37
Appendix B: Wireless Security
A Brief Overview
Wireless-G Access Point
Appendix B: Wireless Security
A Brief Overview
Whenever data - in the form of files, emails, or messages - is transmitted over your wireless network, it is open
to attacks. Wireless networking is inherently risky because it broadcasts information on radio waves. Just like
signals from your cellular or cordless phone can be intercepted, signals from your wireless network can also be
compromised. What are the risks inherent in wireless networking? Read on.
What Are The Risks?
Computer network hacking is nothing new. With the advent of wireless networking, hackers use methods both
old and new to do everything from stealing your bandwidth to stealing your data. There are many ways this is
done, some simple, some complex. As a wireless user, you should be aware of the many ways they do this.
Every time a wireless transmission is broadcast, signals are sent out from your wireless PC or access point, but
not always directly to its destination. The receiving PC or access point can hear the signal because it is within
that radius. Just as with a cordless phone, cellular phone, or any kind of radio device, anyone else within that
radius, who has their device set to the same channel or bandwidth can also receive those transmission.
Wireless networks are easy to find. Hackers know that, in order to join a wireless network, your wireless PC will
typically first listen for "beacon messages". These are identifying packets transmitted from the wireless network
to announce its presence to wireless nodes looking to connect. These beacon frames are unencrypted and
contain much of the network's information, such as the network's SSID (Service Set Identifier) and the IP address
of the network PC or access point. The SSID is analogous to the network's name. With this information broadcast
to anyone within range, hackers are often provided with just the information they need to access that network.
One result of this, seen in many large cities and business districts, is called "Warchalking". This is the term used
for hackers looking to access free bandwidth and free Internet access through your wireless network. The marks
they chalk into the city streets are well documented in the Internet and communicate exactly where available
wireless bandwidth is located for the taking.
Even keeping your network settings, such as the SSID and the channel, secret won't prevent a hacker from
listening for those beacon messages and stealing that information. This is why most experts in wireless
networking strongly recommend the use of WEP (Wired Equivalent Privacy). WEP encryption scrambles your
wireless signals so they can only be recognized within your wireless network.