Three Ways to Secure Your Mac Snow Leopard Wireless Network
Are you worried about the security of the AirPort wireless network on your Mac OS X Snow Leopard? You should be. Imagine someone in the next apartment or house intercepting and monitoring your data from your wireless network.
If you purchase things on the Internet with your credit card, you should already be using a secure connection provided by the Web site for your personal information so that the data you’re sending across your wireless network is already encrypted and relatively safe from thieves.
This is not to say that you bear absolutely no risk of being hacked. If a legitimate user on your wireless network connects to your computer and starts transferring a file, a would-be hacker could potentially record all the traffic and then reconstruct the file that was sent from the data that was recorded. In other words, a hacker could grab that user’s username and password. That’s where WPA, WEP, and LEAP come in.
WPA and WPA2
Wi-Fi Protected Access, or WPA, is the standard encryption protocol offered for home wireless networking ¯ WPA2 standard is the latest version¯ and is even better at defending your wireless network. As you might expect, all of Apple’s current AirPort wireless hardware uses WPA2 security, as does most of the wireless hardware you’ll find on the shelf at your local Hardware Heaven electronics store. (It’s still a good idea to check the specifications on the box, though, to make sure that WPA2 is supported.)
WPA2 works well as a deterrent to keep the wrong people out of your stuff. Although WPA2 isn’t going to ward off the spies at the National Security Agency, it’s good enough to protect home and small-business networks.
WEP was one of the first widely supported wireless encryption schemes, but in today’s world, WEP is now outdated and pretty easy for a hacker to outwit.
Apple’s implementation of WEP comes in two varieties: 40 bit and 128 bit. The more bits used in the encryption, the more secure (and the better) it is.
To use WEP, you need to select a WEP key, which is really just a code word:
The longer the key, the better.
When making a key, use something like ab8sher7234ksief87 (something that’s random with letters and numbers) as opposed to something, like mykey, that’s easily guessed.
If you’re using an Ad Hoc wireless network, all the computers need to have their wireless network card configured with the same WEP key in order to communicate. If you’re using a WAP to connect to the rest of the network, you need to use the same key on your computers that you’ve configured on your WAP.
One thing to note about WEP is that it’s been broken, meaning that someone has figured out how to undo the encryption that WEP provides. For businesses, especially those with sensitive data, WEP isn’t a good security solution.
The LEAP security standard
To use LEAP, you need to have a server that’s set up to enable users to log in to gain permission to the wireless network. After you initially log in (authenticate) to your network, LEAP changes encryption keys on the fly at a time interval that you determine. You could set it so that every 15 minutes your encryption key is changed: Even if someone is in that hypothetical tent on your front lawn, he could never record enough packets to figure out your key because it changes so often.
Setting up a server so that you can use LEAP isn’t something for the novice to attempt. You can read up on LEAP if you’re very serious about airtight security on your WLAN. The Cisco Web site is a good place to read about LEAP.