Wireless Security

[herme3]

I've noticed that data sent across a wireless LAN network can be read very easily if you don't use WEP encryption keys. I was wondering, how far can a signal from a wireless network travel? If I used a wireless network without encryption, could somebody with a very power receiver read my data from miles away?

[TheGeek]

it depends on the router

[5614]

It's a hard one.

 

Using standard wireless routers (transmitters) and network cards (receiver) the average distance is a few houses down the street.

 

However with a particuarly powerful router, or more likely a very sensitive receiver the distance could increase significantly. But then even if the sensitive receiver is 3 times more powerful (which is quite a bit) that's still not going to go more than say 12 houses down the road.

 

I doubt you are looking at miles unless you are using a powerful router and there's a guy with specialist equipment trying to capture your signal.

[RyanJ]

I doubt you are looking at miles unless you are using a powerful router and there's a guy with specialist equipment trying to capture your signal.

 

I still don't think it can go that far, the limit on my boosted (Required for some of my work) wireless is about 200 meters away from the source. Maybe with some really speciallist equiptment it could be possible but I've never heared of it actually being used like that

 

But as 5614 it really depends on the router, normal routers can't transmit very far because the signal starts to degrade rapidly after a point.

 

Cheers,

 

Ryan Jones

[insane_alien]

it is possible to listen in to a router from quite far away (a few miles) using an amplified directional antenna but if you tried to communicate with it then the distance is limited to a few hundered meters

[RyanJ]

it is possible to listen in to a router from quite far away (a few miles) using an amplified directional antenna

 

Never thought of that, good one

Not that it would do much good if the signal is actually encripted though

 

Cheers,

 

Ryan Jones

[5614]

And not that anyone would bother with that unless you are using a government or military computer!

[Klaynos]

On a slight side note, WEP is very easy to break, so even if you are using it your connection is NOT secure.

[5614]

Sure, but that being said if WEP was the only available encryption method it would be better to have WEP than to have nothing. At least it stops your neighbour simply clicking 'connect' to pick up your signal.

[Cap'n Refsmmat]

Indeed. I'd reccommend WPA encryption at least, and MAC address filtering so even if they do break the encryption, they can't connect.

[cchea]

I've noticed that data sent across a wireless LAN network can be read very easily if you don't use WEP encryption keys. I was wondering, how far can a signal from a wireless network travel? If I used a wireless network without encryption, could somebody with a very power receiver read my data from miles away?

Yes, with a moderate equipment and high gain antenna. As for the WEP, it is very weak.

 

Security measures: (NOT to use the AP by default setting out of the box)

 

1-Change SSID name and Disable the SSID broadcast (if it's applicable)

2-Enable MAC filter (not useful as i can eavesdrop the network traffic to get the legitimate MAC addresses and clone to be one of them, MAC address header is usually unencrypted, just as the address of sender and recipient of our mail).

3-If you router support WPA (TKIP), use it, way more secure than WEP. And it is more than enough for small office/home office(SOHO). If it supports only WEP, use it...better than no encryption keys at all.

 

More would be probably suitable to discuss for enterprise network. As for home user, probably ur question, it is safe to say it is secure enough. No professional hacker is going to spend a day or two to break into your system for the purpose of transfering mp3

[cchea]

Indeed. I'd reccommend WPA encryption at least, and MAC address filtering so even if they do break the encryption, they can't connect.

Yes, they can. The MAC address header in the packets travelling through the air is typically unencrypted. It's readable and as some WLAN card firmwares nowaday provide the feature that you can clone your MAC address to whatever you want, I can clone mine to the legitimate MAC address on the network, and be on the network easily. For the enterprise network, there would be the use of mutual authentication (802.1x and Radius server) to counter this security breach.