use it.
  • If all your devices support WPA but not WPA2 then use WPA and do some research every now and then to see if it’s still safe (keep reading this site).
  • If at least one of your devices is limited to the old WEP standard then you can either
    • accept that your neighbour could break into your network and use it to download or upload whatever they want, or
    • decide not to use wireless at all, or
    • replace or upgrade your devices.

If in doubt ask, or do some research.

  1. Hacking Wireless Networks | FraudO.com - pingback on 6 July, 2009 at 11:49 am
  2. 130 Million Credit Cards | FraudO.com - pingback on 29 August, 2009 at 12:52 am

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Trackbacks and Pingbacks: