Let’s talk wireless networking

When I was at church tonight looking at a power supply they asked me to help them set up a wireless network. I didn’t go about securing it just yet because I was paranoid about locking myself out.
I learned enough anyway.

The first thing I learned was that mix-and-matching your stuff for initial setup isn’t the best of ideas. We had a 3Com access point, a D-Link PCMCIA NIC, and a Linksys USB NIC. The D-Link and the 3Com didn’t want to talk to each other. Differing SSIDs turned out to be the culprit. The 3Com’s SSID was “3Com”. The D-Link’s SSID was “default”. The Linksys’ SSID was “Linksys”. But the Linksys setup program hinted that if you changed the SSID to “Any”, it would work with anything. It was right. It linked right up to the 3Com access point, while the D-Link just kept blinking away, looking for something. So we used the Linksys to configure the 3Com access point and changed the D-Link’s SSID. We had to reboot a couple of times before it kicked in, but then the D-Link connected up and held a link.

So the moral of that story is to make sure your access point and at least one of your cards match. And if you can’t match brands, get one Linksys, since you can set its SSID to “Any” and it’ll connect to anything. (I couldn’t figure out how to make the D-Link do that; maybe if I’d set it to “Any” it would have found the 3Com too.) Of course the only way to find out the 3Com’s SSID was to connect to it, so if we hadn’t had that Linksys, we’d have been up a creek.

So now I just have to figure out how to secure the network and they’ll be set. The plan is to only break the wireless stuff out during events, so it’s not like they’ll become much of a wardriving target, but I’ll still feel better if it’s secure. I’m a little bit afraid to just connect to the access point, enter a passphrase and turn on 128-bit encryption, because I couldn’t figure out how to give the cards themselves the passphrase and I didn’t want to take the chance of whether it’ll ask for it upon initial connection.

Time for more research.

And I think I’ll be getting some wireless stuff for myself soon. I’ve thought about phone networking, but Linux support is spotty. Wireless is less secure and more expensive, but it’s a whole lot easier. And it’ll be nice to be able to take a laptop anywhere I want and still be connected. CompUSA has their wireless gear on sale right now.

4 thoughts on “Let’s talk wireless networking

  • October 24, 2002 at 12:51 am
    Permalink

    One suggestion: If the 3Com will do it, set the access point to only connect to the MAC addresses of your wireless nics.

    Office Depot and Office Max are offering sales on rotating products also. Office Max is pushing Belkin; Office Depot, Linksys.

  • October 24, 2002 at 8:44 am
    Permalink

    There’s really no good way to secure a WLAN when using home-grade equipment. The MAC addr suggestion above isn’t bad, but it isn’t hard to get a wireless card to spoof a MAC addr, once you use Airsnort to sniff the valid addr off the network. The minimum to do is:

    set the SSID to something unique
    enable 128-bit WEP
    enable MAC addrs as suggested above

    and even then you’re only safe for a bit. Don’t send any sensitive data over a WLAN link that isn’t encrypted (ssh connection, IPSec over a VPN, etc…) At least the hacker kiddies won’t get your on-line banking password while they’re using your DSL connection for free 😉

    Any commercial WLAN should, at least today, be using all Cisco gear with their LEAP protocol to secure the keys. This, however, is not a cheap solution…

  • October 24, 2002 at 8:56 am
    Permalink

    Good post. Keep us informed on how well the security thing goes on the wlan. I am thinking about a similar project for my house and church. The security issue is of great concern.

  • October 24, 2002 at 12:50 pm
    Permalink

    Seven Security Problems of 802.11 Wireless by Matthew Gast
    http://www.oreillynet.com/pub/a/wireless/2002/05/24/wlan.html

    Wireless LANs at Risk by Craig Ellison
    http://www.pcmag.com/print_article/0,3048,a=23839,00.asp

    Hardening IEEE 802.11 wireless networks by Tyson Macaulay
    http://www.ewa-canada.com/Papers/Hardening_802.11.pdf

    WLAN Hardening Checklist
    http://www.eweek.com/article2/0,3959,100504,00.asp

    Top 10 tips to spoil a wireless hacker’s day by Gary Boniface
    http://www.securitynewsportal.com/cgi-bin/cgi-script/csNews/csNews.cgi?database=JanR%2edb&command=viewone&id=34&op=t

Comments are closed.

%d bloggers like this:
WordPress Appliance - Powered by TurnKey Linux