Monday, October 8, 2007

Hotspot (Wi-Fi)

A hotspot is a venue that offers Wi-Fi access. The public can use a laptop, WiFi phone, or other suitable portable device to access the Internet. Of the estimated 150 million laptops, 14 million PDAs, and other emerging Wi-Fi devices sold per year for the last few years, most include the Wi-Fi feature.
For venues that have broadband service, offering wireless access is as simple as purchasing one AP and connecting the AP with the gateway box.
Hotspots are often found at restaurants, train stations, airports, libraries, coffee shops, bookstores, fuel stations, department stores, supermarkets and other public places. Many universities and schools have wireless networks in their campus.

Security concerns

Most hotspots are unsecured. User data is shared as clear text as all users access the internet via the hotspot.
Some hotspots authenticate users. This does not secure the data transmission or prevent packet sniffers from allowing people to see traffic on the network.
Some venues offer VPN as an option, such as Google WiFi. This solution is expensive to scale.
Others such as T-mobile provide a download option that deploys WPA support specific to T-mobile. This conflicts with enterprise configurations at Cisco, IBM, HP, Google, and other large enterprises who have solutions specific to their internal WLAN.
A "poisoned hotspot" refers to a free public hotspot set up by identity thieves or other malicious individuals for the purpose of "sniffing" the data sent by the user. This abuse can be avoided by the use of VPN.

Wireless access point (WAP)

In computer networking, a wireless access point (WAP or AP) is a device that connects wireless communication devices together to form a wireless network. The WAP usually connects to a wired network, and can relay data between wireless devices and wired devices. Several WAPs can link together to form a larger network that allows "roaming". (In contrast, a network where the client devices manage themselves - without the need for any access points - becomes an ad-hoc network.) WAPs have IP addresses for configuration.
Low-cost and easily-installed Wi-Fi WAPs grew rapidly in popularity in the early 2000s. These devices offered a way to avoid the tangled messes of category 5 cable associated with typical Ethernet networks of the day. Whereas wiring a business, home, or school often requires stringing many cables through walls and ceilings, wireless networking allows connecting with few or no new cables. Wireless networks also allow greater mobility, freeing users from the restrictions of using a computer cabled to the wall. In the industrial and commercial contexts, wireless networking has had a big impact on operations: employees in these areas now often carry portable data terminals integrating barcode scanners and wireless links, allowing them to update work in progress and inventory in real-time. At home with a residential gateway, any convenient chair or lawn becomes a desk for the laptop.
A typical corporate use involves attaching several WAPs to a wired network and then providing wireless access to the office LAN. Within the range of the WAPs, the wireless end user has a full network connection with the benefit of mobility. In this instance, the WAP functions as a gateway for clients to access the wired network. Another use involves bridging two wired networks in conditions inappropriate for cable: for example, a manufacturer can wirelessly connect a remote warehouse's wired network with a separate (though within line of sight) office's wired network.
Another wireless topology, a lily-pad network, consists of a series of access points spread over a large area, each connected to a different network. This provides hot spots where wireless clients can connect to the Internet without regard for the particular networks to which they have attached for the moment. The concept can become organic in large cities, where a combination of coffeehouses, libraries, other public spaces offering wireless access, as well as privately owned open access points, allow clients to roam over a large area (like hopping from lily pad to lily pad), staying more or less continuously connected.
Home wireless networks, the majority, generally have only one WAP to connect all the computers in a home. Most are wireless routers, meaning converged devices that include a WAP, Ethernet router, and often a switch in the same package. Many also converge a broadband modem. Most owners leave their encryption settings at default, hence neighbors can use them. In places where most homes have their own WAP within range of the neighbors' WAP, it's possible for technically savvy people to turn off their encryption and set up a wireless community network, creating an intra-city communication network without the need of wired networks.
A WAP may also act as the network's arbitrator, negotiating when each nearby client device can transmit. However, the vast majority of currently installed IEEE 802.11 networks do not implement this, using a distributed pseudo-random algorithm instead.
One IEEE 802.11 WAP can typically communicate with 30 client systems located within a radius of 100 m. However, the actual range of communication can vary significantly, depending on such variables as indoor or outdoor placement, height above ground, nearby obstructions, other electronic devices that might actively interfere with the signal by broadcasting on the same frequency, type of antenna, the current weather, operating radio frequency, and the power output of devices. Network designers can extend the range of WAPs through the use of repeaters and reflectors, which can bounce or amplify radio signals that ordinarily would go un-received. In experimental conditions, wireless networking has operated over distances of several kilometers.
Most jurisdictions have only a limited number of frequencies legally available for use by wireless networks. Usually, adjacent WAPs will use different frequencies to communicate with their clients in order to avoid interference between the two nearby systems. But wireless devices can "listen" for data traffic on other frequencies, and can rapidly switch from one frequency to another to achieve better reception on a different WAP. However, the limited number of frequencies becomes problematic in crowded downtown areas with tall buildings housing multiple WAPs, because enough overlap can occur between the wireless networks to cause interference.
Wireless networking lags behind wired networking in terms of increasing bandwidth and throughput. While (as of 2004) typical wireless devices for the consumer market can reach speeds of 11 Mbit/s (megabits per second) (IEEE 802.11b) or 54 Mbit/s (IEEE 802.11a, IEEE 802.11g), wired hardware of similar cost reaches 1000 Mbit/s (Gigabit Ethernet). One impediment to increasing the speed of wireless communications comes from Wi-Fi's use of a shared communications medium, so a WAP is only able to use somewhat less than half the actual over-the-air rate for data throughput. Thus a typical 54 MBit/s wireless connection actually carries TCP/IP data at 20 to 25 Mbit/s. Users of legacy wired networks expect the faster speeds, and people using wireless connections keenly want to see the wireless networks catch up.
As of 2006 a new standard for wireless, 802.11n is awaiting final certification from IEEE. This new standard operates at speeds up to 540 Mbit/s and at longer distances (~50 m) than 802.11g. Use of legacy wired networks (especially in consumer applications) is expected to decline sharply as the common 100 Mbit/s speed is surpassed and users no longer need to worry about running wires to attain high bandwidth.
Interference can commonly cause problems with wireless networking reception, as many devices operate using the 2.4 GHz frequency. A nearby wireless phone or anything with greater transmission power within close proximity can markedly reduce the perceived signal strength of a wireless access point. Microwaves are also known to interfere with wireless networks.

Wi-Fi Advantage and Disadvantage

Advantages of Wi-Fi
Wi-Fi allows LANs to be deployed without cabling for client devices, typically reducing the costs of network deployment and expansion. Spaces where cables cannot be run, such as outdoor areas and historical buildings, can host wireless LANs.
As of 2007 wireless network adapters are built into most modern laptops. The price of chipsets for Wi-Fi continues to drop, making it an economical networking option included in ever more devices. Wi-Fi has become widespread in corporate infrastructures, which also helps with the deployment of RFID technology that can piggyback on Wi-Fi.[2]
Different competitive brands of access points and client network interfaces are inter-operable at a basic level of service. Products designated as "Wi-Fi Certified" by the Wi-Fi Alliance are backwards inter-operable. Wi-Fi is a global set of standards. Unlike mobile telephones, any standard Wi-Fi device will work anywhere in the world.
Wi-Fi is widely available in more than 250,000 public hotspots and tens of millions of homes and corporate and university campuses worldwide. WPA is not easily cracked if strong passwords are used and WPA2 encryption has no known weaknesses. New protocols for Quality of Service (WMM) make Wi-Fi more suitable for latency-sensitive applications (such as voice and video), and power saving mechanisms (WMM Power Save) improve battery operation.
Disadvantages of Wi-Fi
Spectrum assignments and operational limitations are not consistent worldwide. Most of Europe allows for an additional 2 channels beyond those permitted in the U.S for the 2.4 GHz band. (1-13 vs. 1-11); Japan has one more on top of that (1-14). Europe, as of 2007, is now essentially homogeneous in this respect. A very confusing aspect is the fact a WiFI signal actually occupies five channels in the 2.4 GHz resulting in only 3 non-overlapped channels in the US: 1, 6, 11, and four in Europe: 1,5,9,13
Some countries, such as Italy, formerly required a 'general authorization' for any Wi-Fi used outside an operator's own premises, or require something akin to an operator registration.[citation needed] Equivalent isotropically radiated power (EIRP) in the EU is limited to 20 dBm (0.1 W).
Power consumption is fairly high compared to some other low-bandwidth standards, such as Zigbee and Bluetooth, making battery life a concern.
The most common wireless encryption standard, Wired Equivalent Privacy or WEP, has been shown to be easily breakable even when correctly configured. Wi-Fi Protected Access (WPA and WPA2), which began shipping in 2003, aims to solve this problem and is now available on most products. Wi-Fi Access Points typically default to an open (encryption-free) mode. Novice users benefit from a zero-configuration device that works out of the box, but this default is without security enabled, providing open wireless access to their LAN. To turn security on requires the user to configure the device, usually via a software graphical user interface (GUI). Wi-Fi networks that are open (unencrypted) can be monitored and used to read and copy data (including personal information) transmitted over the network, unless another security method is used to secure the data, such as a VPN or a secure web page. (See HTTPS/Secure Socket Layer.)
Many 2.4 GHz 802.11b and 802.11g Access points default to the same channel on initial startup, contributing to congestion on certain channels. To change the channel of operation for an access point requires the user to configure the device.
Wi-Fi networks have limited range. A typical Wi-Fi home router using 802.11b or 802.11g with a stock antenna might have a range of 32 m (120 ft) indoors and 95 m (300 ft) outdoors. Range also varies with frequency band. Wi-Fi in the 2.4 GHz frequency block has slightly better range than Wi-Fi in the 5 GHz frequency block. Outdoor range with improved (directional) antennas can be several kilometres or more with line-of-sight.
Wi-Fi pollution, or an excessive number of access points in the area, especially on the same or neighboring channel, can prevent access and interfere with the use of other access points by others, caused by overlapping channels in the 802.11g/b spectrum, as well as with decreased signal-to-noise ratio (SNR) between access points. This can be a problem in high-density areas, such as large apartment complexes or office buildings with many Wi-Fi access points. Additionally, other devices use the 2.4 GHz band: microwave ovens, security cameras, Bluetooth devices and (in some countries) Amateur radio, videosenders, cordless phones and baby monitors can cause significant additional interference. General guidance to those who suffer these forms of interference or network crowding is to migrate to a WiFi 5GHz product (802.11a) usually a dual band product as the 5GHz band is relatively unused and there are many more channels available. This also requires users to set up the 5GHz band to be the preferred network in the client and to configure each network band to a different name(SSID).
It is also an issue when municipalities,[3] or other large entities such as universities, seek to provide large area coverage. Everyone is considered equal for the base standard without 802.11e/WMM when they use the band. This openness is also important to the success and widespread use of 2.4 GHz Wi-Fi, but makes it unsuitable for "must-have" public service functions or where reliability is required.
Interoperability issues between brands or proprietary deviations from the standard can disrupt connections or lower throughput speeds on other user's devices that are within range.


Wi-Fi (pronounced why-fie, IPA: [ʍaɪ faɪ]), also unofficially known as Wireless Fidelity, is a wireless technology brand owned by the Wi-Fi Alliance intended to improve the interoperability of wireless local area network products based on the IEEE 802.11 standards.
Common applications for Wi-Fi include Internet and VoIP phone access, gaming, and network connectivity for consumer electronics such as televisions, DVD players, and digital cameras.
Wi-Fi Alliance is a consortium of separate and independent companies agreeing to a set of common interoperable products based on the family of IEEE 802.11 standards. Wi-Fi certifies products via a set of established test procedures to establish interoperability. Those manufacturers that are members of Wi-Fi Alliance whose products pass these interoperability tests can mark their products and product packaging with the Wi-Fi logo.
Main article: Wi-Fi Technical Information
According to the brand style guide of the Wi-Fi Alliance (the owner of the Wi-Fi brand):
Products which successfully pass the Wi-Fi Alliance testing may use the Wi-Fi CERTIFIED brand. The Alliance tests and certifies the interoperability of wireless LAN products based on the IEEE 802.11 standards. Studies show that 88% of consumers prefer products that have been tested by an independent organization.
Wi-Fi technologies have gone through several generations since their inception in 1997. Wi-Fi is supported to different extents under Microsoft Windows, Apple Macintosh and open source Unix and Linux operating systems. Contrary to popular belief, Wi-Fi is not an abbreviation for "Wireless Fidelity".
A Wi-Fi enabled device such as a PC, game console, cell phone, MP3 player or PDA can connect to the Internet when within range of a wireless network connected to the Internet. The area covered by one or more interconnected access points is called a hotspot. Hotspots can cover as little as a single room with wireless-opaque walls or as much as many square miles covered by overlapping access points. Wi-Fi can also be used to create a mesh network. Both architectures are used in community networks.[citation needed]
Wi-Fi also allows connectivity in peer-to-peer (wireless ad-hoc network) mode, which enables devices to connect directly with each other. This connectivity mode is useful in consumer electronics and gaming applications.
When the technology was first commercialized there were many problems because consumers could not be sure that products from different vendors would work together. The Wi-Fi Alliance began as a community to solve this issue so as to address the needs of the end user and allow the technology to mature. The Alliance created the branding Wi-Fi CERTIFIED to show consumers that products are interoperable with other products displaying the same branding.
Many consumer devices use Wi-Fi. Amongst others, personal computers can network to each other and connect to the Internet, mobile computers can connect to the Internet from any Wi-Fi hotspot, and digital cameras can transfer images wirelessly.
Routers which incorporate a DSL or cable modem and a Wi-Fi access point are often used in homes and other premises, and provide Internet access and internetworking to all devices connected wirelessly or by cable into them. Devices supporting Wi-Fi can also be connected in ad-hoc mode for client-to-client connections without a router.
Business and industrial Wi-Fi is widespread as of 2007. In business environments, increasing the number of Wi-Fi access points provides redundancy, support for fast roaming and increased overall network capacity by using more channels or creating smaller cells. Wi-Fi enables wireless voice applications (VoWLAN or WVOIP). Over the years, Wi-Fi implementations have moved toward 'thin' access points, with more of the network intelligence housed in a centralized network appliance, relegating individual Access Points to be simply 'dumb' radios. Outdoor applications may utilize true mesh topologies. As of 2007 Wi-Fi installations can provide a secure computer networking gateway, firewall, DHCP server, intrusion detection system, and other functions.
In addition to restricted use in homes and offices, Wi-Fi is publicly available at Wi-Fi hotspots provided either free of charge or to subscribers to various providers. Free hotspots are often provided by businesses such as hotels, restaurants, and airports who offer the service to attract or assist clients. Sometimes free Wi-Fi is provided by enthusiasts, or by organizations or authorities who wish to promote business in their area. Metropolitan-wide WiFi (Mu-Fi) already has more than 300 projects in process.

Mobile Broadband Wireless Access

Mobile Broadband Wireless Access (MBWA) is a technology being developed by IEEE 802.20 and is aimed at wireless mobile broadband for operations from 120 to 350 km/h. The 802.20 standard has taken on many of the methods behind Mobile WiMAX, including high speed dynamic modulation and similar scalable OFDMA capabilities. It apparently retains fast hand-off, Forward Error Correction (FEC) and cell edge enhancements.
The Working Group was temporarily suspended in mid 2006 by the IEE-SA Standards Board since it had been the subject of a number of appeals, and a preliminary investigation of one of these "revealed a lack of transparency, possible 'dominance,' and other irregularities in the Working Group".[8]
In September 2006 the IEE-SA Standards Board approved a plan to enable the working group to continue under new conditions, and the standard is now expected to be finalized by Q2 2008

Sunday, October 7, 2007


South Korea's electronics and telecommunication industry spearheaded by Samsung Electronics and ETRI has developed its own standard, WiBro. In late 2004, Intel and LG Electronics agreed on a merger of mobile WiBro(S-OFDMA modulation) and fixed WiMAX(OFDM modulation) to produce a new standard dubbed Mobile WiMax(802.16e-2005) combining features from both to avoid a future standard war. From this point on WiBro became a specific subset implementation of 802.16e-2005 standard over 8.75 MHz channels in 2.3 GHz band, whereas Mobile WiMax represents a full implementation of 802.16e-2005 standard that supports flexible channel size and service band. The side effect of this merger is that Mobile WiMax gear is backward compatible with WiBro gear but not with fixed WiMax gear, reflecting its WiBro originated heritage.
WiBro has South Korean government support with the requirement for each carrier to spend over US$1 billion for deployments. Korea sought to develop WiBro as a regional and potentially international alternative to 3.5G or 4G cellular systems. But given the lack of momentum as a standard, WiBro has joined WiMAX and agreed to harmonize with the similar OFDMA 802.16e version of the standard.
What makes WiBro roll-outs a good "test case" for the overall WiMAX effort is that it is a mobile, well thought out system for delivery of wireless broadband services, and the fact that the deployment is taking place in a highly sophisticated, broadband-saturated market. WiBro will go up against 3G and very high bandwidth wire-line services rather than as gap-filler or rural under-served market deployments often thought of as "best fit" markets for WiMAX.
As such, WiBRO is now best described as a particular profile within WiMAX with 8.75 MHz channel in the 2.3 GHz band.


WiMAX, the Worldwide Interoperability for Microwave Access, is a telecommunications technology aimed at providing wireless data over long distances in a variety of ways, from point-to-point links to full mobile cellular type access. It is based on the IEEE 802.16 standard, which is also called WirelessMAN. WiMAX allows a user, for example, to browse the Internet on a laptop computer without physically connecting the laptop to a router or switch port via an Ethernet port. The name WiMAX was created by the WiMAX Forum, which was formed in June 2001 to promote conformance and interoperability of the standard. The forum describes WiMAX as "a standards-based technology enabling the delivery of last mile wireless broadband access as an alternative to cable and DSL."
Definitions of terms
The terms "fixed WiMAX", "mobile WiMAX", "802.16d" and "802.16e" are frequently used incorrectly. Correct definitions are:

Strictly speaking, 802.16d has never existed as a standard. The standard is correctly called 802.16-2004. However, since this standard is frequently called 802.16d, that term is also used in this article to assist readability.

Just as 802.16d has never existed, a standard called 802.16e hasn't either. It's an amendment to 802.16-2004, so it is not a standard in its own right. It is properly referred to as 802.16e-2005.

Fixed WiMAX
This is a phrase frequently used to refer to systems built using 802.16-2004 ('802.16d') as the air interface technology.

Mobile WiMAX
A phrase frequently used to refer to systems built using 802.16e-2005 as the air interface technology. "Mobile WiMAX" implementations are therefore frequently used to deliver pure fixed services.
-The bandwidth and reach of WiMAX make it suitable for the following potential applications:
-Connecting Wi-Fi hotspots with each other and to other parts of the Internet.
-Providing a wireless alternative to cable and DSL for last mile (last km) broadband access.
-Providing high-speed data and telecommunications services.
-Providing a diverse source of Internet connectivity as part of a business continuity plan. That is, if a business has a fixed and a wireless Internet connection, especially from unrelated providers, they are unlikely to be affected by the same service outage.
-Providing nomadic connectivity.


IEEE 802.11 is a set of standards for wireless local area network (WLAN) computer communication, developed by the IEEE LAN/MAN Standards Committee (IEEE 802) in the 5 GHz and 2.4 GHz public spectrum bands.
Although the terms 802.11 and Wi-Fi are often used interchangeably, the Wi-Fi Alliance uses the term "Wi-Fi" to define a slightly different set of overlapping standards. In some cases, market demand has led the Wi-Fi Alliance to begin certifying products before amendments to the 802.11 standard are complete
The 802.11a standard uses the same core protocol as the original standard, operates in 5 GHz band with a maximum raw data rate of 54 Mbit/s, which yields realistic net achievable throughput in the mid-20 Mbit/s.
Since the 2.4 GHz band is heavily used to the point of being crowded, using the 5 GHz band gives 802.11a a significant advantage. However, this high carrier frequency also brings a slight disadvantage: The effective overall range of 802.11a is slightly less than that of 802.11b/g; 802.11a signals cannot penetrate as far as those for 802.11b because they are absorbed more readily by walls and other solid objects in their path.
802.11b has a maximum raw data rate of 11 Mbit/s and uses the same media access method defined in the original standard. 802.11b products appeared on the market in early 2000, since 802.11b is a direct extension of the modulation technique defined in the original standard. The dramatic increase in throughput of 802.11b (compared to the original standard) along with simultaneous substantial price reductions led to the rapid acceptance of 802.11b as the definitive wireless LAN technology.
802.11b devices suffer interference from other products operating in the 2.4 GHz band. Devices operating in the 2.4 GHz range include: microwave ovens, Bluetooth devices, baby monitors and cordless telephones. Interference issues, and user density problems within the 2.4 GHz band have become a major concern and frustration for users.
In June 2003, a third modulation standard was ratified: 802.11g. This works in the 2.4 GHz band (like 802.11b) but operates at a maximum raw data rate of 54 Mbit/s, or about 19 Mbit/s net throughput. 802.11g hardware is fully backwards compatible with 802.11b hardware.
The then-proposed 802.11g standard was rapidly adopted by consumers starting in January 2003, well before ratification, due to the desire for higher speeds, and reductions in manufacturing costs. By summer 2003, most dual-band 802.11a/b products became dual-band/tri-mode, supporting a and b/g in a single mobile adapter card or access point. Details of making b and g work well together occupied much of the lingering technical process; in an 11g network, however, the presence of a legacy 802.11b participant will significantly reduce the speed of the overall 802.11g network.
802.11n is a proposed amendment which builds on the previous 802.11 standards by adding multiple-input multiple-output (MIMO). Though there are already many products on the market based on Draft 2.0 of this proposal, the amendment is not expected to be published until March 2009.

Protect Wireless Access Using MAC Address Filters

Wireless networks add a significant level of convenience for many users. The ability to roam at will and access the network without adding wires is quite useful. But, you need to do so securely. There are a number of basic steps you should take to protect your wireless network and filtering MAC addresses is one more way to secure it.
It is great to be able to access your network resources from anywhere in your home or office without having to plug into a wired network connection. But, if you can connect to your wireless access point from 80 feet away, then potentially every other wireless device in an 80-foot radius of your access point can as well.
There are a number of basic wireless security steps that many are already familiar with. Simple things like changing the SSID (service set identifier) from the vendor's default and disabling SSID broadcasting so you don't draw undo attention to your wireless network are a good start. Enabling some form of encryption, WEP (although it is quite flawed) or WPA, will help protect the data as it flies through the air and secure the communications between your device and the wireless router or access point.
Beyond these steps though, wireless routers or access points can generally filter access by MAC address as well. The MAC address is a unique identifier of your wireless network adapter. For a large enterprise with hundreds or thousands of wireless devices, it may not be feasible to try to maintain a listing of everyone's MAC address and constantly update the access list as users come and go. But, home offices or small to medium businesses may be able to add an extra layer of protection by filtering based on MAC address.
To determine the MAC address on a Windows system follow these steps:
-Click Start
-Click Run
-Enter command and press enter
-In the command console, type "ipconfig /all" and press enter
-If you have more than one network adapter, the details of each will be displayed
-Locate the wireless adapter information
-The MAC Address is the information labeled Physical Address
Refer to the directions for your wireless router or access point to find out how to enable MAC address filtering. Once you enable MAC address filtering and enter the MAC addresses of each of your wireless devices, the wireless router or access point will only allow those devices with MAC addresses on the access list to connect to the wireless network.
It is possible using various wireless and network sniffing tools to capture and spoof MAC addresses, so this method is not fool-proof.

Securing your Wireless Network

There are a numbers of things you can keep in mind which will help to lessen the likeliness of a breach of security in your wireless network. I have compiled a list of tips that I think will be of use to anyone who has a wireless network.
-As should be the case with a wired network, only share what is needed. Don’t share entire partitions, share folders instead. Also, depending on the level of confidentiality, you should always password protect anything that is shared using an archive tool.
-If you’ve implemented the WEP authentication method, be sure to use the Shared Key method, every so often change your WEP keys and make them as difficult as possible.
-Be sure to secure your wireless access point with a strong password; don’t just leave the default one in place!
Disable access point administration via wireless clients. This means that any changes to the access point configuration would have to be done from a machine attached to the wired network.
-On smaller networks, use MAC address filtering as an added means of security. Don’t rely on this feature alone but use it in conjunction with another security method.
-Change the default SSID to something that is understandable to you but not to outsiders. This will make it slightly more difficult for people to connect to your network. Be sure to change it to something that won’t give too much information away about your network.
-Disable SSID broadcasting. This feature is meant to make it easier for clients to connect to the network because the network name can be automatically discovered by the client operating system. This means anyone in range of your access point will automatically know your network exists.
-If you need wireless access in your building alone, try putting the access point in the centre of the building to decrease the chance of a wardriver* being in range of your signal.
-If you’re willing to see a dip in speed then using a VPN would be the more secure option for a wireless network. This is fairly quick and easy to setup and has great benefits, as opposed to other means of security.
wireless system.

Wireless Security Threats

The following are a few things you need to ask yourself when implementing security for your wireless network.
-Do I have some form of logging enabled? Logging is important as it will help you to trace who is trying to gain unauthorized access to your network. It will also act as evidence when prosecuting a suspected intruder in court.
-Do I allow guest access? If you do then be sure to separate your corporate network from the WLAN by placing the WLAN in your DMZ or outside the network and implement a firewall between them. Also, don’t forget to log and audit guest user activity so that you can see if any abuse is taking place.
-Where does my wireless signal end? Perform a site survey and find out exactly where the signal starts and ends; know your boundary.
-Do I know what’s on the network? Document everything and when a new access point is attached to the current network make sure you know about it. In larger companies, departments implement their own WLAN by adding an access point to the network and not informing the administration department, thus potentially opening up a hole in the network.
-Have I performed a Wireless LAN security audit? Make sure you scan your network to identify known vulnerabilities, and if any are found, take action as soon as possible!
-Are the wireless clients safe? Introduce, or amend a current security policy that will require mobile users to keep their laptops protected with antivirus and firewall software.

Wireless Security Threats

What are the threats that we face today with regards to wireless networks? An informative list has been compiled by the National Institute of Standards and Technology as part of their documentation on Wireless Security. Hereunder is an extract from that document.
To date, the list below includes some of the more salient threats and vulnerabilities of wireless systems:
All the vulnerabilities that exist in a conventional wired network apply to wireless technologies.
Malicious entities may gain unauthorized access to an agency’s computer or voice (IP telephony) network through wireless connections, potentially bypassing any firewall protections.
Sensitive information that is not encrypted (or that is encrypted with poor cryptographic techniques) and that is transmitted between two wireless devices may be intercepted and disclosed.
Denial of service (DoS) attacks may be directed at wireless connections or devices.
Malicious entities may steal the identity of legitimate users and masquerade them on internal or external corporate networks.
Sensitive data may be corrupted during improper synchronization.
Malicious entities may be able to violate the privacy of legitimate users and be able to track their physical movements.
Malicious entities may deploy unauthorized equipment (e.g., client devices and access points) to surreptitiously gain access to sensitive information.
Handheld devices are easily stolen and can reveal sensitive information.
Data may be extracted without detection from improperly configured devices.
Viruses or other malicious code may corrupt data on a wireless device and be subsequently introduced to a wired network connection.
Malicious entities may, through wireless connections, connect to other agencies for the purposes of launching attacks and concealing their activity.
Interlopers, from inside or out, may be able to gain connectivity to network management controls and thereby disable or disrupt operations.
Malicious entities may use a third party, un-trusted wireless network services to gain access to an agency’s network resources.
Internal attacks may be possible via ad hoc transmissions.
As with wired networks, agency officials need to be aware of liability issues for the loss of sensitive information or for any attacks launched from a compromised network.~ Source: NIST, United States of America
As you can see, there are vulnerabilities on all levels, some of which wouldn’t normally come to mind, so we must be prepared for the worst and not take anything for granted. One prime example would be, with reference to the above point about how handheld devices are easy stolen - we can take the simple preventative measures to combat such a threat. Don’t carry round highly sensitive information on your portable device; only take what is absolutely necessary. Leave other data on the corporate or home network, or on a removable storage media. Also, if available, enable the auto lock feature (with a password) and add a PIN number to the device; so that when you switch it on, you will have to enter a Personal Identification Number before it starts up.

Wireless Network Security

Networks carry all sorts of confidential data, so security is a highly important part of any wireless network structure. Security ensures that the same level of data integrity and confidentiality as a wired network are maintained. Without properly implemented security measures, any wireless network adapter coming within range of another network adapter or access point can join the network. The amount of non secure wireless access points is alarming – a recent study showed how over 90% of Access Points have little or no security enabled. I once did a little research of my own and found that 3 out of 5 of the public access points I checked had either no security at all or WEP - which allowed me to crack the key within 15 minutes using freely available tools on the Internet.
So why is there such a high lack of security? Well, I would say it’s probably down to laziness and lack of knowledge; people are not aware of these things. Especially in small companies and at home, people tend to have the “so long as it’s up and running” attitude which means that if after using the wireless setup wizard they are able to browse the internet or access files remotely from a wireless device then all is well… BIG mistake! To overlook wireless security is like leaving the front door to your house permanently open. Without any - or little - security that’s essentially what you’re doing; allowing anyone in range to sniff your network packets, read your e-mails, use your internet for free, and even gain access to your files.
With the introduction of push-button security for home user products, we can expect to see an increase in the implementation of wireless security among wireless router users. The main aim behind push-button security is to provide a simplified and enhanced method of setting up and building a home network. With so many people – particularly home users – failing to notice the importance of security as part of their wireless network building, push-button becomes a means of enabling some form of security with a click of the mouse or touch of a button. While one may begin to question the strength of such security, another will remind you that something is better than nothing at all!
If you’re reading this and still use WEP, check for a driver and/or firmware update for your hardware and, if possible, change to WPA security now! Also, keep in mind for the next time you purchase new hardware, make sure the product supports WPA TKIP at the very least.