Computer Security: Wireless Networking
Some of us here have new Apple iPhones, and one of the most amazing things about these devices (apart from all the other amazing things) is that they reveal the vast number of wireless computer networks scattered around, because the iPhone continually prompts to connect to any available wireless LAN or hotspot within range.
But what is most amazing is the number of these wireless LANs which are completely unprotected, so anybody with a laptop or a wireless-enabled phone can connect, and use their bandwidth. And if the machines on the network are unsecured, they can browse files, alter settings and create havoc.
This has become a bigger problem in the last few years as wireless access points have stronger antennas and greater range. So whereas the early wireless 802.11a/b/g models might be accessible only in a few rooms, modern 802.11n models are accessible from across the street and in neighbouring buildings.
Protecting wireless LANs is achieved in two basic ways; restricting access to a specific list of known machines, and encrypting the data transmitted. Using one method or the other is a reasonable mitigation against intrusion, but using both techniques is preferable.
To restrict access to specific machines, you need to determine the machine ids (known as MAC Addresses), and add them to your router or wireless access point. (See Adding Wireless Workstations to Netgear Routers.)
To achieve encryption, a secret password is configured on the router and then keyed in to each machine. These passwords are usually in hexadecimal notation (eg. 7E4CB719), and can be long or short. But a common mistake made by many people is to use a default or simple password such as A1B2C3D4E5. This is a common wireless password, and it makes it very simple for a knowledgeable person to gain access.
Furthermore, the encryption technology itself is important. WEP, an older standard, is no longer considered secure, so wireless access points should be reconfigured to use newer standards such as WPA or WPA2. And short passwords (roughly 8 characters) are also too weak. Longer passwords (16-20, or as much as 63) are much more secure.
Please contact us if you need help auditing and securing your wireless network.