September 2010
M T W T F S S
« Aug    
 12345
6789101112
13141516171819
20212223242526
27282930  
top 10 products

Top 10 Most Viewed Products:

  1. WNDR37-AV Netgear Wireless gigabit router for video and gaming
  2. WNDR3400 N600 Wireless N Dual-band Router
  3. Linksys E-Series Routers, E1000/E2000/E3000
  4. Belkin New Series Routers Surf, Share, Play, Max Play
  5. TEW691 450 Mbps Wireless N Gigabit router
  6. TEW-673GRU Wireless N Router with 2 USB ports
  7. DGL-4500 Wireless N Dual-band, gigabit Gamer Lounge
  8. DGN3500 N300 Wireless Gigabit modem router
  9. DGND3300 RangeMax Wireless N Routers with ADSL Modem
  10. SBG6580 Cable Modem - Docsis 3.0 / EuroDocsis 3.0
«  
  »

Wireless Network Security Part1


Security might be the last thing on your mind when setting up a wireless network. And while you might not see why anyone would want to go mucking around in your personal files, you don’t want to leave your computers completely unsecured. As a general rule, you should employ a level of security that corresponds to the sensitivity of the data on your network. Unlike wired systems, which can be physically secured, wireless networks are not confined to the inside of buildings. They can be picked up as far as 1,000 feet outside of the premises with a laptop and a gain antenna. This makes wireless local area networks (WLANs) inherently vulnerable to interception. Like the “wired LAN”, wireless network is also vulnerable to any types of security threats such as Denial of Services (DoS); Spamming; spoofing; Sniffers and so.

Some reasons to secure your computer from security threats:

  • Your personal financial data and medical history might be on your hard drive.
  • Fast Internet connections aren’t cheap, and you don’t want to share your bandwidth with anybody who can drive by your home or office.
  • You don’t want someone churning out spam from your PC or from your e-mail address.

Wireless security is inherently easier to crack than wired networks because there’s no need for a physical connection to your network. Data transfer occurs over the airwaves, and that makes accessing it easier. Therefore, a systematic approach in securing the wireless network (including securing from the virus attack) is absolutely a must.

Service Set ID (SSID)

The SID is a string used to define a common roaming domain among multiple access points (APs). Different SSIDs on APs can enable overlapping wireless networks. The SSID was once thought to be a basic password without which the client could not connect to the network. However, this claim can be easily overridden since APs broadcast the SSIDs multiple times per second and any 802.11 analysis tool such as Airmagnet, NetStumbler, or Wildpackets Airopeek can be used to read it. Because users often configure clients, this so-called password is often widely known.

Should you change your SSID? Absolutely. Although the SSID does not add any layer of security, it should be changed from the default value so that other people do not accidentally use your network.

Wireless Encryption

Mostly all the wireless routers and other wireless adapters today support wireless security standards such as 64-bit/128-bit WEP encryptions and WPA security standards. What are these WEP and WPA?

In wireless network security, WAP stands for Wi-Fi Protected Access (WPA and WPA2) which is a certification program created by the Wi-Fi Alliance to indicate compliance with the security protocol created by the Wi-Fi Alliance to secure wireless computer networks. This protocol was created in response to several serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP).


Wired Equivalent Privacy (WEP) in wireless network security is a deprecated algorithm to secure IEEE 802.11 wireless networks. Wireless networks broadcast messages using radio and are thus more susceptible to eavesdropping than wired networks. When introduced in 1997, WEP was intended to provide confidentiality comparable to that of a traditional wired network.

The later WPA2 certification mark in wireless network security indicates compliance with an advanced protocol that implements the full standard. This advanced protocol will not work with some older network cards. Products that have successfully completed testing by the Wi-Fi Alliance for compliance with the protocol can bear the WPA certification mark.

WPA2 replaced WPA; like WPA, WPA2 requires testing and certification by the Wi-Fi Alliance. WPA2 implements the mandatory elements of 802.11i. In particular, it introduces a new AES-based algorithm, CCMP, which is considered fully secure. Certification began in September, 2004; from March 13, 2006, WPA2 certification is mandatory for all new devices to bear the Wi-Fi trademark.

IEEE 802.11i-2004 or 802.11i in wireless network security is an amendment to the original IEEE 802.11 standard specifying security mechanisms for wireless networks. It replaced the short Authentication and privacy clause of the original standard with a detailed Security clause, in the process deprecating the broken WEP. The amendment was later incorporated into the published IEEE 802.11-2007 standard.

Some of the wireless routers with WPA/WPA2 compliant are Lilnksys wireless routers; Belkin ; and D-Link wireless routers and others.

Now we have bit knowledge about wireless network security standards, wireless security standards all the wireless router manufacturers claim their wireless products are WPA/WPA2 compliant.

Mostly the wireless security of all the wireless routers is disabled by default. So if you do not want to use wireless security, keep the default.

If you are using WPA in wireless network security, always remember that each device in your wireless network must use the same WPA method and shared key, or else the network will not function properly.

Wireless MAC filter

MAC Address - Physical Adress

MAC Address - Physical Adress

In addition to WEP and WAP, you can use filters that your router likely provides to allow only the network adapters you own to access your network. MAC is the unique physical address of network devices including wireless adapters. MAC address is burned permanently into the network devices. How can we know what the physical address of a device is?

The MAC address on wireless network adapters is typically printed on the network adapter’s underside as in the picture above.

Physical Address - MAC Address

Physical Address - MAC Address

But if your Wi-Fi adapters (PCI wireless adapters) have been installed in the desktop PCI slot, you cannot recognize the physical address visually, but you can do it from the command line.

In a command prompt (press Windows + R keys simultaneously and type in CMD and press enter) type ipconfig /all command and you can find that the physical address is 00-1C-F0-B9-F3-24.

Wireless Network Security - MAC Filter

Wireless Network Security - MAC Filter

In some wireless routers, wireless MAC filter disabled by default. If you need to filter wireless users by MAC address, either permitting or blocking access, select Enabled.

The following illustration, the wireless router enables the wireless MAC filter by allowing only MAC address 00-1C-FD-D9-F3-24. Therefore a laptop in this wireless radius with MAC address 00-1C-F0-D9-F3-11 is not allowed to access the wireless network.

Continued to Wireless Network Security part2

See also:

  • Share/Bookmark
April 13th, 2009 | Tags: , | Category: Wireless Security | Leave a comment

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>