Have you recently gone wireless? If you have a wireless network at home or in the office, it is critical to have it secured. Wireless networks are prone to attacks from outsiders - perhaps even more so than with wired networks. This article shows how you can implement 3 techniques to secure a given wireless network.

1. Disable Broadcast SSID

One of the key things to do is to secure a wireless network is to disable broadcast SSID. WiFi WLANs identify themselves with a service set identifier (SSID), which names the network and works (loosely) like a password.

Unfortunately, most wireless access points transmit their SSIDs by default, which is pretty much like standing in the street and shouting your bank card PIN. Unless you have equipment that requires the access point to broadcast the SSID, turn this feature off. If you do leave it on, change the SSID to something other than the default.

2. Turn on WEP

Another thing to do is to turn on WEP, and use 128-bit keys. You shouldn’t rely on WEP to be absolutely secure, but the cracker next door isn’t less likely to have the tools, systems, or know-how to break it. WEP is a lot better than nothing (unless you’re using 64-bit keys, which are far weaker than 128-bit keys).
Access points and adapters typically let you set up the WEP key either by typing a passphrase or by entering a hexadecimal (base 16) value.

We’ve had trouble making passphrases work across multiple vendors’ equipment, so we recommend generating a hexadecimal value using a long passphrase and then using the hexadecimal value everywhere. Keep a copy of the key somewhere secure because you can’t be sure you can regenerate it later.

3. Set MAC address restrictions

You should also set MAC address restrictions. Most access points let you list the physical (Media Access Control — MAC) address of equipment allowed to connect to your LAN. A typical MAC address looks something like 00-0C-38-55-F4-AD. You can use a MAC restriction list containing all your devices to ensure only authorized devices connect, although you can’t limit who might be able to listen.

Conclusion

Hopefully, this article has shown you how you can secure a wireless network to give it some basic level of protection against attackers. Good luck and happy networking!

Many small businesses have considered connecting computers and other devices to their corporate network via wireless (WiFi) connections, and a brave few have actually done so. Many of these early networks required that wireless devices be carefully placed within the building so that the wireless signal reached all intended recipients. Typically, these networks lacked adequate security features, which left them vulnerable to information and resource theft by unauthorized persons. These two problems have now been largely solved, meaning that it may be time for more small businesses to look into the potential advantages a wireless network can offer.

Wireless Networking Basics

Building a wireless network requires two distinct types of hardware components, wireless access points, and wireless access cards. The wireless access point is a device, which is attached to an existing computer network via a standard Ethernet cable. It has an antenna on it, which allows it to broadcast and receive signals from PCs and other devices.

Each device wishing to communicate with the access point needs a wireless access card, which also contains an antenna. The current wireless standard, called 802.11g, allows for up to 54 megabits of data per second to be transmitted between the desired access point and the access card. While not quite as fast as wired networks, which typically run at 100 megabits to 1000 megabits per second, wireless networks offer more flexibility, and can be less expensive to install. This is especially true for older buildings where installing cable can become cost prohibitive.

Cutting Corners

Wireless networks use radio frequency waves to transmit information, and thus they are susceptible to being blocked by walls and other obstructions in a building. These obstructions can cause "dead zones" where the radio waves are unable to reach their intended recipients. Microwave ovens and other radio frequency emitting devices can also wreak havoc on wireless signals.

The solution is to place your wireless access points strategically around your building so that interference is minimized. When the distance from a wireless access point to the wireless device is more than a few dozen meters, wireless repeaters can be installed to boost the signal. These repeaters can also be placed so that the wireless signals can be accessible from all corners of the building.

Wireless Network Security Solved

Installing a simple wireless network is pretty straightforward, but installing a secure wireless network can be substantially more difficult. However, an Ann Arbor company called Interlink Networks now offers their LucidLink products, which make installing comprehensive wireless network security a snap. Before LucidLink became available, an organization wishing to lock down their wireless network would need to hire expensive network security consultants to install and manage the wireless portion of the network.

LucidLink packages all of this expertise into a software add-on that is so easy to use that even a small company's office manager can easily take control over who is accessing the company network via wireless. It goes above and beyond simple address authentication (standard with most wireless routers), and implements what is called a RADIUS server. RADIUS servers are what large organizations spend thousands of dollars installing and maintaining in order to secure their large (1000+ node) wireless networks.

Until now, installing a RADIUS server was out of the price range for all but the largest companies. In contrast, LucidLink's product can be purchased for as little as $99 for a 3 user Home Office Edition, $449 for a 10 user version, and goes up to $3995 for a 250 user version.

Summary

While there are still issues with making sure that all areas of a building are covered, the current WiFi standard (802.11g) has a more powerful signal, meaning less emphasis needs to be placed on the locations of attached devices. However, it is still recommended that a professional site survey be done to verify that all required areas of the building can be reached by the wireless signal.

Meanwhile, Interlink Networks has finally solved the security problem at a price that is affordable for small and medium sized business.

http://www.justvb.net/it/