Introduction

In The Beginning

In early 2002, I concluded that having a laptop was probably a good idea. And a few months later, having a wireless link at home seemed an even better idea. Trailing a long cable around behind the laptop just wasn't all that great an idea. Thus began the saga of exploring the 802.11b networking scene.

I was aware of the security concerns with a wireless link. As the signals are broadcast, anybody within receiving distance can receive the transmissions, and/or use the network. While the snooping can be defeated by using ssh or other encryption methods, illicit use of the network (and specifically the connection to the internet) is more difficult. So the first step was to look at what the hardware has on offer.

Network Components

There are two basic styles of networking for a small area (read home) environment. One is ad-hoc, which involves just PCs with net cards connecting to one another. The second is managed, which uses an access point as a wireless hub and connection to a wired network. (Access points may be configured to connect to other access points too, but I don't need that.) As connection to the wired network was the most important requirement, the managed mode of operation was the style to adopt.

So there is a need for an acess point, and a wireless card for the laptop. But the access point needs to be plugged into something, so a net card was also required. For reasons to be explained later, the access point is not connected directly to the wired network.

Access and Privacy

As wireless is a broadcast system, anybody nearby can receive the transmissions. There are two major consequences of this:- The first is a problem of authentication - allowing only authorised access to the network. The second is one of privacy. The 802.11 standards have facilities to control both of these.

Privacy

Privacy requires some form of encryption, to make the data appear garbled without possessing the secret key. In the 802.11 world, this is implemented via WEP - Wired Equivalent Privacy. The same secret key is required at each end of the link. Which means that a key is set at the access point, and each legitimate user needs to also have a copy of the key.

WEP is available in 3 key lenghts - the number of bits used in the key. In a good system, the longer the key length, the more secure the system is against brute force attacks. A brute force attack is enumerating all possible keys until the garbled messages appear in the clear. The WEP key length can be set at 64, 128 or 256 bits. The 256 bit length is not as commonly supported as the other two.

The 802.11 specification breaks the key length into two parts. Twenty four of the bits are "factory set", and the remaining ones are set by the administrator and distributed to authorised users.

Authentication

There are several methods to control authorised access to the access point. These are MAC address (the 48 bit globally unique ethernet hardware address) filtering restricts which stations the access point will accept, or reject, depending upon its configuration.

The ESSID is an up to 32 character string used to provide a name to the network. The idea is that in an area where independent network signals overlap, the name will allow stations to connect with their network.

The shared secret is just that - a key which both ends know, and which is used during the initial exchange when a station is creating a connection to the base station. If the key tests pass, the station is accepted as legitimate.

Problems

Unfortunately, the implementation of WEP is flawed, and it is quite easy to determine the key. There are a number of programs available on the net to do this. It's a topic to be covered later.


Sparks Flying

Version: $Revision: 1.3 $; Updated at 15:47 EST on Tue Apr 11, 2006
Copyright (C) 2002 - 2006, Lindsay Harris