How to Keep The Wireless Snoops Away

Source: Security Focus

A wireless network is like hundreds of network cables floating in search of a rogue computer.

A good attacker can get into most networks by taking advantage of a wireless connection and its Wired Equivalent Privacy security.

WEP represents the encryption of communications data sent over radio waves, specifically using an 802.11b system. But WEP, offered with varying amounts of encryption, is vulnerable because a smart attacker can obtain data pertinent to circumventing the coding by capturing sufficient frames of data.

WEP begins doing its job when a wireless computer sends a request to an access point for a secure session. The access point generates an encrypted response, or shell, that is sent back to the computer. The computer then creates a special code, or shared key, for the computer and the access point. The access point decrypts the shell and allows the computer entry to a network if the shared key matches.

The problem with this technology is that capturing these frames reveals three pieces of data: the cipher text, plain text and the nature of the electronic "handshake." With these items, an unauthorized user can communicate with the access point in WEP without having to know the shared key, bypassing security.

Despite the problems, it's not necessary to abandon WEP. A typical user -- even most attackers -- won't succeed in scaling this security hurdle. But there's a lot you can do to boost the security of a wireless network.

The first thing is to secure your access point. Make sure your "service set identifier" is closed and can't be detected by unauthorized wireless clients. The SSID is the wireless network name that an access point automatically sends out so that random clients can pick up the availability of wireless network service.