How to Secure a Wireless Network

Updated: April 14, 2021
Published: November 3, 2020

ComputerGeek

Pentester, coffee maker and aspiring cyber security journalist.

Share This Post:

Learning how to secure a wireless network is a basic tasks that any networking professional must master. In today’s day and age of mobile computing, wireless has become a new gateway into networks and security issues. We need to understand how to secure wireless networks so all the network infrastructure is secure

Encryption

Wireless encryption turns the network from an open to closed network and is probably the most important component to keeping:

Data private while in transit.
Unauthorized users off of the network.

There are a number of wireless encryption standards

WEP: Wired Equivalency Protocol
- Original Protocol
- Utilized a pre shared key
- Easily Broken. There is an innate flaw in the mathematics behind the encryption in that the shared key can be derived based on captured packets.
- Do not use.
WPA: Wifi Protected Access
- Temporary enhancement for WEP.
- Used TKIP: Temporal Key Integrity Protocol to encrypt the packets.
- Mid Level Security
  - Still crackable, but requires more work than WEP
WPA2: Wifi Protected Access 2
- 802.11 standard
- Uses AES – Advanced Encryption Standard
- Approved for top secret use on a WAP.
- Uses preshared key or authentication through a radius server.
  - Can use active directory to authenticate vs preshared key
WPS: Wifi Protected Security
- Push a button on your WAP and device to synchronize the two.
- The upside is that this easy to do
- The downside is that this is insecure and can be broken.
  - The key they are using is not super long,
  - It is very short and can be iterated through by a stronger machine.

Device Signal & Placement

Not as important security wise as encrypt.
Where do we put our WAP devices and how do modify the range of the wireless signal.
We want to prevent the wireless signal from bleeding out of the work space.
- This opens up an attack vector for someone to attack network from outside the office.
- Requires use of unidirectional antennas and properly calibrated wireless ranges.

A History of Implementing WiFi Security Measures

WAP Settings

There are a number of settings on the wireless access points that can be used to improve security

SSID – Service Set ID

Name used by router.
Most noticeable aspect of a WAP
May want to turn off SSID broadcast.
- Requires you knowing the SSID name in order to connect.
- Can still be found with a sniffer.
Change from default setting.

DHCP – Dynamic Host Configuration Protocol

DHCP leases IP addresses
May want to disable.
- Can statically set IP address for allowed machines.
- Forms a type of layer 2 security as unauthorized computers can’t get an IP address easily.
- Handing out IP addresses lets an attacker know your range of IP addresses.

MAC Filtering

Every device has a network interface card
Each NIC has a globally unique MAC address (Layer 2)
- Create an access control list for MAC addresses
- MAC filtering allows you to allow only specific MAC addresses to connect to the network.

Learn More:

How Do Wireless Network Attacks Work

Share This Post:

Leave a Reply Cancel reply

Linux Basics

How to Troubleshoot a Linux System

The entire job description of being a Linux administrator can be summed up as as simply knowing how to troubleshoot a Linux system because if

February 13, 2021 No Comments

Networking

What are Networking Protocols?

When trying to connect computers, it is not as simple connecting two machines to one another, they need to know how to package, process and

October 14, 2020 3 Comments

Security

Understanding Basic IT Security Principles

Before diving into the inner workings of cybersecurity, you need to have an understanding of basic IT security principles. In this article, Secur provide aspiring

March 24, 2021 No Comments

Networking