We have recently covered the necessity of security for a Wireless Network and will be continuing today with the different standards available. When setting up your security the manual will be required for part of the configuration process but the particulars vary slightly depending upon the manufacturer. Whilst this manually would normally either physically in the box or on a disc in the box it can normally be obtained from the manufacturer's website if it has been misplaced.

WEP (Wired Equivalent Privacy) - Introduced back in 1999, WEP is still one of the most popular encryption protocols. Despite the fact it has several serious weaknesses and can be readily cracked in minutes with freely available software, it is the default choice presented to a user when setting up security on a wireless network which probably explains its continued popularity.

The standard is so weak because it relies on a small piece of data being pre-pended to all transmissions which when matched to the key held by an authorised machine allows the data to be decrypted. With it being on almost every packet of data transmitted the cracking process just involves listening out for enough of them in order to obtain sufficient numbers to decrypt the key.

If your wireless router currently only supports WEP then do check out the manufacturers website as there is a very real possibility that a free of charge firmware update might be available to improve support for more advanced standards; WEP should only ever be used if the only alternative was no encryption whatsoever.

MAC Filtering - This will allow you to individually grant access to your wireless network for individual machines by pre-specifying their MAC addresses; these addresses are used to uniquely identify network adaptors.

This theory unfortunately suffers in the same way as WEP; someone with devious intentions only needs to listen to enough network traffic to be able to compile a list of possible MAC addresses. Once obtained, the hacker creates a bogus MAC address which causes your router to give access by fooling it in to thinking that it's speaking to an authorised machine.

Disabling SSID Broadcast - The SSID (Service Set IDentifier) has to be identical on both the router and client machine in order for them to communicate. In order to ease setup, the SSID broadcast reveals the location of your network to all computers within range so they can easily connect if required. The broadcast can be disabled which would then mean rather than searching for your local network you would be required to memorise the SSID. Unfortunately, as before, this can be easily circumvented by simply listening to network traffic with freely available software.

WPA (Wi-Fi Protected Access) - In the home market WPA typically relies on a pre-shared key which consists of a password used to access the network. This password can be anywhere from 8 to 63 characters long but as a safety measure I would suggest choosing at least 13 completely random characters. WPA succeeds where WEP failed as the encryption key pre-pended to the transmissions is changed frequently so that a hacker is unable to obtain sufficient data in order to decrypt the key.

In summary, I would recommend that all users with a wireless network ensure that firstly they are actually employing some form of wireless security and secondly that it is set to the secure WPA standard; whilst it is not unbreakable it is considered extremely secure and certainly the best that we have for now.