Access Point-Based Security Measures
For WLANs, the first step in security hardening is to focus on the access point. Since the AP is the foundation of wireless LAN data transfer, you must ensure that it is part of the solution, instead of the problem.
WEP
You might be wondering why we have listed WEP as a method of protection. Although it has many palpable weaknesses, there is still one major advantage to enabling WEP: It will thwart the casual hacker to the point where he goes looking for an easier target.
It is true that the current version of WEP is crackable. However, most of the people who would attempt to access your wireless network will not want to put forth the effort required to crack WEP. The curious hacker will see that your network is using WEP and bypass it for an open network next door. The script kiddie will also bypass the WEP-protected WLAN because she will not have the patience or the aptitude to successfully penetrate the protection. Using a popular program such as NetStumbler, a hacker can easily spot the WEP-protected networks as well as your neighbor's open one. Which network do you think would be the victim.
In other words, by enabling a protection that is minimally effective, you can eliminate 99% of your threat. Similar to a car lock, WEP will protect your network from passers-by; however, just as a dedicated thief will quickly bypass the lock by smashing a car window, a dedicated hacker will put forth the effort to crack WEP if it is the only thing between him and your network.
In this tutorial:
- Securing the WLAN
- Access Point-Based Security Measures
- MAC Filtering
- Controlling the Radiation Zone
- Defensive Security Through a DMZ
- Third-Party Security Methods
- VPNs
- Funk Steel-Belted Radius
- Central User Administration
- Central Hardware Administration
- Securing Your Wireless LAN
- RADIUS Accounting
- WLAN Protection Enhancements
- AES