Wireless security.. Do’s and Don’ts

Published on: Author: Mike Hall 1 Comment

SSID:

This is the name of your wireless house or apartment, a personal identifier in a street or block of wireless houses or apartments. It has absolutely no security value whatsoever. Just like hiding the street number of your house or apartment doesn’t make it invisible, hiding the SSID does not make the wireless house invisible either.

Note also that it is not legal to hide the SSID of your wireless house under the terms of the 802.11 wireless protocol, but nobody will come to arrest you just yet.

MAC filtering:

This sounds and looks like it means business but it doesn’t mean anything like that. All that it does is present the system admin in the house with one more hoop through which to jump before a new machine can be connected to the network.  MAC addresses can be spoofed very easily.

The story so far:

You think that you are making your wireless network safer, but all you are really doing is making life more difficult for yourself. Not good.. The tools to break either of the above are not illegal to use or to own. They are legitimate tools used by network administrators as part of a regular task schedule, so you can stop stamping your feet and demanding that the producers of the software should all be thrown into a jail. The software is not the problem. That is down to the perceived gains and goals of the person using it.

An axe is designed to cut down trees and shape timber into useful pieces. Unfortunately it is as effective on the wooden doors of your house, but we don’t make axe ownership illegal, do we..

Wireless encryption:

Three types.. WEP (essentially no protection), WPA (better than WEP by far), WPA2 (the best so far)

Now we are talking. Yes, for sure, wireless encryption can be broken, but  WPA2 will take more than a drive-by war drive. The hacker would have to set up camp within range of the wireless network for a day or two when WPA2 is combined with a good password. Long passwords are good, real names or any simple words in the dictionary are not good, just as with a password for anything else on the computer.

If there is a device which connects wirelessly but is only capable of WEP, you buy yourself a new WPA2 wireless adapter immediately and get it into operational use at your earliest convenience.

In summary:

Hiding your SSID and MAC filtering introduces a couple of low Cavaletti  jumps to the course, but neither are security measures in their own right. The encryption level and password is the business end and it is this pairing which ultimately protects your network.

There is something else you can do, and I have mentioned it before. Reducing the signal strength to your wireless network will also reduce it to the outside world and if you get the settings right, your wireless network may not even be identified at the public’s normal ‘viewing’ distances.

Using 5GHz wireless is even better as it is a strong signal but over a short distance. It is like the difference between an AM and FM radio signal. FM will be clear as a bell for thirty miles after which it just goes ‘POOF’, where AM will be heard at 50 miles albeit barely.

If you don’t want the hassles of wireless security, there is a very simple solution. Don’t do wireless..

One Response to Wireless security.. Do’s and Don’ts Comments (RSS) Comments (RSS)

  1. Most of the current Apple products don’t use 5 Ghz so make sure you device uses both frequencies.

    “Learned the hard way…”

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>