RTA Information Technology
Certified, Reliable Care for Computers and Networks

480-345-8399
1740 East Knox Road
Tempe, Arizona  85284

Wireless Networking and Security
A Practical Guide to Secure WiFi
Myron Johnson, MCSE: Security: 2003
RTA Information Technology, Tempe, Arizona

Wireless networks (WiFi) are a great for connecting a laptop to the Internet or to the rest of your office or home. With WiFi connections now at 100Mbps and higher, wireless is as fast as many wired networks. It's especially good for Internet connections, where the speed of WiFi far exceeds the speed of the fastest Internet connections.

But what about security? Well, be careful.
By default, most WiFi routers have ZERO security. This means that ANYBODY can join your wireless network. ANYBODY can read transmissions to and from the Internet and your PC. Type in your password on an unencrypted Internet site and anybody within listening distance can, potentially, know your password.

How far is "listening distance"? Well, the current record for WiFi transmissions is about 150 miles. Realistically, somebody with a suitable antenna and the right software can read your transmissions from a block away. Hackers recently broke into a major discount store's wireless network from the store's parking lot.

How to avoid this misfortune? It's easy!

Implement WiFi encryption. That rejects unauthorized users and keeps strangers from reading everything you type and browse on the Internet. It also keeps others from using your Internet connection, possibly for illegal purposes.

There are two common encryption protocols:
WEP
WPA

Plus:
802.1x Authentication helps limit which computers can log onto your network.

WEP is the oldest (and still most common) protocol. It has been broken by determined hackers and is best used only if there's no better alternative. But if you have a choice between NO encryption and WEP, definitely go with WEP.

WPA is newer and available on all recent WiFi routers and WiFi network cards. WPA is considered quite safe. Its weakest spot is the complexity of the password used to create the encryption key. A long encryption key will ensure the security of your WPA connection.

802.1x is extremely secure method for authentication, but requires a Windows Server and some specialized training to implement. RTA Information Technology can easily install 802.1x encryption at your business.

Turning on Wireless encryption requires similar steps when using WEP or WPA:
1) Enable encryption on your WiFi router.
2) Select the type of encryption desired (WEP or WPA).
3) Enter a Public Shared Key (PSK). Be sure to use a long and complex Key.
4) Enable encryption on your PC's WiFi card.
5) Select the same type of encryption.
6) Enter the same Public Shared Key as on your Router.

That's it!

There are additional steps that some take to increase WiFi security, including:
a) MAC address filtering
b) Turning of SSID (network name) broadcast
c) Changing the SSID name to something different than the default name (i.e. "Default").

RTA recommends performing Step c) Changing the SSID. We believe the other two Steps increase usability without substantially improving security. But don't change it to the name of your business or household. Don't tell a potential hacker who's he's talking to.

We can quickly set up a suitable WiFi network for your home or office. We can also help with range problems and making WiFi work across a large office or home and across multiple floors. Call us for a quick evaluation of your needs. 480-345-8399