The Basics of Wireless Network Security
Most of us are so happy to have the convenience of wireless networks that we tend to overlook the fact that they are very unsecure. For example, with a wired network, you have to be directly connected to the network. But with a wireless network—where the connection is made possible by a radio signal—anyone within the broadcast distance may have access to the network.
More than that, an intruder on a wireless network cannot only spy on people, but they can actually intrude on and disrupt network activity if there's no security to prevent it. This is especially true of hotspots—at coffee shops, hotels and airports—where the whole point of the network is to give everyone access!
The Internet does have boundaries and guidelines, created by a group of Internet committees and groups. One organization involved in setting standards is the Institute of Electronics and Engineers (IEEE). Their focus is on hardware that connects Local Area Networks (LANs) and Wireless Local Area Networks (WLANs).
To address this wireless security problem, the IEEE initially developed a security protocol standard, called the Wireless Equivalent Privacy standard. WEP offered a level of protection would be on par with a common wired network. Here's what WEP security offers:
- Confidentiality. It helps to keep strangers from eavesdropping on network activity.
- Integrity. When the wireless network is protected, there's a better chance the data received or sent hasn't been changed by a hacker.
- Trust. There's a greater chance that those on your network have authorized access and you can trust their communications.
However, some security experts had problems with WEP that had to do with the level of protection it provided...or didn't provide. They felt WEP wasn't a strong enough "wall" to keep intruders out. A revision to the security standard, called WEP2, added a bit more complexity to the process to thwart hackers, but the changes still didn't please security experts.
For a home network, having WEP2 protection—which essentially puts a lock on the network and requires a password for authorization—is still much better than no network at all. After all, most hackers will look for an unprotected network to make their job easier.
Alternatives to WEP.
WPA stands for Wi-Fi Protected Access, a new security option developed to replace WEP. Wi-Fi devices typically support multiple variations of WPA technology. Traditional WPA, also known as WPA-Personal or WPA-PSK (for pre-shared key), is designed for home networking. Another version called WPA-Enterprise was designed for corporate networks. Each provided better security than WEP.
WPA2 was an improved version of the original and it is supported by all newer Wi-Fi equipment. WPA2 is also offered in personal/PSK and enterprise (business) formats.
802.1X is an authentication tool for wireless networks. Also know as Radius, 802.1X was designed mostly for large businesses that have the resources and expertise to set up and maintain its use. A wireless network administrator will configure 802.1X authentication to work hand in hand with WPA/WPA2-enterprise encryption.
Network security keys and passphrases.
WEP and WPA/WPA2 use wireless encryption keys, which are long sequences of hexadecimal numbers. Matching key values must be entered into a Wi-Fi router (or access point) for all client devices wanting to join that network.
Safety starts at home.
If you use a wireless network at home or the office, make sure it has a security system in place. One way to test it is to see if somebody can open their browser using your network without using a password (your network devices will all share the same password).
If they can, open the software program that came with your router and reconfigure your security settings, because your network is vulnerable. You can find help with that task by doing an Internet search for your router brand and type.