Number 272 - January 2006
Wireless Network Security
by Brian K. Lewis, Ph.D.*
Sarasota Personal Computer Users Group, Inc. December 2004


   In the minds of some the title of this article is an oxy-moron in that wireless networks (WLAN) have been considered to be inherently unsecured. However, the security of these networks has improved considerably over the past couple of years. There are also some new standards on the way that will continue the improvements. If you have older hardware, there are ways to improve the security of your wireless network that you should implement. If you are looking to set up a home wireless network, then you need to have some idea of the security methods that are available to you in the new hardware.

   So why would a home network be interested in a wireless setup? In one word: portability. I have a desktop computer and a laptop that I use when I'm traveling. At home, the desktop is connected to a router with a wired ethernet connection. The laptop has a wireless connection so I can use it anywhere in the house. It's really great to be able to sit on the lanai enjoying the beautiful weather and still be able to connect to the Internet, a printer and the files on the main system. I also know others use a similar setup with a computer for the husband and one for the wife. The WLAN simplifies the connection of the two computers with each other and the Internet.

   To setup up a WLAN, you should have a wireless access point (AP) or a wireless router with a built-in AP. The router usually has an ethernet connection and a connection to your cable or DSL modem. Then, if your laptop computer doesn't have a built-in wireless capability, you need a wireless card to plug into a PC card slot. If you are using Windows XP on your computer, the software setup of the system will be quite simple. You should not use the "Ad-Hoc" system that allows two computers to communicate using just the wireless cards. This method is far less secure than using a router or an AP.

   If you decide to go this route what problems are you trying to avoid by securing your WLAN? First, you have to consider the problems created by "war driving", especially if you live in an urban area. What this means is that it is possible for people using a portable computer driving by a house with a WLAN to pick up the wireless signal and connect to it. Every AP broadcasts its Service Set Identifier (SSID) every few seconds. This signal is strong enough to be picked up several hundred feet away from the AP. If the "war driver" is using a high-gain antenna, the signal can be picked up at a much greater distance. Every wireless router or AP is delivered with a default SSID that can be readily identified. Some examples are Netgear, Linksys, Wireless, and Dlink. Three of these are the names of the router manufacturer. So if you don't change the default SSID, it is a simple process for the attacker to determine the network name, put it into his/her laptop setup and start the log on process. If they are able to log on to your WLAN they will have access to any computers on your network as well as free access through your router to the Internet. With free access to your computers and the necessary software they can capture any passwords that you use. They can also install "phone home" software that will contact other computers.

   Incidentally, the "sniffer" software needed to locate your AP and your SSID is freely available on the Internet. So the first step in securing your WLAN is to change the SSID to something made up of random letters and numbers. Secondly, you can turn off the broadcasting of the SSID. This will increase the difficulty for anyone trying to find an AP.

   In the setup process for your WLAN you may be able to specify the number of users that can connect to the AP and the Media Access Control (MAC) address of the interface cards. Every ethernet card and wireless card has a unique MAC address. The only problem with this is that this address is sent in the clear and with a good sniffer an attacker can determine the address. Once this is done and if the SSID has been determined, the attacker can override your laptop's connection and connect to your WLAN. Even so, setting the maximum number of users and using the MAC address is a useful step, especially when combined with other security measures.

   So far everything that has been considered is transmitted in the clear and can easily be picked up by a sniffer. Therefore, it is important that a passphrase be associated with the connection process and that data is transmitted in an encrypted form.


   Data encryption in early wireless units used a Wireless Encryption Protocol (WEP). This was soon determined to have a number of flaws. In fact, studies proved it could be cracked in as little as 15 minutes. This is more time than might be spent by the casual drive-by hacker looking for Internet access. However, for office WLANs it is a security problem. The problem is in the nature of the static key and the protocol used for encryption using the RC4 stream cipher. By listening to the data stream for a period of time it is possible to collect enough information to decipher the key.

   Newer hardware designed for home WLANs use Wi-Fi Protected Access (WPA) with a pre-shared key (PSK). Windows XP SP2 is compatible with WPA-PSK. However, you must have an AP or wireless router that also uses this protocol and the wireless hardware in the computers must also use it. This requires that your hardware be of recent manufacture and specifically designed to use WPA-PSK. Some routers and PC cards may be upgradable with firmware or software from the manufacturer.

   WPA-PSK uses a passphrase that can be 8 to 63 characters in length. Again, as should all passwords, this should not be a recognizable word. Instead, you should select random numbers, letters and punctuation marks. It is also recommended that you not use a passphrase of the minimum length. Once the AP and the laptop computer have accepted the passphrase, the connection will be completed and all transmissions will be encrypted. If the intruder manages to obtain the SSID and the MAC address, but not the passphrase, they can not connect to your WLAN.

   Another improvement of WPA over WEP is the use of the Temporal Key Integrity Protocol (TKIP). This changes the key with every packet transmitted over the WLAN. The changing key means that any intruder will have to spend a lot more time collecting encrypted data packets to crack the code. Some studies have indicated that the time required to collect enough information would be measured in weeks, not minutes. Obviously for someone attempting to steal bandwidth from a home network, this is not a reasonable process. In addition to TKIP, WPA checks the validity of an 8-bit message imbedded within the packet.

   If you are still in doubt as to whether or not you want a WLAN in your home, then wait a little longer and you will find that there is a new security standard. It may be called WPA2 or the 802.11i standard. Hardware supporting this standard could start appearing within a few months or "real soon now". If you already have the hardware, you may be able to upgrade to the new standard with a firmware chip from your equipment manufacturer. However, the operative word is "may".

   As you can see, there have been some definite improvements in security for WLANs in the home or small office environment. When you get into larger companies, the story is much the same, but the hardware and implementation are quite different.

   If you want to set up a home WLAN, you can do so with fairly good confidence in its security, providing you set up all the security measures. First, when selecting your hardware, you need to check that it will support WPA-PSK. Also ensure that the AP can turn off the SSID broadcast and that you can filter the MAC address of any computer(s) you want to connect wirelessly to your network. Then, when you have everything connected, select a strong passphrase so your data will be encrypted. Then enjoy the new freedom provided by WLAN.

   *Dr. Lewis is a former university & medical school professor. He has been working with personal computers for more than thirty years. He can be reached via e-mail at bwsail@yahoo.com.

   Copyright 2004. This article is from the December 2004 issue of the Sarasota PC Monitor, the official monthly publication of the Sarasota Personal Computer Users Group, Inc., P.O. Box 15889, Sarasota, FL 34277-1889. Permission to reprint is granted only to other non-profit computer user groups, provided proper credit is given to the author and our publication.
  Number 272 - January 2006