Skip to content

Securing Wireless networks

May 5, 2011

Recently I visited one of my friends house where he was using wireless ADSL router. He had desktop and was not at all using wireless. I found his wireless connection is open. He is doctor by profession and hardly understands wireless security setting. There are some cases in Mumbai where open wi-fi connections were misused. You should be very careful while using wireless connections. This post explains different wireless encryption protocols and how you can use them efficiently.

Note: If you don’t want to go into technical details then you can skip PART- II

PART- I SECURITY BASICS

Here are some basic terminology

MAC address: MAC stands for Media Access Control address. It is unique address assigned to each and every network interface. You desktop, laptop, network printer, NAS server, wireless router each and every network device has its own MAC address. If you want to see MAC address of your computer

go to cmd.exe

> ipconfig -all

MAC address is shown below in red circle (It is also known as physical address)

If you have laptop then probably you will see two mac address one for wired and one for wireless.

SSID:  SSID stands for service set identifier. It is a name that identifies a particular 802.11 wireless LAN. Each WLAN is configured with SSID which is used by device to connect WLAN.

How to secure your Home wireless network

Note: Some router has mac filtering option for wired connection also. By mistake if you configure that then you won’t be able to access network even using wired connection if mac address is not in “allow list”. 
  • Regularly change wireless password.

PART – II Wireless Security Protocol

WEP(Wired equivalent Privacy): Wired equipment privacy WEP is not supported by 802.11n specification.

Authentication methods: Open System authentication and Shared Key authentication

Open System authentication :

As shown below for open system  authentication client can connect to AP without having  password or key.

But after authentication client need to have proper key to Encrypt/Decrypt data.

Shared Key authentication :

In Shared authentication when client request authentication AP sends challenge text. Client has to encrypt this text using Key and send it back to AP. If client have wrong key then access is denied by AP as it fails to encrypt challenge text.

WEP Disadvantages:

WEP is not supported by 802.11n specification.

In WEP all access point and client should use same Key. Hence if you want to change key you need to change it in all clients which is cumbersome. Probably that is a reason why router has multiple WEP Keys (Password).

Using sniffing tool unauthorized person can decode encrypted messages.

WEP is data encryption method and not a user authentication method.

WPA(Wi-fi Protected Access): 

It is also known as WPA-PSK. The Wi-Fi alliance soon adopted full specification under name WPA2-PSK

There are two encryption methods are used in WPA

Temporal Key Integrity Protocol(TKIP)

Advance Encryption Standards (AES)

To-be very honest I don’t know much about its technical details. You can visit

http://en.wikipedia.org/wiki/Temporal_Key_Integrity_Protocol

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

Advertisements
Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: