Wireless LAN vs. Cat5 Ethernet LAN
Security

Network Issues with a Wireless Network. IEEE 802.11b

1. Service Set Identifier: The SSID, as it is called in the industry, is name that your network is set to to identify to all of its users where the access point is. All major access points (AP's) have a default SSID which is well known to a good majority of people that make their living off of other peoples work, namely by hacking into networks that aren't meant to be accesed by them. By naming your network with the standard naming protocols used for passwords you can add an extra level of security to your network that will make it harder for a Hacker to find your network.

Another note of security with your network names is that by default the AP will broadcast this name every couple of seconds for all that are listening. This can lead to easier entry for some hackers that can get close to your physical network.

2. Authentication Type: The second major issue with wireless security is the Authentication Type. The default with this type of security is the "open authentication". This type of authentication is what most netowrk professionals to consider the most dangerous type of authentication. This type allows ANY user, whether they are supposed to or not, to gain access to the AP.

The other setting for authentication is the "shared key authentication". Tthis requires the user to establish a connection with the AP. Before the AP will allow the access it sends a plain text string to the user and waits for the user to encrypt this using the key on their computer. They then send the message back to the AP for it to decrypt and check the authentication. The problem is when someone is lestening in on the whole exchange. They can see what the String looks like before and after encryption and then plug the variables into the RC4 equations to figure out the key. With the key the hacker then also has access to the WEP(next issue) and thus can decrypt "all" messages that travel on the network.

With this in mind it is actually safer to give up this layer of security and go for the open authentication.

3. Wired Equivalent Privacy(WEP): This network security step is used to simulate a wired network over a wireless channel. The messages are immediatley encrypted before they are sent across the air waves and are decrypted on the other end of the transmission. The key used is the same key used in "shared key authentication" which is why it is a bad idea to use both steps to TRY and protect your data. If you use a WEP there is still a possibility that the data can be compromised just like any other encryption technique. It has also been proven that there is a flaw in the encryption algorithm that allows a hacker to gain "some" information that could help them break the code. Overall this is the most secure form of built in security in the AP's of current wireless networking technology.

*There are other methods of non-standard security measures that can help secure your network and its transmissions. It is possible now to buy some forms of software encryption and different types of key encryption that can help add another layer of protection on your wireless network. The problem is that wireless networks, by their very nature, are harder to protect than a hard wired network is. It is important to keep that in mind when determining the security measures your company wants to take for their data.


<<prev | next>>