I have done security articles in the past on how to lock down or secure your wireless network form unwanted guests. In this article, I am going to discuss how to set up a Mac filter, how to stop your SSID from being broadcast out for the world to see and talk about a few other wireless security fundamentals. At one time, WEP (Wired Emulated Protection) was the standard for protecting you from intruders and it was all that was available. WEP has since been proven to be not completely secure. In fact, this became a big problem causing companies to become reluctant to use the encryption protocol, as well as, leaving most home users unaware of how open their systems actually are.
Something needed to be done and the wireless powers that be, otherwise known as the IEEE, deemed that WEP is not an acceptable form of security for home or business networks. The committee decided to address this issue by creating a new and more secure method for protecting your network. They wanted a new protocol that would patch the shortcomings of WEP as a wireless security measure and therefore, WPA (WiFi Protected Access) was born.
WPA offers significant improvements in wireless security over WEP starting with the fact that WPA uses Temporal Key Integrity Protocol, or TKIP for short, instead of the fundamentally insecure static encryption procedure that WEP uses. TKIP uses a dynamic set of stored keys that the protocol will constantly change, which stops common types of wireless network attacks that take advantage of the static keys of WEP.
WPA also offers something that WEP never did and that is called data integrity. If any of the data packets sent around a WPA enabled network doesn’t have the correct check sum attached, the packet is dumped and the encryption is rekeyed.
There’s no doubt that WPA is better than WEP. So much so that it needs to be implemented as soon as possible. If you’re unsure of what wireless security your network is using, read on. I have some good advice on the topic coming up.
The main factors that will determine weather or not you have the capabilities of WPA or not is the age of your wireless equipment. If your wireless router or access point is two or three years old, I would suggest that you go out to the manufacture’s site and see if there are updates to enable WPA on the device. If there are no updates for your device that enables WPA, I would suggest replacing the hardware. It’s worth it.
To enable WPA on your network, it’s best to start off at the router or access point. Since all manufacturers are a little different, you’re going to need to refer to the manual for the details of configuring WPA .You want to keep in mind that if you’re going to configure the wireless router/access point, always do it with a hard wired PC. This way, you will always have communication with the device while you’re changing its settings. After you get everything together with the access point, it’s time to start connecting the PCs.
With Windows XP, SP2 connection is a breeze. Just use the wizard. When you open up your network connections from your Control Panel, you should see the Network Setup Wizard at the bottom of the window. Select this and answer the wizard’s questions with the appropriate information. During the Network Setup Wizard, you will come up to the point where you will have to choose what type of security you want to use. Elect the Use WPA encryption instead of WEP and begin the connection process.
After the wizard is done, you should be set up and at peace in the knowledge that your network and data are completely safe.
Before I wrap things up, I would like to say if you do go out and get a newer wireless router or access point, you may like next week’s article. We’re going to take that old piece of hardware and turn it into a network trap for would be intruders. It’s going to be really cool. Until next week, stay safe out there.