[TUT] How To Secure Your Wireless Network
Page 1 of 1

Author:  Apache [ Fri May 25, 2007 8:42 am ]
Post subject:  [TUT] How To Secure Your Wireless Network


Running a wireless LAN is great, but there are risks. You can use a computer anywhere in the house and sometimes further. Sadly – with this flexibility comes some risk. You can never secure your wireless network 100% but you can make it harder for people to use the network or monitor your traffic. The highest risk for home users is going to be from people living nearby with wireless networks.

More Information

There are several steps you can take to make it harder for nearby users to break into your network. These are listed bellow:
  • WEP (Wired Equivalent Privacy) - WEP is a system that encodes packets going to and from your wireless card and router/access point. It is a fairly good system but it is not fool proof. There are several WEP modes available on most routers/access points. The higher the WEP level the more protection you have. The type of web that your cards and router will support will be detailed in the products user guide. WEP should be enabled all the time and should be treated as minimum protection for your wireless network. Be aware that WEP encoding/decoding will slow down your connection. This can be a problem if you are using a slow computer as the WEP system will use a great deal of system resources.
  • SSID (Service Set Identifier) - The SSID is like the workgroup on your home network. It is the name of the wireless network. You need to have the SSID to connect to a wireless LAN. Once you have set up your wireless network you can safely disable the router or access point from sending out the SSID. Do not leave the SSID on its default name. Some cards or wireless LAN scanners can still pick up the SSID so the system is by no means infallible. It will stop casual computer users from joining your network though. I recommend that you make a note of the SSID as your cards will no longer be able to detect the SSID name and you will need to input this information.
  • MAC Filtering (Media Access Control Filtering) - The MAC address is a unique string of information in hexadecimal format. Every network card has a different MAC address. Its like a fingerprint for the network card and allows the network to identify the card. One way of making life very hard for unauthorised users is to enable the MAC filter on your router or access point. This will only allow listed MAC addresses access the network. It will not however stop people from sniffing the network traffic. For this you need to use WEP. The MAC address can usually be found on the underside of a wireless network card. If you cant find it you can discover the address from windows. For windows 95/98/ME click on start then run. In the box type winipcfg in the box that papers click the more info button and ensure that the network card is selected from the drop down menu in the middle of the box. The hexadecimal string next to physical address is your MAC address. For 2000/XP/NT click on start then run. In the box type CMD and press enter. In the black box that appears type ipconfig /all in the lines of text that appears you will see an entry called physical address. This is your MAC address.
  • WPA (Wi-Fi Protected Access) - WPA is a security technology for wireless networks. WPA improves on the authentication and encryption features of WEP (Wired Equivalent Privacy). In fact, WPA was developed by the networking industry in response to the shortcomings of WEP.
  • Using IPSEC To Further Protect The Network - If you have windows 2000 or XP pro then you may be able to use IPSEC. IPSEC is a encryption system that windows uses to send encoded data to other computers or a server. This method will only work if your pc is talking to another pc and not if your pc is talking to a router. Windows 9x based operating systems do not fully support IPSEC.

Why WPA Is Better than WEP

One of the key technologies behind WPA is the Temporal Key Integrity Protocol (TKIP). TKIP addresses the encryption weaknesses of WEP. Another key component of WPA is built-in authentication that WEP does not offer. With this feature, WPA provides roughly comparable security to VPN tunnelling with WEP, with the benefit of easier administration and use.

One variation of WPA is called WPA Pre Shared Key or WPA-PSK for short. WPA-PSK is a simplified but still powerful form of WPA most suitable for home Wi-Fi networking. To use WPA-PSK, a person sets a static key or “passphrase” as with WEP. But, using TKIP, WPA-PSK automatically changes the keys at a preset time interval, making it much more difficult for hackers to find and exploit them.

Author:  Randomiser [ Thu Jul 26, 2007 7:48 pm ]
Post subject: 

Thanks this will be very useful.

Author:  win2k8man [ Sat Dec 15, 2007 9:21 pm ]
Post subject: 

i use mac address filtering
i might put a wpa password
to add extra security

Author:  empireum [ Sun Dec 16, 2007 7:20 am ]
Post subject: 

win2k8man wrote:
i use mac address filtering
i might put a wpa password
to add extra security

Was it necessary to resurrect a +6-month-old post? Anyway, MAC filtering doesn't provide that much additional safety as MAC addresses can easily be faked. A WPA/WPA2 encryption is highly recommended.

Page 1 of 1 All times are UTC [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group