Still working to restore things from a backup of the old website | sign in

How to Secure A Wireless Network

2010-10-23

The way wireless works is that we send out a radio signal in all directions containing information, anyone within range can pick it up and read it and we wont even know.  This would include private information about us such as sexual preferences, passwords, etc and all kinds of things we don't want others to know about.  This is why we need to secure our wireless network.

There's no way to prevent others from acquiring the information we send, but we can make it unreadable for unauthorized people by encrypting it.  It's important to note that WEP encryption is trivial to hack.  Of course it's slightly better than nothing but we really should consider it completely insecure.

What we need to set up is WPA or WPA2 encryption.  These schemes are on a completely different level than WEP and will be impossible to hack, but only if we do it right.  The weakness in WPA is the same as with most other security solutions: people choose very poor passwords.

In order to hack WPA an attacker would need to try all different passwords until he found the right one, but because of the shear number of combinations it could take thousands of years even with hundreds of dedicated servers.  This is what makes encryption secure.

But because the attacker can make assumptions about what passwords people actually use, the number of combinations is reduced significantly.  A hacker will always first try common password, real worlds, names of things and places and common number combinations.  He will then move on to combinations and variations of those.

We need to use a password that is not a real word, we need to have some upper case characters and we need to put in a number, a question mark or similar as well.  Making the password longer is also a very good idea and the longer we make it, the less complicated our password needs to be.

But a hacker can also precompute how a certain piece of information will look encrypted with a certain password.  This allows a hacker to check a password once and then reuse that and just make a simple comparison every time he wants to hack a network.  These "lookup-tables" are also shared among hackers and allows a hacker to check a much higher number of passwords much faster.

For this reason, in WPA, the name of our wireless network is automatically added to the password so that a lookup-table can't be reused – a unique one has to be created for every network.  This is why we need to change the default name of our network, because lookup-tables for those names already exist.

Now we can enjoy the Internet without worrying about people listening in, except for our government, other countries governments, internet service providers and whoever pays them enough or steals the information from them.