Tuesday, August 19, 2008

Wireless Security (of lack thereof)

TechRepublic's Network Administrator blog has an interesting entry today regarding wireless security, which is a topic certainly bears some thinking about.

This weekend, I was actually doing some research on wifi security this weekend with my wife's laptop. My powerbook's airport extreme card isn't so great for cracking networks, but my wife's Dell has an intel chip that will work for most parts, though packet injection isn't supported.

Anyway, I've figured out that WPA-PSK is alright for me, especially at home. As long as I use a good enough key, the amount of time spent cracking it would be in excess of the reward of stealing my wifi, especially when you consider that one of my neighbors is using WAP.

On the other hand, there are some improvements that I'm going to set up for work. The first of which is, when I finally get everyone connected to the active directory infrastructure I'm building, I'll authenticate the wireless against a radius server. The AP we're using supports that, thankfully.

One of the links that the TechRepublic blog entry links to is this one: how to prevent parking lot attacks. This is an interesting read, since it involves things like radiowave-reducing paint and window covers which block 2.4ghz radio waves. Interesting stuff, most of which can be implemented for $0 by reducing the strength of radio broadcasts on your AP. Nevertheless, if I suddenly find myself with oodles of money and the need to protect a server room, I'll use the advice.