Understanding the importance of securing a wireless network requires you to be aware of the issues resulting from not securing your network:
Real-time Traffic is Compromised
Network is Open for Others to Connect
First, lets take a look at what a Wi-Fi eavesdropper can see when you send an e-mail over a wireless network without encryption. To do this, I sent an e-mail (shown in Figure 1) from a computer on a wireless network with Microsoft Outlook using a POP3 account.
At the same time, I captured packets from the network on my laptop using a free tool called Ethereal. As shown in Figure 2, youre able to see exactly what was in the e-mail. Just imagine if this was an e-mail containing real sensitive information, and someone passing by in their car captured the wireless packets.
If that isnt bad enough, see what I captured in the packet trace shown in Figure 3 when I synchronized my e-mail. This sensitive information includes the login information for the POP3 account! It clearly shows the main server, user name and password for the account.
To clarify, the administrator of this wireless network could have changed the default SSID, disabled SSID broadcasting, enabled MAC address filtering, and many others things; however, we would still see the same information in Figures 2 and 3.
You should also note that I did capture these packets in Ethereal via an Ethernet connection to the test network. It is possible, though, to use Ethereal to capture packets using a wireless adapter. This brings up another issue: make sure the wired connections to your network are secure, because interlopers can capture any of the Ethernet traffic.
Now that you understand the importance of Wi-Fi security, you should implement methods like those discussed below to ensure your sensitive information is secure.
To Secure Real-time Traffic
To Prevent Others from Connecting
Keep in mind that the use of encryption is the only method that adequately secures the real-time traffic, such as e-mails and Web browsing, on your wireless network. Most other security methods, such as MAC address filtering and disabling SSID broadcast, are intended to help prevent others from successfully connecting to the wireless network.
You can never be sure that your wireless network is completely secure. However, implementing multiple security methods means it will be much more difficult for Wi-Fi eavesdroppers to capture readable real-time data.
When youre using an unsecured wireless network, such as a hotspot in a hotel, cafe, airport or any other public location, you should take steps to make sure your sensitive information isnt exposed:
Secure Your Real-time Traffic
Prevent Others from Connecting to Your Laptop
A VPN connection encrypts any data sent from your wireless adapter all the way to the VPN server and vice versa, therefore providing end-to-end encryption. Along with providing a great way to secure the data, this also enables access to the remote network hosting via VPN server, which is often used in businesses. If you arent provided with a VPN connection by your employer, you can either set up your own server, for example using Windows XP, or use a subscription-based, hosted service such as JiWires SpotLock.
Eric Geier is a computing and wireless networking author and consultant. Hes employed with Wireless-Nets, Ltd., a consulting firm focusing on the implementation of wireless mobile solutions and training. Eric is also an author and contributor of several books and eLearning (CBT) courses.
This article was first published on WiFiPlanet.com.