Wireless Security

[Jonathan Hutchins]

It looks like what's happening as wireless pushes into the consumer market is 
that they are adding security features to the hub/routers.  The SMC Barricade 
wireless Cable/DSL router is a pretty complete package that MicroCenter has 
for about $30.  I have no idea what levels of wireless security they provide, 
but the wired versions of the Barricade are perfectly adquate for securing a 
home network on a Cable or DSL link.  The reason this model is $30 is that 
it's 11b (and so suitable for Linux), and they have their new 11g model out 
for $109.

In the same MicroCenter flier are a bunch of other Wireless Acces Point 
devices that include strong user authentication and even VPN tunneling right 
in the WAP.  If you need a more secure network, these things are all under 
$300 for the base unit, and will work with most cards.

PCI cards are a lot harder to find, but I know they're out there.  Many of 
them are simply a PCI to PCMCIA adapter with a PCMCIA card stuck in them.  
There are also cards that are sort of a hybrid of the above where there's a 
partial PCMCIA card and some hardware integration.

So I think the recommendations we discussed in IRC yesterday (?) stand.  For a 
home system, pick up one of these 11b AP's or Routers for under $100, try to 
find a card that's Linux supported if you have Linux boxes, and just accept 
the standard level of security.  Make sure you take advantage of the security 
that's offered, setting a unique password and changing the admin name if 
possible, setting a unique ESSID, enabling WEP with the longest key that the 
hardware has in common*, and using the restricted mode that requires that a 
node already have ESSID and keyphrase to even see the AP.

*Some cards allow longer keys than others.  I had to drop my network key from 
256 bits to 128 bits in order to accomodate a PowerBook.  I think that if 
someone's determined to hack your home network, that much difference in key 
strength isn't going to help.

Good luck!