28
Appendix B: Wireless Security
What Are the Risks?
Wireless-B Ethernet Bridge
examples below, your implementation and administration of network security measures is the key to maximizing
wireless security.
No preventative measure will guarantee network security but it will make it more difficult for someone to hack
into your network. Often, hackers are looking for an easy target. Making your network less attractive to hackers,
by making it harder for them to get in, will make them look elsewhere.
How do you do this? Before discussing WEP, let’s look at a few security measures often overlooked.
1) Network Content
Now that you know the risks assumed when networking wirelessly, you should view wireless networks as you
would the Internet. Don’t host any systems or provide access to data on a wireless network that you wouldn't put
on the Internet.
2) Network Layout
When you first lay out your network, keep in mind where your wireless PCs are going to be located and try to
position your access point(s) towards the center of that network radius. Remember that access points transmit
indiscriminately in a radius; placing an access point at the edge of the physical network area reduces network
performance and leaves an opening for any hacker smart enough to discover where the access point is
transmitting.
This is an invitation for a man-in-the-middle attack, as described in the previous section. To perform this type of
attack, the hacker has to be physically close to your network. So, monitoring both your network and your property
is important. Furthermore, if you are suspicious of unauthorized network traffic, most wireless products come
with a log function, with which you can view activity on your network and verify if any unauthorized users have
had access.
3) Network Devices
With every wireless networking device you use, keep in mind that network settings (SSID, WEP keys, etc.) are
stored in its firmware. If they get into the hands of a hacker, so do all of your settings. So keep an eye on them.
4) Administrator Passwords
Your network administrator is the only person who can change network settings. If a hacker gets a hold of the
administrator's password, he, too, can change those settings. So, make it harder for a hacker to get that
information. Change the administrator's password regularly.