Wireless security is (unfortunately) not for dummies…


I’ll try to keep this post short, but the main idea is that apparently wireless and security don’t really mix well. At least if you are not an expert in this area. While I started learning about this stuff, I got really worried on how easy is to setup things in a totally insecure way.

Sure, there are plenty of alternatives to get your network secure. But, for the average user, it might be a lot to learn: you got to know what all these three-letter acronyms mean (WEP, WPA, DES, etc), you need to understand what types of attacks are possible (active/passive, man-in-the-middle and so on and so forth). At least on the last subject, there are all sorts of strange ways to attack a wireless network. And my wife won’t enjoy spending a weekend reading all this…

I would really love to see some sort of idiot-proof, easy-to-understand method that makes your entire wireless network 100% secure. Unfortunately, this is not possible today, simply because the notion of wireless security goes beyond a single operating system. You have to configure your router too. And your laptop. And your wireless camera (if you have one). And every other wireless device you add in your network… Wouldn’t be nice to have a really simple process, like just using a USB thumb drive to migrate the secret key between all these devices to make the entire network secure by default?

Anyway, here is what I found in my short experience:
– Avoid using WEP as an encryption protocol. Apparently, WEP has several security problems. Use a more mature encryption protocol instead. Everything that starts with WPA-xxx should be probably OK (or at least this is my assumption).
– In my personal experience, WPA-TKI seemed to be the encryption protocol that was the easiest to setup. Both my wireless router and my tablet seemed to support it pretty well. The shared secret is a simple ASCII string which is easier to memorize compared to something which looks like a GUID.
– In your router, disable SSID discovery. This is good as a preventive measure; however, be aware that a passive attacker can figure the SSID anyway (the “disable” feature applies only to the beacon frames).
– Use MAC filtering whenever possible! I could find an easy way to enable MAC filtering at the router side. But my tablet (a HP tc1100, not the latest one with the “802.11g” feature) I couldn’t find any way to do any MAC filtering. You might say that I’m really paranoid, I know :-). But it doesn’t make sense to have filtering only on one direction…

That’s it. And, by the way, if I got anything wrong, or missing, I would be glad to get any feedback!

Comments (5)

  1. I posted on this just yesterday: http://weblogs.asp.net/cszurgot/archive/2005/02/21/377374.aspx <grin>

    I’d be glad to not use WEP, but Tivo only handles WEP.

  2. Adi Oltean says:

    Interesting… however I would point out that disabling SSID broadcast can be bypassed. The SSID can be obtained anyway by someone more experienced…

  3. And MAC addresses can be faked. <grin> My statement was just that wireless security should come out of the box secure. Obviously, it would be nice if it was stronger than current (WEP), but there should be something. As it stands now, Wireless Security is a crime of convenience in a lot of ways… Why hack into my home network when you can move a few feet and log into an unsecured one.

  4. WEP may be flawed but turning WEP on compared to leaving it off is better than nothing. Also MAC filtering is only beneficial from the router standpoint. The wireless card is simply a receiver, it doesn’t broadcast a signal like the router does. MAC filtering on the router makes sure that only those MAC addresses get access to the network. If you used MAC filtering on the wireless card, you’d have to adjust this every time you changed wireless networks. So while you’re fine at home, the second you plug up at Starbucks you’d have to remember to somehow get the MAC address of the router, if anyone there knows it to begin with.

    There are 2 wireless networks accessable from where I work. I work in an office complex and apparently these wireless networks are in the area. One network has an encrypted password, probably WEP. One network is completely insecure. I can’t do anything to the secure network, but the insecure network is ripe for the picking.

    I hate to bring up my past, but I’ve been a hacker. If I wanted to hack into systems again I could do so from the comforts of my office. I wouldn’t have to leave the room, nor would I have to even worry about it being traced back to me. To my knowledge one cannot trace a wireless signal back to it’s source (the network card) but one can trace where the signal is being broadcast (the router). So if I really wanted to hack into systems, the easiest way to not get caught is to find an insecure wireless network. No need to login to 3-4 systems to hide my identity, I could do so from my own laptop with very little fear of being caught.

    I’ve not dealt with wireless networking personally aside from playing around with a computer with a wireless card. From a end-user standpoint wireless networking is a no-brainer. You turn on your computer, you set it up, and you go. You may need passwords and various things but those are supplied by the administrator. If you’re an administrator you have your work cut out for you. You have to configure the router, lock it down, and secure the network. You then have to make sure your end-users are using it properly to minimize the chance of attack. The problem with this is that your mom will buy a wireless router and card yet the wireless router isn’t really DESIGNED with an end-user in mind, or maybe their idea of an end-user isn’t your mother.

    You shouldn’t need certifications to secure a wireless network. You shouldn’t need training, huge manuals, or pay someone to do it for you. It should just work and be relatively painless to setup. For the most part this is not the reality we face right now which is really disturbing. It’s getting better but while manufacturers are taking their sweet time to respond your mom is getting hacked to hell and back.

    The only time a default unsecure network is even possibly beneficial is if you’re 100% sure of the area it covers. You’d have to be certain that it doesn’t extend beyond the walls of your house/office/whatever yet in many cases it does. No wireless equipment comes with a signal tester to verify the area of coverage so aside from you walking with your laptop around the house, you’d have no real way to verify how accessable your network is from the outside. Since you’ll never be 100% sure of the coverage area, it makes sense for the default to be secure. Now that there are umpteen ways to secure a wireless network, the manufacturer can play the "Since there’s no one secure standard, we’ll keep it unsecure until you pick which security method you prefer" card, which they seem to be doing. So we’re back to square one.

    I honestly don’t know what the best answer would be. Having it default to secure would be good but eliminating insecure wireless networks would be the more ideal goal. There’s way too many risks involved in running an insecure network. The sad thing is you’re liable for anything done from that wireless network so from a legal standpoint it’s a bad decision to not secure it.

  5. Charlie says:

    I just joined a company called Fortress Technologies and judging from my third day on the job, the Fortress solution appears to to very easy to set up and very secure. However, it is an enterprise class product and sold to the government, medical field and large enterprise customers, not for the consumer market.