Wireless network security

From Freespire

Jump to: navigation, search
Wireless network security
Home-->Documentation-->Freespire User Manual-->Customizing & Managing Freespire-->Wireless network security < Back     Forward > 


Image:Wifi.png


Wireless networks are incredibly useful and flexible but are notorious for their poor security. This is an innate problem with this medium because an attacker does not need to be physically on the premises. Normal wired ethernet(it is an open standard networking protocol widely used across the world) relies on physical security of the wires to stop an attacker launching an attack from the inside. To create a wireless network with a similar level of security requires careful planning and some extra steps which may not be obvious to wired network administrators.

The following are techniques that can be used to provide a more secure wireless network, mainly for 802.11a/b/g networks though many of the techniques can be adopted to other forms of wireless networking:


  • Encryption can be used to encrypt the TCP/IP packets that are sent between the wirelessly connected devices. With the initial release of the 802.11 network specifications WEP was the only official method to do this. After much commotion over WEP's ability to actually secure a network, WPA was introduced. Linux supports WEP for most supported cards and WPA is now supported under Freespire 2.0.0.
[edit]

This is one of the easier methods

  1. Right-click the system tray network icon (KNetworkManager)
  2. Ensure the Encryption Protocol for the access point is set for WPA (hover over the Wireless Network)
  3. Select the access point
  4. Use Encryption > Encryption: WPA Personal or WPA Enterprise
  5. Password (enter WPA key)
  6. WPA protocol: Automatic (default)
  7. Connect

In the system tray, gears will turn and open KWalletManager to store the encryption key (establishing a wallet password). Once complete you'll be running wireless (future connections will only require entering the wallet password). (Thanks to Ken (Dr.Jones) for the description of this method.)


  • Signal shaping is both easy to do and difficult. It is the process of shaping the signal that is outputted from the access point so that it only covers the areas it needs to. This is to prevent the signal leaking to areas where an unauthorised user can receive signals. This is to alleviate the problem of people wardriving. Unfortunately, this is difficult to carry out if your access point doesn't allow you to alter the strength of the signal. It is also difficult to guage where the signal is going. Be careful because the signal is obviously going to be 3D. It will go up through the ceiling and down through the floors (only really a problem if you are elevated, say in an office building or flat).
  • RADIUS is a way of preventing unauthorised machines attaching to an access point. This is done using the MAC address of the adaptor trying to connect. It also stops crackers from impersonating another Access Point and attaching to your AP (to create a wide wired network).
  • Another popular method is to use encryption at a higher layer of the OSI model, namely between the TCP/IP and the WEP/WPA layers. Popular ways of doing this are using VPN's, IPsec and OpenSSL.
Retrieved from "http://wiki.freespire.org/index.php/Wireless_network_security"
Personal tools