Wireless networks are somewhat less secure that wired networks, because of the fact that one can easier access the network if he is in the coverage area of the access points. Of course, there are various barriers in any wireless network that from the so called basic security which can stop the unintended access of persons that are foreign to the network and that are simply situated in the coverage area. But when it comes to a trained hacker that wants to access that network, these basic defenses won’t give them too many headaches.
The security methods that have been provided to wifi networks assure a rather low security level, and this is why additional security measures must be taken. In June 2004, a new wireless standard named 802.11i has been approved, and this standard does improve wireless security. The basic wireless security is assured by the following included functions:
– Media Access Control
SSID is a code that defines the belonging to a certain access point of a wireless network. All wireless devices that want to communicate through a network must have their own SSID, which will have the same value as the one found in the access points’ setting in order to make a valid connection. Normally, an access point sends out its SSID every couple of seconds. This way of operating can be stopped so that a person with bad intentions can not discover the SSID automatically and therefore the access point. But, because SSID is included in every wireless sequence’s beacon, it is very easy to detect if someone has monitoring equipments that allows him to find out its value and to connect to the network.
WEP can be used to ameliorate the problem of continuously transmitting the SSID through encrypting the traffic between the wireless clients and the access point. This is done by creating a shared password. The access point transmits to the wireless client a request that the client must send back encrypted. If the access point can decrypt the client’s answer, it has the proof that the client has the right wireless key and has a right to enter the network. WEP has two encrypting possibilities: a key at 64 bits or at 128 bits. Of course, WEP doesn’t assure the ultimate security level. A hacker that is equipped with the before mentioned monitoring devices can receive and register at first the request and then the encrypted answer, and from here on he can determine the network key.
MAC verifying can also raise the network’s security, if the administrator uses MAC address filtering to enter the network. This means the access pint is configured with the MAC addresses of the clients that are allowed to enter that network. If someone else captures an address and the uses it to enter the network, any access point or router has a configuration page where you can see the number of connections from a specific address, so you can determine whether someone else is connected to your network or not.