October 05, 2005
Everything Else
Wireless Security
Well last night I finally turned on my ADSL modem's wireless access point and enabled my laptop's wireless network connection. Voila, instant wireless surfing. What took me so long? Didn't I realise it's 2005 and not the dark ages? Well up to now wireless is just one piece of technology I haven't been too eager to try. I read a long time ago about the serious problems with wireless security: fundamental flaws in protocols, high hackability, etc. Since then wireless has been put in the "too risky to try" box, and I've essentially stayed away from it like the plague.
Undeniably, not everyone has shared my views. Wireless is everywhere! And it's in demand. So much so that my laptop came standard with it -- it wasn't an optional extra. The ADSL modem that I was after also came with a wireless access point built in; although I made sure it could be disabled before I bought it. So without actively seeking out wireless, I still ended up with everything I needed to run a wireless LAN. A sure sign I should roll up that ratty old LAN cable (the one with the baby teeth marks, and stretch marks from being kicked so often) and try the new jiggery-pokery out.
Before I did that, I took a look at the wireless security options in the ADSL modem. I had a choice of WEP or WPA Pre-Shared Key (or WPA-PSK). What do these mean? A quick search on Google found a great explanation of the differences between WEP and WPA. Wikipedia of course also had a lot of information. WEP is the old protocol, the one with all the problems I remember reading about -- the one that is hackable and should be avoided at all costs! WPA is markedly better, very secure, although essentially a retro-fitted stopgap and still theoretically hackable. We have to wait for 802.11i (WPA2) for true security it seems.
WPA-PSK is the small network version of WPA, for people that can't afford a separate authentication server. It relies on a shared key that both the access point and end point must have before a wireless connection can be made. Using a simple password as the key here is a major no-no; it can be hacked using brute force. Wikipedia recommends 22 random characters, but being the security freak I am I went for the full 63.
I also engaged the other security options on my ADSL modem which I suspect won't stop a determined hacker but should make life harder. I turned off the ESSID broadcast to stop my access point advertising its presence. I also limited the MAC addresses to just my laptop's MAC address. My final super security option? I turn off the wireless LAN whenever I'm not using it... just to be safe. ;)
Posted by Adam Boddington at 10:20 AM | Comments (0)
Post a comment