|
| |
|
 |
 |
 |
| |
Wired
Equivalent Privacy WEP: |
Wired
Equivalent Privacy WEP is a scheme
that is part of the IEEE 802.11Wireless
networking standard to secure
IEEE 802.11 wireless network.
As the name suggests this was
supposed to give you the protection
level equal to the wired network.
You can enable it as 64 bit, 128
bit or 256 bit but generally 128
bit. An example of 128 bit WEP
key is “1e223e113bd49f28987193eace”
notice that simply the combination
of 26 random digits and characters
will give you a WEP key. Several
serious weaknesses were identified
by cryptanalysts, and WEP was
superseded by Wi-Fi Protected
Access (WPA) in 2003, and then
by the full IEEE 802.11i standard
(also known as WPA2) in 2004.
Today it became the game of children
to break into the WEP networks.
There are even totally free utilities
available to crack WEP encryption
and sometimes I feel funny even
calling it Protection. But of
course something is better then
nothing and having WEP enabled
at least is at least better then
having no protection at all. |
| Wireless
Router/Access Point Default Setup: |
Default
setup in most of electronics is
a very useful thing. When something
goes wrong, all you need to do
is to restore the default setup
and you are done. Most of the
people do not even bother to change
the default settings, either because
they are too lazy to do it or
they think that the default settings
are configured by the manufacturer
as the best performance settings
so no need to change them. Of
course I would not say that one
should change everything, but
there are always some settings
which should be changed as soon
as possible. Talking about the
wireless Routers and AP, you must
consider changing the at least
SSID, Password, Encryption, |
What
can we do other then enabling
encryption?
|
Media
Access Control (MAC): |
Every
wireless terminal has a unique
MAC address on its WLAN card.
You can control the access to
your network by manually maintaining
a set of allowed MAC addresses.
Theoretically this will block
every wireless terminal to access
your network which has a MAC address
that is not listed in the MAC
filtering list even if no encryption
is enabled. But it is not that
simple, if this could happen then
there was no headache anymore.
Crackers can even spoof the MAC
addresses and gain access that
way. So it is recommended to enable
MAC filtering but not without
proper encryption preferably WPA.
If your device does not support
WPA/WPA2, you can still use WEP
encryption with SSID broadcast
disabled and MAC filtering enabled.
I would like to add here that
even if you do not want to enable
the MAC filtering, at least keep
having a look once in a while
at the MAC addresses stored automatically
by your Router in the logs. The
Router stores some useful information
of terminals connected to it.
For example the MAC address, IP
address, Terminal name etc. This
can help you find out if your
network is being penetrated. |
|
|
|
|
 |
 |
 |
|
|
|
|
|
