Encryption – WEP and WPA
As we discussed under definitions, WEP encryption is a standard security option that is the default encryption for all OSI compliant network products. However encryption is not automatically turned on. If you leave the defaults so encryption is not used, critical information is moving through the air between your wireless devices including user names, passwords, credit card information or other sensitive information about your home is not secure.
Through “eavesdropping” a network hacker or spy can access volumes of information about your family from your network. Therefore make it a priority to turn on WEP encryption as soon as you set up your wireless network.
WEP encryption, while the standardized “plain vanilla” security encryption available, is not flawless. A clever hacker can find ways to break WEP encryption. A number of improved encryption protocols are available that were built upon the WEP model but provide much more sophisticated encryption algorithms and correspondingly, much better security.
WPA and TKIP are upgrades to WEP encryption that more securely protect your wireless network. It is worth your time to research how to go about implementing these improved security protocols.
MAC Addressing and Filtering
As we discussed under definitions, the MAC address is a hexadecimal number that represents the physical address of your network adapter, similar to an IP address.
Just as with SSID broadcasting, this is a key security code that allows the devices on your wireless network to talk with your network adapter. By keeping the MAC address secure, you can dramatically limit the ability of unauthorized persons to access your network.
Do not allow the MAC address to be broadcast. The method for filtering your MAC address is to manually enter the MAC address of your network card into your network access point devices. As before, it requires a little more work but make this part of your network development check list and you will have an increased confidence that your network security precautions were thorough.
Usually the MAC address of your network card is located on the device itself.
Dump the Defaults
So far we have seen that in all cases, the default broadcast permissions and addresses and passwords that come with a network device are a point of security concern. Default broadcasts of security codes are provided to make it easy for you to set up and take care of your network. Resist the instinct to “do it the easy way”. Put the extra effort into changing all defaults that might provide access to secure address or codes and to change preset passwords and user names in the devices you purchase to set your network initially or expand your network later.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.