Secure Your Wireless Network!
More and more organizations (as well as households) are setting up wireless networks in their premises. Wireless networking is a very affordable solution, even for home users and it's catching up with its wired counterpart. With new WiFi technologies improving data throughput and range, there's no doubt that wireless networking is the future.
However, in my line of work, I still encounter many organizations that insist on wired connectivity. They generally have 3 major reasons for doing so.
One would be the reliability of the connection. A wired network uses physical cables and therefore guarantees a stable connection every time. The performance of a wireless network, on the other hand, is subjected to the operating condition. Distance and radio interference will reduce network speed as well as cause packet loss.
The second would be much higher bandwidth of a wired network. Wired networks can achieve a whooping bandwidth of 1 gigabits per second, which is ideal for transferring large data files or a network with heavy traffic. Of course, the actual bandwidth of Gigabit networks is less than that, but they are still much faster than wireless networks. Even 802.11g which supports 54 mbps will choke in demanding environments.
The third and most critical reason would be security. While lower transfer speeds can be tolerated, there is no way an organization is going to expose its network in exchange for the convenience of a cable-free environment. There have been many occasions where a wireless network’s security have been compromised merely due to the nature of wireless networks.
Even at my workplace, I can detect 2 to 3 open wireless network. Such networks do not even need to be hacked into. They were just left unprotected. I was able to gain access to important documents like design files and documents just by connecting to these open networks. Just imagine how many more open networks like these are out there in the world today!
Why do they leave it unattended? Possibly some are not aware that unlike wired networks, wireless networks MUST be secured. Otherwise, anyone within range of the wireless access point will be able to access the network. But for most people, configuring WEP (Wired Equivalent Privacy) encryption for a wireless network can be a truly daunting task. Hence, many people just leave their wireless networks open.
Wireless networks are inherently open to access, unlike wired networks which can restrict access to computers that are physically linked to it by cables. Therefore, it is important that you protect your network with even a basic WEP encryption. If you leave hackers out from the equation, this instantly protects your network from unauthorized users. Unless your neighbour is a known hacker, this basic protection is really all most home users will ever need.
But if you are looking for a better alternative to WEP, there is something that you might be interested in - MAC Filtering!
If you intend to further protect your network, you should begin exploring what security features your wireless access point has to offer. My favourite method of securing a network is still MAC Filtering which is part of many, if not all, wireless access points in use today.
MAC (Media Access Control) Filtering is a method by which access to a network is restricted to specific network adapters, based on their MAC addresses. Every network adaptor, whether wireless or wired, has a "supposedly" hard-coded MAC address which uniquely identifies it in any network. I used the word "supposedly" because you can actually change a MAC address using software or even a registry hack in Windows XP.
You can think of the MAC address as your network adaptor's "identification number". Every card has its own identification number which is permanent (unless hacked) and does not change even if you switch to a different network.
By using MAC Filtering, you can easily control which computers can gain access to the network, or not. You can restrict access to network adaptors with specific MAC addresses. You can also prevent network adaptors from accessing the network, merely by using their MAC addresses.
Of course, this isn't a foolproof method of securing your network, as we will learn later. However, MAC filtering has an speed advantage over other security methods. Because it functions by restricting access based on MAC addresses, MAC filtering has no packet overhead and thus does not have any performance impact on network traffic or bandwidth.
We will be taking a look at both the security and performance issues later in this article. But first, let's show you how you can implement MAC filtering on your network!