How To Crack WEP – Part 3: Securing your WLAN


Defending Your Wi-Fi

After demonstrating in How To Crack WEP - Part 1 and Part 2 that WEP cracking is easier than you may have thought, I will now switch gears. In this last part of the WEP Crack How To, I will show you how to take a common sense approach to protecting your wireless network.

As any security professional knows, there is no such thing as perfect security. A good security plan takes into account the value of what needs to be protected, the cost of implementing the protection and the nature and skillset of the potential intruder in order to formulate an effective security plan. In other words, rather than implementing every defensive measure known to man, a more prudent (and cost-effective) approach may be to tailor your defense to the threats that you most likely face.

For example, wireless networks located in cities generally face more possible intrusions than those located in sparsely-populated areas. During the course of a day in a city, dozens, maybe hundreds of people may pass by your wireless LAN. And a car could also be parked outside your home for hours, without attracting notice. But a wireless AP located in a home on a ten-acre farm would be unlikely to see any client but its owner's and any unfamiliar vehicles would be noticed and investigated in short order.

Why Bother?

For some people, setting up a secure wireless network is so daunting, they give up and run it wide open, ie. unsecured. I also hear people say, "I just surf the web and have nothing valuable on my computer. Why should I bother with security?" Good question, but here are some equally good answers.

Running your WLAN wide open entails three major risks:

1) Your network resources are exposed to unknown users

Once someone wirelessly connects to your LAN, they have the same access as users directly connected into your LAN's Ethernet switch. Unless you have taken precautions to limit access to network resources and shares, intruders can do anything trusted, known users can do.
Files, directories, or entire hard drives can be copied, changed or entirely deleted. Or worse, keystroke loggers, Trojans, zombie clients or other programs can be installed and left to work for their unknown masters.

2) All of your network traffic can be captured and examined

With the right tools, web pages can be reconstructed in real-time, URLs of websites you are visiting captured, and most importantly passwords you enter stolen and logged for future mis-use, most notably identify theft.

3) Your Internet connection can be used for illegal, immoral or objectionable activities

If your open WLAN is used to transfer bootleg movies or music, you could possibly be the recipient of a lawsuit notice from the RIAA. In a more extreme case, if your Internet connection were used to upload child pornography to an FTP site, or used to host the server itself, you could face more serious trouble. Your Internet connection could also be used by spammers, DoS extortionists and purveyors of malware, viruses and their like.

It may be a noble sentiment to give free Internet access to anyone within range of your wireless LAN. But unless you put some serious protection between your "open" LAN and the one you use, you are exposing your data, and perhaps more, to serious risk.

The approach I'll take in formulating WLAN security recommendations is based on the expected skill level of potential wireless intruders. I'll then provide recommended security countermeasures for each skill level.

NOTE!NOTE: I will generally use "AP" (Access Point) throughout this article, but this should be read as meaning "Access Point or wireless router".