Securing 802.11 wireless LANs

By Jim Geier, |  Networking

Another way to compromise a wireless LAN is to use specialized equipment to capture
information bits being sent over the air, decode them, and read the contents of email,
files, or financial transactions. This doesn't necessarily require the network ID
because the monitoring equipment doesn't need to establish a connection to the wireless
LAN. The equipment passively listens to the transmissions as they propagate through the
air. However, this process does require the proper monitoring equipment to correctly
demodulate the received spread spectrum signal.

This security problem also exists with wired Ethernet networks, but to a lesser
degree. Current flow through the wires emits electromagnetic waves that can be received
with sensitive listening equipment. This method necessitates a much closer proximity to
the cable to receive the signal, so the intruder must generally be within the physical
boundaries of the company.

To avoid this problem on the wireless LAN, use WEP to encrypt transmissions between
stations to avoid disclosure to eavesdroppers. WEP uses the href="">RC4 encryption
engine and a 40-bit key. Stations can also utilize WEP without authentication
services, but I recommend implementing both WEP and authentication to minimize your
vulnerability to packet snooping.

Stay tuned. Next time we'll discuss the wireless middleware that is critical for
maintaining reliable communications over a wireless network.

Join us:






NetworkingWhite Papers & Webcasts

See more White Papers | Webcasts

Ask a Question