What Can Be Done to Secure a Wireless Network?
The two primary areas of concern are eavesdropping and unauthorized access. Encryption algorithms such as WEP and WPA protect against eavesdropping by scrambling data sent over the wireless connection so that only network hosts that have the network shared key or certificates can decrypt the information. WEP and WPA also support authentication in that hosts attempting to connect to the wireless network are denied access unless they can provide the network pre-shared key or authorized certificate.
WEP (Wireless Equivalent Privacy) is the oldest of the wireless encryption standards. WEP depends upon a relatively weak security algorithm using RC4 encryption and shared security keys that are trivial to break. Free applications are available for download on the Internet that can crack WEP encryption in minutes (with no advanced computer skills required). WEP should be considered a last resort for wireless security. If your wireless network only supports WEP encryption, upgrade the wireless hardware and software to equipment that supports the stronger encryption algorithms below.
WPA-PSK (WiFi Protected Access with Pre-Shared Key) provides slightly better security than WEP. WPA-PSK also employs a pre-shared key similar to WEP and still uses the RC4 algorithm for encryption. However WPA improves upon WEP through the use of the TKIP algorithm that generates new keys periodically and also detects tampering when packets have been altered. The theory behind WPA security is that if keys used to secure the network are changed often enough, then by the time the key is cracked, the key has already been replaced by a new key, invalidating the cracked key. So is WPA secure? Not really, as I will explain in a moment.
WPA2-PSK improves upon WPA-PSK by employing the AES encryption algorithm rather than relying upon RC4. AES (Advanced Encryption System) uses the Rijndael encryption algorithm that yet to be cracked outside a lab in real-world networks. WPA2-PSK is highly recommended over the aforementioned algorithms simply because it uses AES.
So what’s the catch? A combination of basic Linux skills and 802.11 wireless network protocol knowledge is all that a hacker needs to access to your wireless network without cracking an encryption algorithms. They can overwhelm the wireless AP/router with a flood of packets so that wireless network hosts lose connection to the AP. When the hosts attempt to associate with the AP again, they capture the four packets sent during host authentication and then use downloaded password cracking software to reveal the passphrase.