How To Deal With Wireless Encryption Security Threats
Because nobody wants to compromise the integrity of their
network by having some hacker "borrow" your bandwidth or gain
access and start snooping around you need to lock down your
network. Fortunately, encryption is built into wireless
technology; it's simply a matter knowing how to turn it on.
Wired Equivalent Privacy (WEP) or WiFi Protected Access (WPA)
The good news is that wireless technology does have pre-built
security but the bad news is there's a flaw in that security.
The problem lies in the fact that it's been built upon two
completely incompatible standards with the result being that
it's a pain in the "you know what" to set up a whole network to
use encryption.
Like most new technologies it starts out using a certain
standard and then as the technology evolves better ways are
developed that make the original technology obsolete. Flaws are
also exposed in the original standard that make it less
desirable. Problems then develop as business and individuals
scramble to transition from the old to the new because during
the transition there's always equipment and devices that use the
old technology and the differences usually cause compatibility
issues.
WEP was the original standard for encryption over 802.11
wireless networks but in 2001 a research paper was published
entitled: "Weaknesses in the Key Scheduling Algorithm of RC4"
which demonstrated critical flaws in the security of WEP that
made it rather simple for someone with reasonable know how to
break it and have access to someone's network.
In a nutshell, WEP made it too easy to discover its' secret key
and once you have the key; you can hack in and stay for as long
as you want. Owners quickly recognized that it was virtually
useless to use WEP on their networks but by the time the
industry discovered the security flaw the WEP method was built
into almost every piece of wireless equipment made.
Clearly, the WEP standard had to be replaced and in 2003 WPA was
introduced and fortunately it fixed most of its predecessor's
flaws. WPA is much more secure than WEP. Unfortunately, WPA took
a long time to reach the market and WPA devices were rather
expensive when first released. As a result, WEP was and still is
the default in a high percentage of the software being used
because it's supported by more devices. Now you can see why we
find ourselves in the confused situation we are today.
WPA is the Here and Now If you plan on to enable encryption,
always use WPA. Any devices purchased after 2003 should be WPA
compatible because the upgrade was made a mandatory part of the
standard.
Without a doubt WEP is better than nothing because it will; at
least, deter the casual intruder, who won't try anything more
than double-clicking to gain access to your network. In
addition, WEP can also make you less of a target for wardrivers
because there's so many completely open networks that are even
easier targets than those using WEP that they simply access
them. However, it's silly to use WEP nowadays (post 2003) when
WPA is so easily available.
Encryption - Turning It On Actually turning on encryption in
Windows is fairly easy. The problem isn't complexity it's time
or aggravation because it does involve a fair amount of clicking
which is probably why so few people bother.
Step one is to turn on encryption for your wireless router or
access point. The exact method will vary between devices but you
can usually do it by visiting the router or access point's
configuration page in your web browser, find the encryption
settings and then choosing WPA. If you have any trouble, refer
to your manual.
Once you've done that, you'll need to change the encryption
settings on your computers. Open the "View Available Wireless
Networks" screen by right-clicking on your wireless connection
(bottom right of your screen) and selecting it from the menu
that appears. Next, click "Change advanced settings" go to the
Wireless Networks section and click your network's name and then
click Properties.
Next, where it says "Network authentication" select WPA and
click OK on everything you've opened. Really not that bad but
then again, that's not the fun part. The fun comes when you get
to do this for "every computer on your network". Sorry to be the
bearer of bad news but grab a latte, put your feet up and start
clicking.
Easier for New Networks As you can see, the process is your
basic "pain in buns" for existing networks but fortunately it's
much easier for networks that have not been set up. You still
need to turn on encryption at the wireless router or access
point but once you've done that you can set up encryption using
the Wireless Network Setup Wizard.
You'll have to ask Mr. Gates about this one but for some reason
Windows still turns on WEP by default when you set up your
wireless network. What this means is that each time you go
through the wizard, you'll need to remember to check the box on
the third screen that says "Use WPA encryption instead of WEP".
A pain, but it's still easier than changing the settings
manually down the road.
This article may be reproduced only in its entirety.