Page 46 / 61 Scroll up to view Page 41 - 45
42
Appendix B: Wireless Security
Maximizing Wireless Security
Wireless-G Access Point
PCs unprotected by a firewall router should at least run firewall software, and all PCs should run up-to-date
antiviral software.
B.
WEP
Wired Equivalent Privacy (WEP) is often looked upon as a panacea for wireless security concerns. This is
overstating WEP's ability. Again, this can only provide enough security to make a hacker's job more difficult.
WEP encryption implementation was not put in place with the 802.11 standard. This means that there are about
as many methods of WEP encryption as there are providers of wireless networking products. In addition, WEP is
not completely secure. One piece of information still not encrypted is the MAC address, which hackers can use to
break into a network by spoofing (or faking) the MAC address.
Programs exist on the Internet that are designed to defeat WEP. The best known of these is AirSnort. In about a
day, AirSnort can analyze enough of the wireless transmissions to crack the WEP key. Just like a dictionary-
building attack, the best prevention for these types of programs is by not using static settings, periodically
changing WEP keys, SSID, etc.
There are several ways that WEP can be maximized:
a) Use the highest level of encryption possible
b) Use multiple WEP keys
c) Change your WEP key regularly
Current encryption technology offers 64-bit and 128-bit WEP encryption. If you are using 64-bit WEP, swap out
your old wireless units for 128-bit encryption right away. Where encryption is concerned, the bigger and more
complex, the better. A WEP key is a string of hexadecimal characters that your wireless network uses in two
ways. First, nodes in your wireless network are identified with a common WEP key. Second, these WEP keys
encrypt and decrypt data sent over your wireless network. So, a higher level of security ensures that hackers will
have a harder time breaking into your network.
Setting one, static WEP key on your wireless network leaves your network open the threats even as you think it is
protecting you. While it is true that using a WEP key increases wireless security, you can increase it further by
using multiple WEP keys.
Keep in mind that WEP keys are stored in the firmware of wireless cards and access points and can be used to
hack into the network if a card or access point falls into the wrong hands. Also, should someone hack into your
network, there would be nothing preventing someone access to the entire network, using just one static key.
Page 47 / 61
43
Appendix B: Wireless Security
Maximizing Wireless Security
Wireless-G Access Point
The solution, then, is to segment your network up into multiple groups. If your network had 80 users and you
used four WEP keys, a hacker would have access to only ¼ of your wireless network resources. In this way,
multiple keys reduce your liability.
Finally, be sure to change your WEP key regularly, once a week or once a day. Using a "dynamic" WEP key, rather
than one that is static, makes it even harder for a hacker to break into your network and steal your resources.
WEP Encryption
WEP encryption for the Access Point is configured through the Web-Utility's Setup tab. Select
WEP
from the drop-
down menu of Security Mode, which will open the WEP screen.
Select which WEP key (1-4) will be used when the Access Point sends data, then select that number as the
Default Transmit Key. Make sure the receiving device is using the same key.
If you wish to use a WEP Passphrase, it can be a maximum of 16 alphanumeric characters. This passphrase may
not work with non-Linksys products due to possible incompatibility with other vendors' passphrase generators.
The WEP Key can be generated using your Passphrase or you can enter it manually.
If you wish to enter the WEP Key manually, type the key into the appropriate Key field on the left. The WEP key
must consist of the letters "A" through "F" and the numbers "0" through "9" and should be 10 characters in
length for 64-bit encryption or 26 characters in length for 128-bit encryption. All points in your wireless network
must use the same WEP key to utilize WEP encryption.
Once the Passphrase is entered, click the
Generate
key to generate a WEP key.
Click the
Save Settings
button to apply your changes and return to the Setup tab or
Cancel Changes
to cancel
your changes. If you require online help, click the
Help
button.
C.
WPA
Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are
available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of two encryption methods: TKIP
(Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message
Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes
a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a
RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP.
WPA is accessed through the Web-Utility's Security Tab. Choose one of the following Security Modes from the
drop-down menu:
Figure B-1: The WEP Screen
Page 48 / 61
44
Appendix B: Wireless Security
Maximizing Wireless Security
Wireless-G Access Point
WPA Pre-Shared Key
If you do not have a RADIUS server, Select the type of algorithm, TKIP or AES, enter a password in the Pre-Shared
key field of 8-32 characters, and enter a Group Key Renewal period time between 0 and 99,999 seconds, which
instructs the Access Point how often it should change the encryption keys.
WPA RADIUS
WPA used in coordination with a RADIUS server. (This should only be used when a RADIUS server is connected to
the Access Point.) First, select the type of WPA algorithm,
TKIP
or
AES
. Enter the RADIUS server’s IP Address and
port number, along with a key shared between the Access Point and the server. Last, enter a Group Key Renewal
period, which instructs the Access Point how often it should change the encryption keys.
RADIUS
WEP used in coordination with a RADIUS server. (This should only be used when a RADIUS server is connected to
the Access Point.) First, enter the RADIUS server’s IP Address and port number, along with a key shared between
the Access Point and the server. Then, select a WEP key and a level of WEP encryption, and either generate a
WEP key through the Passphrase or enter the WEP key manually.
Figure B-4: The Radius Screen
Figure B-3: The WPA Radius Screen
Figure B-2: The WPA Pre-Shared Key Screen
Page 49 / 61
45
Appendix C: Upgrading Firmware
Wireless-G Access Point
Appendix C: Upgrading Firmware
The Access Point's firmware is upgraded through the Web-Utility's Help tab. Follow these instructions:
1.
Download the firmware from Linksys's website at
www.linksys.com
.
2.
Click the Web-Utility's
Help
tab, and click the
Upgrade Firmware
button.
3.
From the
Upgrade Firmware
screen, enter the location of the firmware's file or click the
Browse
button to
find the file.
4.
Then, click the
Upgrade
button to upgrade the firmware.
Figure C-1: Upgrade Firmware
Page 50 / 61
46
Appendix D: Windows Help
Wireless-G Access Point
Appendix D: Windows Help
All wireless products require Microsoft Windows. Windows is the most used operating system in the world and
comes with many features that help make networking easier. These features can be accessed through Windows
Help and are described in this appendix.
TCP/IP
Before a computer can communicate with the Access Point, TCP/IP must be enabled. TCP/IP is a set of
instructions, or protocol, all PCs follow to communicate over a network. This is true for wireless networks as well.
Your PCs will not be able to utilize wireless networking without having TCP/IP enabled. Windows Help provides
complete instructions on enabling TCP/IP.
Shared Resources
If you wish to share printers, folder, or files over your network, Windows Help provides complete instructions on
utilizing shared resources.
Network Neighborhood/My Network Places
Other PCs on your network will appear under Network Neighborhood or My Network Places (depending upon the
version of Windows you're running). Windows Help provides complete instructions on adding PCs to your
network.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top