Risks - Network Security

Security: Wireless Networks

Study Guide (old study guide)

With wireless networks becoming much more affordable and available to the public, many issues arising from this new popularity for WiFi need to be understood.  

1. Secure Your Network

It is primarily the misconfigured wireless networks that allow warchalking and other unauthorized access to WLANs.  A signal that is transmitted through the air is much easier to intercept than it would be to gain access to the signal if it were transmitted over wire or optical cables.  This raises many concerns about the security and privacy of wireless networks.  Through proper configuration and encryption one can be certain that they have significantly reduced the ability for crackers and others to gain access to ones information.

The new Wi-Fi Alliance,  non-profit industry organization of more than 200 companies, recommends taking these steps to secure your network:

  • Deploy WPA or WPA2 encryption
  • Change the default password 
  • Close your network
  • Change your network name
  • Move your access point
  • Use MAC Control Tables
  • Use a VPN (Virtual Private Network)

2. Keeping Current

As technology improves to keep hackers out, the tools they use to break in get better too.  Anyone with a wireless network, whether for home or business, must stay current.  

National Institute of Standards and Technology lists the steps necessary to maintain a secure wireless network on page ES-2 of new Wireless Network Security  (Tom Karygiannis and Les Owens, National Institute of Standards and Technology - Adobe Acrobat Needed to View )

  • Maintaining a full understanding of the topology of the wireless network.
  • Labeling and keeping inventories of the fielded wireless and handheld devices.
  • Creating backups of data frequently.
  • Performing periodic security testing and assessment of the wireless network.
  • Performing ongoing, randomly timed security audits to monitor and track wireless and handheld devices.
  • Applying patches and security enhancements.
  • Monitoring the wireless industry for changes to standards that enhance security features and for the release of new products.
  • Vigilantly monitoring wireless technology for new threats and vulnerabilities.

An example of changing standards is improved encryption.  At one time, WEP  (Wireless Equivalent Privacy)  was considered sufficient encryption for the home user.  It is now consider too easy to crack and will provide only brief protection. WEP was replaced by a newer standard, WPA (Wi-Fi Protected Access) that added TKIP (temporal key integrity protocol) and later, WPA2, that offers improved authentication and encryption.  WPA is better than WEP, but it is still based on the same encryption while WPA2 uses the newer AES (Advanced Encryption Standard).    

To use WPA2, developed by Wi-Fi Alliance, it is necessary to upgrade software and possibly hardware as well.  WPA2 is backwardly compatible with WPA but not WEP.  

newWireless network Wikipedia

newWi-Fi Protected Access 2 Wi-Fi Alliance

newWi-Fi Protected Access 2 (WPA2) Overview The Cable Guy, Microsoft

3. Wireless networks create new ethical questions.

Many ethical issues regarding wireless networks have come about because of the ease of use by everyone and their improper configuration. With the rapidly increasing market for wireless connectivity the many issues of ethics, security, and privacy are all aspects that will have a significant role in shaping the future of wireless networks across the world.

4.  Terminology

Internet Terminology and Definitions - Steven C. Perkins, Rutgers Universit