WLAN security

From Teknologisk videncenter
Revision as of 08:20, 2 December 2009 by Heth (talk | contribs) (WEP)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Basic WLAN security

SSID

SSID - Service Set Identifier - identifies the network. SSID's are broadcasted from the Access Points so that the wireless clients can identify the wireless network. It is possible to configure the access points no to broadcast the SSID. Then the wireless clients must be configured with the correct SSID to connect to the wireless network. This do not however secure the network, because the wireless clients send the SSID in clear text to connect to the Access Point.

Authentication using MAC access control

It is possible to allow only certain MAC-address access to a wireless network, but MAC-addresses are easily spoofed by hackers. Ie. copied from sniffed packets.

WEP

WEP - Wired Equivalent Privacy - is a deprecated security protocol for wireless network. It can be cracked within minutes. WEP uses the stream cipher RC4 for confidentiality,[7] and the CRC-32 checksum for integrity. WEP uses a preshared key which is configured into the client. All clients uses the same preshared key, making the network vulnerable if a client is stolen. If a client is stolen a new preshared key must be configured on the Access Point and all the clients. Not a scalable solution. A WEP key consists of 40 or 128 bits.

Basic Security with WPA or WPA 2 Pre-Shared Key

WPA - Wi-Fi Protected Access - WPA or WPA-PSK (PSK = Preshared Key)