Defending Your Systems

WEP is your method of defending your systems from eager eyes trying to
view your important data. The best procedure is to access the settings for your wireless 802.11 network and make certain that the first thing you do
is turn WEP on. Most users are simply not aware that encryption mechanisms
are already built into their networks and as a result fail to take even
the easiest precautions to make sure that their data is encrypted.
There are several methods by which you can change and manage your
WEP key. Remember to change the default encryption key that is in
your router or wireless LAN. Change this key often because, given
enough time, an eager hacker can break your encryption key and still be
able to view and access your 802.11 network.

Should someone gain access to your system, you can take very easy
steps to ensure that your internal network data assets are protected as
well. You should always password-protect your hard drives, network
folders, and any other assets on your network so that you make it that
much harder for someone to view or access your protected data.
Every wireless station has a wireless network name called an SSID.
You should take the very easy step of making certain you change the
default name immediately. Most 802.11 routers are preconfigured with
a standard encryption key and SSID to get you up and running quickly.
It is a simple matter for a hacker to know the settings your 802.11
router and quickly configure his laptop with the same default settings to
access your network. In fact, he could theoretically take a laptop, sit just
outside your office building in a car, and gain full access to your wireless
network, and you would never even know about it.
If your 802.11 network allows for the use of session keys, you should
take advantage of them because they are just another step to ensure
that each network session is encrypted.

One easy way to keep a sort of physical control on your network is to
use MAC address filtering, if you have that option. In this way, your
router will not accept network connections from any computer that you
have not already specified in advance. Every network card has a unique
MAC address, much like a social security number is unique to an individual.
You can easily enter this MAC address into the router, so that any
other computer that has not been cleared for access cannot access your
network.

VPN systems are an excellent way of making certain you have a virtual
private and secure network connection within your wireless infrastructure.
VPNs offer greater security and keep a direct connection between the
client and the host computer. However, this often requires a specialized
VPN server. On a more positive note, most Windows operating systems
(including Windows 98 SE, Windows 2000, and Windows XP) already have
a built-in VPN client, makiData is the lifeblood of many organizations, and you most likely
require a very high level of protection to keep your data secure. To
employ extra security measures, there are methods that involve Kerberos
and Peer-2-Peer encryption mechanisms. Using the following methods
will assist you in making certain you have taken at least the most basic
measures to ensure you are protected:

1. Encryption from point to point
2. Strong password protection
3. User authentication
4. Virtual private network (VPN)
5. Secure socket layer (SSL)
6. Firewalls
7. Public key infrastruction (PKI)ng it that much easier for you to roll out a VPN.


Future directions for 802.11 involve extending WEP to integrate
future standards developed by the IEE 802.11 Task Group. These
enhancements will more than likely involve new and more secure mechanisms,
thus making it possible to deal with new threats that are constantly
evolving in this insecure world.