Do-It-Yourself Wireless Antenna Update
“extend your signal”

Search About Contact

Wireless WiFi Security


	Wireless is an evolving technology which is not inherently secure. Information on a wireless network is most likely not encrypted, so it is possible for another user on the network to use a 'network sniffer' to capture your data while in transit. Unless you take certain precautions, anyone with a wireless-ready computer can use your network. That means your neighbors, or even hackers lurking nearby, could “piggyback” on your network, or even access the information on your computer. And if an unauthorized person uses your network to commit a crime or send spam, the activity can be traced back to your account.
You want to avoid man in the middle attacks. Make it your policy to use a secure login feature SSL (secure sockets layer) for email, e.g. (Yahoo), to protect your password and run personal firewall software on your laptop to protect against illicit attempts to access data on your machine. Consider encrypting your files, and preferably entire hard drive volumes, using PGPdisk. Switch to a Mac or some non-Windows operating system while you're at it. NSA has developed and distributed configuration guidance for Apple Operating Systems. This guidance can be used as a security baseline. Also, password-protect your computer, including a boot password.
FBI Best Practices for Home Users to Prevent Hackers from Getting into Your Network Network segregation Put your access point on a separate subnet, with a firewall separating the wireless and internal users Change the default settings on your access point Default settings (SSID, administrator password, channel) are well known and even included as part of some WLAN attack tools Use WPA with a strong key WPA is a definite improvement over WEP in providing wireless security. But the version intended for home and SOHO use—WPA-PSK—has a weakness shared by any passphrase security mechanism. The choice of simple, common and short passphrases may allow your WPA-protected WLAN to be quickly compromised via dictionary attack (more info here). Use a totally random, long, secure passphrase. Update your firmware This is helpful if your AP or client doesn't currently support WPA. Many manufacturers have newer firmware for 802.11g products that add WPA support. You may also find this for 802.11b gear, but it's not as common. Check anyway! Turn off the WLAN when not in use A $5 lamp timer from your local hardware store is a simple, but effective way to keep your WLAN or LAN from harm while you're sleeping. Step-By-Step Wireless Security SSID Set to not Broadcast How to stay under the radar MAC Address Restrict access only to your computers Password Protect Your Wireless Device Keep the bad guys out WPA Encrypted Passwords Stronger than WEP Food for Thought Securing your WLAN Why bother? The six dumbest ways to secure a wireless LAN Put to rest once and for all the urban legends and myths on wireless LAN security Simple advice for securing your home wireless LAN Look for WPA certified Wi-Finally: wireless security that actually works Microsoft support for WPA2 — Wi-Fi Protected Access 2 Free Wi-Fi Security Test Requires ActiveX plug-in for IE6 and Windows XP/2000 OS Cracking WEP in 10 minutes Download Flash video How To Crack WEP Details. A Cup of Bandwidth Bob Quietly "Borrows" Internet Service From Three Neighbors at Once Worried about Wi-Fi security? cNet article. Antennas Enhance WLAN Security Byte.com article Top 7 Tips for Wireless Home Network Security Improve the security of your home wireless LAN Real Security for Wireless LANs PC magazine article WEP or WPA encryption. Radius, a server for remote user authentication and accounting, is a stronger scheme. Securing your WiFi Network For the home, home office and small office user. Use an SPI firewall. Make sure that your current OS will operate properly with your SPI firewall. WPA (Wi-Fi Protected Access) can be defeated. Consider using WPA-PSK (pre-shared key mode, also known as personal mode) for a home LAN. WPA-PSK is vulnerable to dictionary attacks, if a hash of the pre-shared key can be gleaned by listening in on the 4 way handshake used to initiate the connection, so use a long key. It's convenient to use a 40-60 character sentence that you can easily remember. Choose a sentence (or a line from a song, a quote from a favorite book, or something similar) that is significant to you and use that. You can try a key generator but the key generator approach makes sharing the key harder and might not add much more security to a brute force attack. TKIP (Temporal Key Integrity Protocol) is a security protocol used in Wi-Fi Protected Access (WPA).
Glossary Encryption: The scrambling of data into a secret code that can be read only by software set to decode the information. Extended Service Set Identifier (ESSID): The name a manufacturer assigns to a router. It may be a standard, default name assigned by the manufacturer to all hardware of that model. Users can improve security by changing to a unique name. Similar to a Service Set Identifier (SSID). Firewall: Hardware or software designed to keep hackers from using your computer to send personal information without your permission. Firewalls watch for outside attempts to access your system and block communications to and from sources you don’t permit. Media Access Control (MAC) Address: A unique number that the manufacturer assigns to each computer or other device in a network. Router: A device that connects two or more networks. A router finds the best path for forwarding information across the networks. Wired Equivalent Privacy (WEP): A security protocol that encrypts data sent to and from wireless devices within a network. Not as strong as WPA encryption. Wi-Fi Protected Access (WPA): A security protocol developed to fix flaws in WEP. Encrypts data sent to and from wireless devices within a network. Wireless Network: A method of connecting a computer to other computers or to the Internet without linking them by cables.
Security Software wicrawl A simple wi-fi (802.11x) Access Point auditor BackTrack Remote-exploit CD project merging Whax and Auditor PickupLine Bypass authentication on authenticated wireless networks Auditor Security software toolset based on KNOPPIX List of Default Passwords Huge. AP Radar Network stumbler and wireless configuration clinet Knoppix STD CD A collection of open source security tools and Linux Wi-Fi utilities for advanced users WinZip Supports 128- and 256-bit key AES encryption in addition to lower security Zip 2.0. UltimateZip Advanced File security with 256-Bit AES encryption. Free for private use. Sygate Personal Firewall Free for personal use. ZoneAlarm Firewall Free version has limited features. coWPAtty Audit the pre-shared key (PSK) selection for WPA WepCrack A tool that cracks 802.11 WEP encryption keys. Aircrack 802.11 sniffer and WEP key cracker for Windows and Linux. Mike's Guide to Airsnort on Windows XP A WLAN tool which recovers encryption keys. Difference betwen monitor and promiscuous mode? Airsnort FAQ NSSpyglass Will alert you to netstumblers (requires linksys AP) AirSnare Will alert you to unfriendly MAC addresses WireShark Network protocol analyzer - a successor to Ethereal Ethereal Network protocol analyzer

| Furl | Stumble It! | Digg | Reddit

Recommend This Page

Newsletter | Privacy | Support | Search | Site Map

Revised: 06/24/2008