The popularity in Wireless technology is driven by two major factors: Convenience and Cost. A
Wireless Local Area Network (WLAN) allows workers to access Digital Resources without being
locked to their desks. Mobile users can connect to a Local Area Network (LAN) through a
Wireless (radio) connection.
Basic Terminologies in Wireless connection
• Access Point: Device which is transmitting the Wireless Network.
• SSID: Name of the Wireless Connection. It is also known as the ESSID.
• BSSID: MAC Address of the Wireless Device Access Point.
• Channel: Frequency of the Wireless Network.
• Power: Strength of the Wireless Network Signals
Wireless Security Overview
• Two methods exist for authenticating wireless LAN clients to an access point: Open
system or Shared key authentication.
• Open system does not provide any security mechanisms but is simply a request to make a
connection to the network.
• Shared key authentication has the wireless client hash a string of challenge text with the
WEP key to authenticate to the network.
• War Driving is detecting the Wireless Networks and checking out their properties.
• WAR Driving is of two types:
o Active War Driving
o Passive War Driving
Active War Driving
• Active War Driving is detecting the Wireless Networks whose SSIDs are broadcasted or
the Wireless Networks which are shown to all the Wireless Adapters.
• It can be done through any Wireless Card.
Passive War Driving
• Passive War Driving is detecting the Wireless Networks whose SSIDs are not
Broadcasted or the Hidden Wireless Networks.
• The Wireless card should support the Monitor Mode.
WEP Key Cracking
• Wired Equivalent Privacy (WEP) was the first security option for 802.11 WLANs. WEP
is used to encrypt data on the WLAN and can optionally be paired with shared key
authentication to authenticate WLAN clients. WEP uses an RC4 64-bit or 128-bit
• The process by which RC4 uses IVs is the real weakness of WEP: It allows a hacker to
crack the WEP key.
Applying the Wireless Security
Hide the Wireless Network: Do not broadcast the SSID of the Wireless Network. This will
help you in protecting your Wireless being invisible to the people who do not know about
Passive War Driving.
Use a WEP Key: You can use the WEP Key protection on your Wireless Network to protect
your Wireless Network Connection. Although this is not the ultimate security measure but will help you a lot against
the Script Kiddies who do not know how to break into the WEP
WPA: Wi-Fi Protected Access: WPA employs the Temporal Key Integrity Protocol (TKIP)—
which is a safer RC4 implementation—for data encryption and either WPA Personal or WPA
Enterprise for authentication.
WPA Enterprise is a more secure robust security option but relies on the creation and more
complex setup of a RADIUS server. TKIP rotates the data encryption key to prevent the
vulnerabilities of WEP and, consequently, cracking attacks.
Mac Filtering: An early security solution in WLAN technology used MAC address filters: A
network administrator entered a list of valid MAC addresses for the systems allowed to associate
with the Wireless Access Point.
Choosing the Best Key: Always use a long WPA Key with lower as well as upper case letters
including numbers and special characters.
A Sample Key: 12345@abcde&FGHI
Rayat Institute of Engineering and Information Technology, Railmajra, Near Ropar (Chandigarh)