Nik's Technology Blog

Travels through programming, networks, and computers

Wireless LAN Security Vulnerabilities

Since I last wrote about WLAN Security shortly after buying a Netgear Wireless router, I thought I'd write about improving your wireless network over-and-above that of what WEP (Wireless Equivalent Privacy) offers.

In 2001 two universities in the US, Maryland and UC Berkeley published separate studies into the inherent flaws with WEP encryption.

This had, until recently put many corporations off the idea of WLANs. After all there are tools freely available that can decipher the WEP encryption keys used on a network.

So what technology can we use to improve WLAN security?

Ever since the flaws in WEP were discovered the IEEE and the Wi-Fi Alliance have been busy trying to ratify a new standard in WLAN encryption. Known as 802.11i or WPA (Wi-Fi Protected Access) it is meant to be a software upgrade that is designed to address all known WEP vulnerabilities.

WPA uses an IEEE standard called 802.1X with Temporal Key Integrity Protocol (TKIP). Basically TKIP uses a dynamic key rather than the static one used in WEP, with TKIP a new key is generated every 10000 packets. TKIP also checks packets to make sure they haven't been altered by an intermediary.

Even though the upgrade to WPA was supposed to be a software (Firmware) upgrade it's still down to the hardware manufacturer to continue supporting it's hardware. Looking on the Netgear site it looks like my hardware (Netgear DG824M) won't be getting new firmware to upgrade the security from WEP to WPA.

Securing a home wireless router

Comments are closed