Friday, May 2, 2008

Securing your wireless network

In a previous post I questioned the utility of securing your wireless network. Nonetheless, suppose you do want to secure it. Ars Technica has this great post on the ABCs of securing your wireless network. Check it out if you're at all concerned about the issue. Here's the bottom line:

Generally speaking, any router that supports WPA is "good enough" in terms of its overall security. WEP, as we've previously stated, is an "only if you must" protocol, but it's still a better option than transmitting in the clear.

WEP (Wired Equivalent Privacy) is an older security standard than WPA (Wi-Fi Protected Access). While there are different flavors of WPA available, Ars Technica notes that the differences between them are small compared to the improvement of WPA over WEP. So use WPA (unless you want your Nintendo DS to connect to your network--the DS doesn't support WPA).

Early in the article they debunk various myths that: more harm than good by lulling the end-user into a false sense of security.

These include hiding or changing the SSID (the name of your wireless network), disabling DHCP, or filtering MAC addresses. This last method happens to be the one I use currently. From a security perspective:

The problem with filtering by MAC address, however, is that these addresses are easily faked and readily detected by anyone using appropriate monitoring software.

However, it may be appropriate given my earlier post about not really needing security:

...filtering MAC addresses is the only one with even a minimal level of value. MAC address filtering can keep obnoxious and non-tech-savvy neighbors from easily freeloading on your wireless network, but it won't do much else.

No comments:

/* Google Analytics tracking */