Is your WLAN secure?
I had a bit of a fright the other day. I was looking around the internet trying to learn about wireless network security when I happened upon an article detailing “How To Crack 128-bit Wireless Networks In 60 Seconds“. I’m not posting that link as a tutorial on how to steal your neighbor’s internet account, but rather as a few tips on how to keep your neighbor from stealing your internet account.
To make a long story short, when I set up my wireless card and the wireless DSL modem from my ISP, both companies sent documentation detailing how to enable and encouraging the use of WEP (Wired Equivalent Privacy). Neither company bothered to mention in their paperwork that the 64-bit WEP encryption they were talking me through setting up could be broken in a minute or less by anyone who knew how to find the right packet sniffer program.
I learned on my own that WPA-PSK encryption is a MUCH safer alternative. While I doubt that any security system is going to be truely 100% foolproof, I am a firm believer in making things as difficult as possible for a would-be attacker.
WPA-PSK has you create a passphrase that is between 8 and 63 characters. Longer is better, and dictionary words are bad. I found this page that creates random passphrases and then changed several characters in the result it gave me.
Once you’ve got your 63-character passphrase, your network SSID is then encrypted with that passphrase. This produces a 256-bit key that your network’s outgoing packets are encrypted with. As an added security measure, after a certain period of time (6 minutes, for example) the key is changed, so anyone trying to crack it has to start over.
As I said, I doubt any security system is 100% effective, but this seems to be xclose enough for me.
Technorati Tags: wap-psk, wap, wep, wireless, network, secrity
