We should all by now know that Wi-Fi is by default inherently insecure - its tantamount to dangling a network cable out of your window with a prominent Help Yourself label attached to it. The earliest attempt at Wi-Fi security, WEP (wired equivalent protocol), proved deeply flawed and very easy to hack. WPA (wireless protected access) and in particular WPA2 (which features near-unbreakable AES encryption) has gone a long way to rectifying this glaring defect.
Even so, many wireless networks remain unprotected. Here are some dos and don'ts.
Wi-Fi security dos
Because so many wireless networks arent protected, its absolutely essential to change all the default security settings on your access point. So, change the SSID (service set identifier or network name) on your router/access point to anything but Netgear or Linksys.
The default SSIDs of commonly available hardware are well known to hackers. Your ideal SSID should not contain information that would give away your company name or location. Something bland or innocuous is best.
You should also change the administrator password, too. Hackers know the default passwords for all of the major brands of hardware and with your password could easily remotely reconfigure your AP.
Similarly, if your router supports SNMP (simple network management protocol), change the community names, for example public, to something much less obvious.
This will prevent hackers from managing your device using standard community names and SNMP-management software.
Always turn on the highest level of security your hardware supports. Even if you have older equipment that supports only WEP, be sure to enable it. Despite its nonexistent reputation as a security solution, simply having it running will turn most hackers away. Use WPA or better still WPA2 if its available. A number of recent Wi-Fi products either support the new security standard or are capable of being upgraded to it, so check your hardware manufacturers website for firmware upgrades.
You can also use NetStumbler (see last week's article) to perform your own security audit. Take your notebook for a walk around the perimeter of your building and find out what a would-be hacker might see. Its also useful for detecting levels of electrical interference, which directly affects coverage.
Wi-Fi security donts
WPA and WEP use encryption, which unavoidably incurs a bandwidth overhead. Some prefer to rely on controlling access to their wireless networks based on the MAC (media access control) address of the network card attached to the PC requesting access. Its simple to set up an approved list of PCs and works very simply: if your name aint down, you cant come in.
The major flaw with this approach is that the MAC address is just a 12 digit long HEX number that can be viewed in clear text with a sniffer. All you have to do is wait and watch until a PC connects to the wireless network, and detect its permitted MAC address, which you can then spoof to gain entry. So its not very secure.
Some folks are also big fans of hiding the APs SSID. Why broadcast the fact theres a wireless network?
Well, turning off SSID broadcasts does undoubtedly make it awkward for casual hackers - and genuine users - to find your network but, like MAC filtering, its not the ultimate in security. Why? Because the SSID is still broadcast by other mechanisms on the AP, such as probe requests and responses. Again, turning off SSID broadcasts doesnt make your WLAN quite as stealthy as you might imagine.
While youre setting up your wireless network it will help if you dont turn off SSID broadcasting until after you know that everything is working smoothly. By the same token, dont enable encryption until you have got the network up and running.
It can also help during this phase if you could turn off firewalls on the PCs themselves - in my experience many network-communication problems are caused by firewalls and are swiftly fixed by turning them off, even if its only for a little while.
Finally, there is some debate over the real value of disabling auto-connect features. DHCP (dynamic host configuration protocol) automatically doles out IP addresses to users joining the network, making the life of the hacker just that little bit easier.
Again, this is likely to deter casual hackers but the seasoned variety wont be too fazed by it: in reality it shouldnt take more than about 10 seconds to figure out the IP scheme of any network and simply assign your own IP address to it.