DIY Wireless
Basic Networking
Installing Hardware
Networking Tutorials
DIY Computers
About this Site
Home >> Basic Networking >> Wireless Security

Securing your Wireless Network

With wireless networking security should always be the first and foremost consideration. The convenience of being able to move around with a laptop in the home or office has one trade off, your wireless network and its clients are broadcasting not only data to themselves but also to anybody else within range too. The solution is to encrypt the traffic on your network so that others may not be able to join your network and use its resources. The statistics vary from source to source but overall approximately 70% of wireless networks are not encrypted, 25% are encrypted using WEP and the remaining 5% or so use WPA. When I first read these statistics I was critical so I took it upon myself to drive around the suburb I live in with a laptop and a USB wireless adapter. Out of the 6 wireless networks I found 3 of them were open (or unencrypted) networks. With 2 of them I was surfing the net at someone elses expense in seconds. Now this story is not designed to frighten the reader away from wireless networks but to illustrate why security is and should remain an essential element to consider during their configuration.

The design of your network can also be a vital part of its security. Do destop machines on an ethernet network need to exchange data with clients on your wireless network as an example? If the answer is no then a firewall between the two networks will prevent unathorised access to your network shares or printers. An internet connection can be shared between the two networks without them being able to communicate with each other and having them on seperate IP address ranges will do much to protect vital data.

Wireless encryption sounds difficult and technical to do however configuration of wireless encryption is a snap and requires no real understanding of cryptography whatsoever. The two types of commonly used encryption in a home or small office environment are WEP (Wired Equivalence Protection) or WPA (Wi-Fi Protected Access).

WEP is an older form of encryption and several tools have surfaced recently that have made it possible to break WEP encryption in a remarkably short period of time. To use WEP the access points and all clients connecting to it must use the same encryption key, a hexadecimal number (charactors 0-9 and A-F) either 10 charactors long for 64 bit WEP or 26 charactors long for 128 bit WEP. WEP may be your only option if your access point or device is a little on the older side, however it is still a far better option than having an open network and will keep passers by and amataeur hackers out of your network.

WEP Configuration

WPA and its successor WPA2 are more modern methods of encrypting a wireless network. There are many ways that WPA can be configured but for the home or office the most suitable method is to use a Pre-Shared Key (PSK). A preshared key is simply a password between 8 and 63 charactors long that is typed into the computer or devices configuration and supplied on connecting to the network. There are two types of encryption that may be used with WPA-PSK, AES and TKIP. TKIP is mainly used with WPA and AES with WPA2. Configuring your access point to do both will accommodate older devices more readily. WPA with a preshared key is the preferred method of encryption and is considered to be far more secure than WEP.

WPA2 Configuration



© 2007