Summary

Chapter 9: Fundamental Security 17■■■■■■■Disable the broadcasting of the Service Set Identifier (SSID) to hide it from otherusers.Use MAC filtering to protect the network from other users.Change the default values of the SSID by entering the setup program for the accesspoint and renaming the SSID.Update to the latest available firmware.Install or activate a firewall, and adjust the settings to eliminate all traffic except thedesired network settings.Update to the latest available firmware.Install or activate a firewall, and adjust the settings to eliminate all traffic except thedesired network settings.An attacker can access data as it travels over the radio signal. However, you can use a wirelessencryption system to encode data and thereby prevent unwanted capture and use of thedata. Both ends of every link must use the same encryption standard. The following listdescribes the different levels of wireless security, from most secure to least secure:■■■■■Lightweight Extensible Authentication Protocol (LEAP): Also called EAP-Cisco,LEAP is a wireless security protocol created by Cisco to address the weaknesses inWEP and WPA. LEAP is a good choice when using Cisco equipment in conjunctionwith operating systems such as Windows and Linux.Wi-Fi Protected Access (WPA): An improved version of WEP. It was created as a temporarysolution until 802.11i (a security layer for wireless systems) was fully implemented.Now that 802.11i has been ratified, WPA2 has been released. It covers theentire 802.11i standard.WEP 128: An enhanced encryption protocol combining a 104-bit key and a 24-bit initializationvector.WEP 64: The first-generation security standard for wireless. It could be exploitedbecause of an encryption key that was vulnerable to decoding.No security: Although you can elect to implement no security whatsoever, you leaveyour wireless network completely vulnerable to attack.In addition, Wireless Transport Layer Security (WTLS) is a security layer used in mobiledevices that employ the Wireless Applications Protocol (WAP). Mobile devices do not havea great deal of spare bandwidth to devote to security protocols. WTLS was designed to providesecurity for WAP devices in a bandwidth-efficient manner.