Wardrivers usually look for leaking wireless signals
so that they can piggyback on the Internet access. They may just be
freeloading on your connection, but they may also have darker aims, such
as using your Internet connection to send spam or download pornography.
However, some wardriving hackers are interested more in your data. They come equipped with packet sniffers
that can pick up and read your network packets. Typically, these
crackers are looking for sensitive data such as passwords and credit
card numbers.
Therefore, it’s
absolutely crucial that you enable encryption for wireless data so that
an outside user who picks up your network packets can’t decipher them.
Older wireless networks use a security protocol called Wired Equivalent
Privacy, or WEP, that protects wireless communications with (usually) a
26-character security key. That sounds impregnable, but unfortunately
there were serious weaknesses in the WEP encryption scheme, and now
software exists that can crack any WEP key in minutes, if not seconds.
In newer wireless
networks, WEP has been superseded by Wi-Fi Protected Access, or WPA,
which is vastly more secure than WEP. WPA uses most of the IEEE 802.11i
wireless security standard, and WPA2 implements the full standard. WPA2
Personal requires a simple pass phrase for access (so it’s suitable for
homes and small offices), and WPA2 Enterprise requires a dedicated
authentication server.
Access your router’s setup pages, as described earlier in this chapter, locate the wireless security section (see Figure 1),
and then set up the encryption protocol and security key. Be sure to
use the strongest encryption that your equipment supports.
Caution
Unfortunately, encryption
is a “lowest common denominator” game. That is, if you want to use a
strong encryption standard such as WPA2, all
your wireless devices must support WPA2. If you have a device that only
supports WEP, you either need to drop your encryption standard down to
WEP, or you need to replace that device with one that supports the
stronger standard. (You might also be able to upgrade the existing
device; check with the manufacturer.) Note that some APs come with a
setting that enables you to support both WPA and WPA2 devices.
Note
If you see the abbreviation PSK in the setup pages, it’s short for pre-shared key,
which refers in general to the sharing of some secret information with a
person so that person can use the information later on (which is why
this system is also sometimes called shared secret).
In the case of WPA, the shared secret is the password or pass phrase
that you give to your users so that they can connect to the wireless AP.
Changing the Wireless Connection Security Properties
If you change your
wireless AP encryption method as described in the previous section, you
also need to update each wireless Windows 7 computer to use the same
form of encryption. Here are the steps to follow to modify the security
properties for a wireless connection:
1. | Click the Network icon in the taskbar’s notification area, and then click Open Network and Sharing Center.
|
2. | In
the Network and Sharing Center’s tasks list, click Manage Wireless
Networks. Windows 7 displays the Manage Wireless Networks window.
|
3. | Double-click
the network for which you modified the encryption. Windows 7 opens the
network’s Wireless Network Properties dialog box.
|
4. | Select the Security tab, shown in Figure 2.
|
5. | Change the following three settings, as needed:
- Security Type— Select the encryption standard you’re now using on the wireless AP.
- Encryption Type— Select the type of encryption used by the AP.
- Network Security Key— Type your security key.
|
6. | Click OK.
|