A Guide To Wireless Security

Posted August 21, 2009
Filed under: Security |

Hi Me again,

I though this time I would give you some advice that I received on how to setup your wireless environment. Some of the info comes from sources I have read, so not everything written in this blog is mine.

All wireless security employs encryption, which uses a mathematical process to “scramble” each data packet before it is sent out over the antenna, and then “descrambles” each packet back into its original form on the receiving end. Your NIC (network interface card) can encrypt data being sent to the wireless access point and decrypt data that it receives from the access point. Only PCs that are configured with the necessary security key, or passphrase, can exchange data successfully between the wireless NIC and the local access point.  Anyone nearby with a PC and wireless NIC could still sniff, or monitor, the radio waves to receive any data being sent over the network, but because your data is encrypted, it is illegible to them. Your next-door neighbor also can’t check his email through your wireless Internet connection because he doesn’t have your encryption key; so, while he may still “see” that your network is there, he cannot access it.

WEP. Several types of security have evolved over the last few years. Wired Equivalent Privacy is a basic encryption scheme that was included with the original IEEE 802.11 wireless networking standard ratified in 1999. WEP encryption can deter casual snooping and may still be used in basic household networks, but well-known weaknesses in this standard make it possible to crack a WEP key in a matter of minutes.

WPA. Wi-Fi Protected Access was released in 2003 as a far stronger encryption standard to be used in place of WEP. WPA is a server-based security approach that incorporates longer keys and other features such as the TKIP (Temporal Key Integrity Protocol) that changes keys periodically. WPA also includes a personal or PSK (preshared key) mode that allows home and small office users to enable WPA without the use of a separate server.

The big issue with securing your wireless network is that security standards are not interchangeable or backward compatible, so the best security that you can achieve is limited to the lowest common standard available in all of your wireless devices. For example, if your older wireless router and wireless NIC only support WEP, you can’t network another PC using WPA2. Before you enable wireless security, it’s a good idea to check your wireless devices and determine which (if any) security standards are available to you.

Start with your wireless router. Access the management feature of your wireless router according to the manufacturer’s documentation. Locate the security settings and examine the list of security modes available. By default, this will probably be set to Disabled. Write down all of the available options, but don’t make any changes just yet.

Next, check your wireless NICs. Note that you should first verify the presence of a wireless NIC by checking for a Wireless Networks icon in your System Tray or clicking Start, My Network Places, and View Network Connections to see if there is an entry for a Wireless Network Connection. If so, you have a wireless NIC or chip in your PC and can proceed. If not, you will need to install a wireless NIC (either as an internal expansion card, a USB device, or a PCMCIA card) according to the manufacturer’s instructions and then proceed.

Remember that you will have to enable security on each PC, so check the available mode(s) on each of the PCs on your network. Now you know what security levels are available in each of your wireless devices. It’s best to enable WPA or WPA2 encryption if your devices support those modes.

Choose the TKIP or AES encryption type. For this example, let’s go with AES. Enter the key, which should be between eight and 63 ASCII (American Standard Code for Information Interchange) characters or 64 hexadecimal charactersASCII keys should use a mix of uppercase, lowercase, numbers, and a few simple punctuation characters to create your key. Make your keys as long as you can, and write them down in your router documentation. Save your settings, but remember that your wireless network will suddenly become inaccessible until you make the corresponding changes to other PCs.

Choose the first PC to update and do the same thing for that computer’s NIC. Again, for the Network Authentication entry, select WPA-Personal (or WPA-PSK) or WPA2-Personal (or WPA2-PSK), select AES as the Data Encryption type, and then enter the passphrase in the Network Key entry. Use your chosen phrase and make sure that you enter the key exactly as you did for the router. Click OK to save your changes and click OK again to close the Properties dialog box. After a few moments, the PC should update and your secure wireless connection should be established. Repeat this process for any other PCs on the wireless network. If you don’t automatically connect to the secured network, try rebooting the PC.

John Palamar

Sources: Smart computing

Advertisement

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.