24 Dec 05
How secure is it?
Now that we have your wireless network set up and secured, I want to discuss how effective this security is. Because your data is flying through the air, it is possible for an unauthorized person to access your data or use your network. Even though you are using encryption, the sad truth is that all computer security can be cracked with enough knowledge and effort. WEP has a well know weakness in what is called the initialization vector (IV). Basically, the sender of each packet sends part of the decryption key in clear text that anyone can capture and read, and that leads to a way to crack the entire encryption key. Once the encryption key is cracked, it is trivial to configure a connection to access the network.
Because the question of security is large, I'm going to narrow it down to the question of "What are the chances that an unauthorized person will access your wireless network." The answer has two parts. The first part relates to human nature. Most bad hackers (yes, there are good one's) just want to access some network, not necessarily your network. Because there are many unsecured wireless networks to choose from, the fact that you are using any form of security drastically reduces the chances of an authorized person even attempting to connect. They will simply move on to a less protected network, and there are plenty out there.
The second part of the answer relates to when someone does try to target your network specifically for some reason. Your security in this case depends entirely on the type of encryption that you use and the Key that you choose. A network using 64-bit encryption and a weak password (easily guessable) can be cracked by a skilled person in a few seconds . Scary huh?
Now, if you use 128-bit encryption like I suggested and you choose a strong password (difficult to guess), then it could take more like an hour to crack your network. This is a little better, but for real security, you should use WPA.
WPA, or Wifi Protected Access, is a wireless encryption method that was designed to fix the main security holes in WEP. If all the devices in your network support WPA, I suggest you use it instead of WEP. Configuring WPA is very similar to configuring WEP except that WPA uses an alphanumeric pass phrase instead of a hexadecimal key. Instead of putting in 26 random numbers, you can use any combination of between 8 and 63 letters, numbers, and special characters.
How good is WPA encryption? It depends on the version and your pass phrase. With only 4 packets of data, which can be captured in as little as 5 minutes, a skilled person could crack a network protected with a weak pass phrase in a short amount of time. How short depends on how lucky the cracker is. Current methods of cracking WPA rely on a dictionary attack. This means that a lucky person could guess your pass phrase in a few hours, while an unlucky person could spend several days working on it.
A strong pass phrase would force a cracker to use a more brute force attack, and it could take them several years to crack your network. This means that the strength of your WPA encryption is really up to you. Even more comforting is the fact that if you change your WEP key the cracker has to start the process all over again, making a network which routinely changes its password a very difficult target.
Also, there is a second version of WPA capable of using a slightly different encryption algorithm know as AES. Currently, there are no widely know methods to successfully crack WPA2 using the AES algorithm in any reasonable amount of time. Few people will put in the effort to crack such a network.
24 Sept 07