How secure are 802.11b wireless networks?

This question was answered on March 18, 2002. Much of the information contained herein may have changed since posting.

The 802.11b wireless networking standard with its ease of use and relative low cost has made it a very popular technology Millions of households that were never 'wired for data' are using this technology to share high-speed connections from anywhere in or around the house (like by the pool)!

Businesses are also using 802.11b to increase productivity by allowing access to corporate networks and the Internet from lunchrooms, conference rooms or virtually anywhere on the companies 'campus'.

Before I go into the security of 802.11b, let me give you my two cents on network security and hackers in general.

In my opinion, there is no such thing as a totally secure network Virtually every security measure ever created has been hacked or exploited and since we can't take the weakest link in the chain (humans) out of the equation, most security schemes are only as good as the users that configure and use them.

That having been said, most hackers won't waste time trying to hack into a network unless they have a pretty good idea what is on it.

The biggest problem with 802.11b products is that they come from the factory with all of the security measures turned off Security measures create roadblocks, which create support calls for manufacturers, so they assume that if you know what to do, you will do it and if you don't, ignorance is bliss.

An encryption scheme called WEP (Wired Equivalent Privacy) is built into every 802.11b product, but it must be activated and configured on both the access point and any device that intends to use it

802.11b uses unregulated public airways operating at 2.4 GHz (same as some cordless phones) which has given rise to terms such as 'drive by hacking' and 'war driving' If you install a wireless access point in your home and don't turn on the encryption, anyone with a wireless network card (and no life!) could literally drive by your house and connect to your home network

Not only can they make use of your Internet connection without your knowledge, but they could potentially access data on your local hard drive if you have shared it, so be sure to start by activating WEP (read the manual).

WEP has come under fire for being 'full of holes' and very 'hackable' but the reality is that someone would have sit in your driveway or parking lot for 8 or 9 hours before they could even begin to mount an attack on your network And the less traffic there is on your wireless network, the longer it would take to mount an attack.

For most home users, simply activating WEP and turning off any local shares is adequate protection, because frankly speaking, there isn't much worth 'hacking' on most home networks that would make it worth the time needed to do so.

For corporate users, MAC address authentication (read the manual), a VPN (Virtual Private Network) and more sophisticated wireless products from companies such as Cisco (www.cisco.com) and ORiNOCO (www.orinoco.com) will all help create more of a deterrent than just using WEP.