Network Security guide for the home or small business network – Part 7 – Wireless Networking
OK – the last couple of entries got into some heavy lifting and some real learning on your part. Learning about what software needs to run, what services are running, updating them to keep current on security patches. We even talked about securing services listening for outside connections and limiting them to what is absolutely necessary. Now we’ll take a deep breath and get into another area… Wireless network security.
Wireless network information travels on radio signals and anyone with a wireless card and laptop can be on an “in the clear” network before they realize it. These days operating systems do a very good job of “automagically” configuring a wireless card for access when they’re in range. This can be a good thing and a bad thing. Easy access to the internet might be good, but that also may mean easy access to your network.
Fortunately the range of wireless networks is typically limited 200-500 feet at the most unless you’re really trying to extend the range. A good walkaround with a wireless card/laptop will give an idea of where your network is accessible from. Are your internal network shares password protected? Or are you defending more against intrusion from the internet. If you have wide open wireless access, you need to start thinking about what services are visible on the INTERNAL network as well.
OK – so you say, we only use the network for internet access, I don’t care if someone else uses it. What if that someone else uses your connection to send out a scam email? A virus? When the dots are being connected they will likely lead back to your internet connection. It might be worth securing it. How?
There are a number of ways to do this and I’ll just get into generic ideas. The simplest way to secure a wireless network is MAC address filtering. MAC addresses are unique addresses given to each piece of network hardware EVER made. Every network device has a unique MAC. It might look like this… 00:12:17:51:E3:7D and should show up in an ifconfig command under linux (ipconfig under windows) or may be written on the network device. MAC address filtering works this way, the wireless access point is told “I want to allow these trusted devices on the network”. Foolproof right? Wrong… Since the data is transfered in the clear it can be very easy for an attacker to collect enough information to guess why they can’t get on the network and ascertain which MAC addresses are legit. Further it’s possible to “spoof” or pretend to have a different MAC address and gain access.
Next up is WEP encryption. This comes in 64-bit and 128-bit varieties. 128-bit is all I’ll suggest. Unfortunately WEP can also be broken fairly quickly. The idea is that a WEP key is generated. The accesspoint has the WEP key and the clients use the same key (you’ll usually only have to enter it once.) The key is hexadecimal (0-9 and a-f are allowed), most programs will take a passphrase and then generate a key from that. Again, an attacker can listen and with current software WEP can be broken in about 5 minutes. It is at least some protection though. (Better than nothing). Combined with MAC address filtering it might prove fairly effective. At least we would hope that someone would move to “lower hanging fruit”.
The best option currently is WPA encryption. Currently I don’t know of WPA being broken. If you’re dealing with older hardware trying to connect wirelessly this may be a problem as some older devices may not support WPA. If everything you need to use can handle WPA, this would be THE best, most secure (currently) choice. The concept with WPA is similar to WEP, the communications are encrypted between the machines and the access point, the key is constantly changing though which prevents outsiders from gathering enough infromation to break the key.