Bandwidth theft and data piracy: Protecting your WLAN from attackers
Karlsruhe, Germany - Wireless LAN (WLAN) is a convenient way of surfing the internet. The technology allows users to connect several computers together wirelessly, without an entire jungle of cables running everywhere. Even so, the lack of physical transmission lines also makes it relatively easy for outsiders to tap the network. After all, wireless signals don't stop dead at your front door. Therefore, a few simple steps should be taken to protect a WLAN network against unauthorized access.
The primary reason for WLAN surfers to secure their connection is to protect their privacy, says Roland Bless from the Institute of Telematics at the University of Karlsruhe. Otherwise, attackers could try to penetrate an unprotected or poorly protected WLAN network to then send spam e-mail messages out.
WLAN owners can face legal problems, if a third party uses the network to commit criminal offences such as illegal downloads. In that case only the IP address of the computer or router serving as the portal to access the internet will be visible to investigators.
"And the owner then bears responsibility," Bless says. To prevent such scenarios from occurring, WLAN owners should set the entry barriers for their network as high as possible.
The basic step to securing a WLAN network is turning on the WLAN router's encryption technology, explains Thomas Rau from computer magazine PC-Welt in Munich. A helpful wizard for doing so is generally available on the installation CD included with the router.
"It is used not just to set up the router and internet connections, but the encryption as well," Rau says. Alternatively, the user can access the router's configuration menu straight from a browser and change the settings manually.
For newer devices, the WPA2 mechanism based on the AES system is the most common encryption standard, Bless explains. The original encryption standard was known as WEP. While it offers more protection than no encryption at all, it is no longer considered difficult to crack.
"It takes only about two minutes to hack - and then a stranger is on your network," explains Erik Tews from the Centre For Advanced Security Research Darmstadt (CASED).
"WPA2 should offer high security for a few more years yet," Bless says. When setting up the WLAN, the user sets up an initial Pre-Shared Key (PSK). This is used at the beginning of each session to negotiate a new session key between the end device and the base station - a necessary first step in data encryption.
The password for the WPA2 encryption should be selected carefully, Tews recommends. Many routers come with WPA2 already activated using a pre-configured PSK. Users should always replace the pre-configured key with a longer code, preferably with 64 characters and many special characters. (dpa)