Keep Your Wireless Network Secure - dummies

By Mark L. Chambers

Are you worried about the security of your AirPort wireless network? Imagine someone in the next apartment or house — or standing right in your street — intercepting and monitoring your data from your wireless network.

But before you decide to toss the idea of a wireless network, keep this in mind: Even though it is technically possible that someone might camp out on your doorstep in order to gain access to your wireless network, for most home networks, this possibility isn’t very probable.

Even if someone tries to gain access to your wireless network and perhaps even sniff your network — a techno-nerd term meaning to record all the data flying around a network — there isn’t a whole lot someone can do with that information.

If a legitimate user on your wireless network connects to your computer and starts transferring a file, a would-be hacker could potentially record all the traffic and then reconstruct the file that was sent from the data that was recorded. In other words, a hacker could grab that user’s username and password. That’s where WPA comes in.

WPA and WPA2 security for your MacBook

Wi-Fi Protected Access, or WPA, is A Good Thing (even if it makes for a silly-sounding acronym). It’s currently the standard encryption protocol offered for home wireless networking — the WPA2 standard is the latest version, and is even better at defending your wireless network.

As you might expect, all of Apple’s current AirPort wireless hardware supports WPA2 security, as does most of the wireless hardware you’ll find on the shelf at your local Hardware Heaven electronics store. (It’s still a good idea to check the specifications on the box, though, to make sure that WPA2 is supported.)

WPA2 works well as a deterrent to keep the wrong people out of your stuff. Although WPA2 isn’t going to ward off the spies at the National Security Agency, it’s good enough to protect home and small-business networks.

WEP for your MacBook

WEP is an old friend. Short for Wired Equivalency Privacy, it’s another ridiculous acronym for another wireless security system. WEP was one of the first widely supported wireless encryption schemes, but in today’s world, WEP is now outdated and pretty easy for a hacker to outwit.

Apple’s implementation of WEP comes in two varieties: 40 bit and 128 bit. The more bits used in the encryption, the more secure (and the better) it is.

To use WEP, you need to select a WEP key, which is really just a code word:

  • The longer the key, the better.

  • When making a key, use something like ab8sher7234ksief87 (something that’s random with letters and numbers) as opposed to something, like mykey, that’s easily guessed.

If you’re using an Ad Hoc wireless network, all the computers need to have their wireless network card configured with the same WEP key in order to communicate. If you’re using a wireless access point to connect to the rest of the network, you need to use the same key on your computers that you’ve configured on your wireless access point.

One thing to note about WEP is that it’s been broken, meaning that someone has figured out how to undo the encryption that WEP provides. For businesses, especially those with sensitive data, WEP isn’t a good security solution.

LEAP security standard for MacBook networking

Lightweight Extensible Authentication Protocol (LEAP) is an encryption protocol developed by Cisco Systems for superior security in the business world. To use LEAP, you need to have a server that’s set up to enable users to log in to gain permission to the wireless network.

After you initially log in (authenticate) to your network, LEAP changes encryption keys on the fly at a time interval that you determine. You could set it so that every 15 minutes your encryption key is changed: Even if someone is in that hypothetical tent on your front lawn, he could never record enough packets to figure out your key because it changes so often.

All current AirPort Extreme wireless network cards and Base Stations are compatible with the Cisco LEAP for higher security.