WLAN security
Contents
Basic WLAN security
SSID
SSID - Service Set Identifier - identifies the network. SSID's are broadcasted from the Access Points so that the wireless clients can identify the wireless network. It is possible to configure the access points no to broadcast the SSID. Then the wireless clients must be configured with the correct SSID to connect to the wireless network. This do not however secure the network, because the wireless clients send the SSID in clear text to connect to the Access Point.
Authentication using MAC access control
It is possible to allow only certain MAC-address access to a wireless network, but MAC-addresses are easily spoofed by hackers. Ie. copied from sniffed packets.
WEP
WEP - Wired Equivalent Privacy - is a deprecated security protocol for wireless network. It can be cracked within minutes. WEP uses the stream cipher RC4 for confidentiality,[7] and the CRC-32 checksum for integrity. WEP uses a preshared key which is configured into the client. All clients uses the same preshared key, making the network vulnerable if a client is stolen. If a client is stolen a new preshared key must be configured on the Access Point and all the clients. Not a scalable solution. A WEP key consists of 40 or 128 bits.
- See Wikipedia on WEP
Basic Security with WPA or WPA 2 Pre-Shared Key
WPA - Wi-Fi Protected Access - WPA or WPA-PSK (PSK = Preshared Key)
- See Wikipedia on WPA