- MAC Filtering
MAC filtering is like handing a list of names to a doorman. If someone comes to the door and mentions a name, this name is checked by the doorman on his list and granted or denied access by this.
This means that if someone mentions the name of someone on the list (for example a name overheard while waiting in line for the door) he/she get's in.
In wireless networking, a simple network sniffer will reveal to you any clients associated with an access point, so you would know which "name" to give when visiting the access point and can change the MAC of your network card accordingly.
In short, this "security" would be breached in several seconds depending on how fast the one wanting to access your network can type a new MAC address.
- Antenna location and/or power adjustments
Some people might tell you that you should make sure the signal only gets to the area you want it to, rather than placing your access point in a place where you have enough coverage for the area you want to have covered and enough signal to cover all of that area.
Lowering the amount of power or placing the antenna in an area where you want to use the signal only causes you issues. Anyone wanting to access the network can always get a bigger antenna and/or a directional antenna to get the amount of signal they want.
Location and output of an access point should be adjusted for maximum coverage and minimum interference, but not as a security mechanism.
- Disabling SSID broadcasting
In short, disabling SSID broadcasting will only make it more difficult for clients to connect to the network, as you will have to enter the SSID of the network when connecting. However, as with the MAC address filtering, all you need to do is sniff the network to find the name. With clients connected (or even when they're not connected but only have the network configured) this is even easier to find, as clients will be broadcasting the SSID when they're attempting to connect to a network.
A great explanation of this can be found at http://technet.microsoft.c
om/en-us/l ibrary/ bb7 26942.aspx #EDAA
- WEP encryption
While WEP might stop the casual cracker from breaking into your network, with modern techniques the key can be decrypted in a matter of minutes. I don't want to show how to do it, but some of the details on the initial (2001) findings on the insecurity of WEP can be found at http://www.isaac.cs.berkel
- So, what you should you be doing?
So what is the best way to secure a wireless network?
Unless you have the ability to set up some form of authentication server, your best setup will use either WPA or WPA2 encryption (preferably with AES instead of TKIP) depending on what your hardware supports.
WPA2 was not created because a flaw was discovered in WPA; it just uses a longer key (WPA uses a 128 bit key and WPA2 uses a 256 bit key). In both cases they're not generated by the entered password; the password is "translated" after hashing used for authentication.
At this time, the only known successful crack on a WPA/WPA2 encrypted network is a dictionary attack on the passphrase used.
So to keep your network secure, make sure your passphrase contains letters, numbers and some special keys in random order. (You'll only have to enter it once on every connected device, so there's no need to remember it afterwards, but make sure you've written the key down somewhere and stored it safely so no unauthorized persons can find the key.)
- Warning on feeling secure with pre-generated keys
Although you're secured by either WPA or WPA2, you can still have one big security risk.
There is a huge security hole in some Speedtouch/Thomson modems that have been sent by providers to customers all around Europe and possibly other locations in the world.
A detailed description of the issue can be found at http://www.gnucitizen.org/
blog/defau lt-key-alg orithm-in- thomson-an d-bt-home- hub-router s/
Tools have been created to automatically generate possible keys out of the SSID's sent out by these devices. For example if you have a Speedtouch modem with the SSID "Speedtouch188DBB" your WEP/WPA key will be any of the following four keys: 763FF260D1, 819150ACBE, 02BB8DC9D0 or DF05A812A7
A one-out-of-four-keys suddenly doesn't look that secure anymore as all of those keys can be tried in a matter of seconds. So it is critical, if you are using one of these devices, that you reset the password.