Wireless-B Ethernet Bridge
PCs unprotected by a firewall router should at least run firewall software, and all PCs should run
8) WEP
Wired Equivalent Privacy (WEP) is often looked upon as a panacea for wireless security concerns. This is overstating WEP's ability. Again, this can only provide enough security to make a hacker’s job more difficult.
WEP encryption implementation was not put in place with the 802.11 standard. This means that there are about as many methods of WEP encryption as there are providers of wireless networking products. In addition, WEP is not completely secure. One piece of information still not encrypted is the MAC address, which hackers can use to break into a network by spoofing (or faking) the MAC address.
Programs exist on the Internet that are designed to defeat WEP. The best known of these is AirSnort. In about a day, AirSnort can analyze enough of the wireless transmissions to crack the WEP key. Just like a dictionary- building attack, the best prevention for these types of programs is by not using static settings, periodically changing WEP keys, SSID, etc.
There are several ways that WEP can be maximized:
a)Use the highest level of encryption possible
b)Use multiple WEP keys
c)Change your WEP key regularly
Current encryption technology offers
Setting one, static WEP key on your wireless network leaves your network open the threats even as you think it is protecting you. While it is true that using a WEP key increases wireless security, you can increase it further by using multiple WEP keys.
Keep in mind that WEP keys are stored in the firmware of wireless cards and access points and can be used to hack into the network if a card or access point falls into the wrong hands. Also, should someone hack into your network, there would be nothing preventing someone access to the entire network, using just one static key.
Appendix B: Wireless Security | 30 |
What Are the Risks?