Wifi is becoming a very popular form of networking for businesses and households alike. The freedom of no wires allows users to place their laptops or desktops anywhere within the building with little or no hassle. Over the past years the number of Wifi access points has grown dramatically. However, most people do not understand the basics of Wifi security.
A study was conducted from 2001 to 2004 in many US and Canadian cities to determine the number of access points and how they were configured. The retrieved data included the total number, the number with basic security, with a default name, and a combination of the two. This had staggering results. As you can see in figure 1, the number of access points has dramatically increased, however percent of those that are unsecured have stayed the same. This also indicates that an average 67.8% of access points did not add simple WEP encryption to help protect access and data.
Security is required on access points for a few main reasons. Once someone gains access to an access point, they are virtually inside that network. In most cases that network is trusted on the local LAN, (Since it is usually part of the local LAN), providing all access to the resources and data that is contained within it. Secondarily, this becomes a virtually untraceable point to access the internet. This can be used by some people just to serf the web, and access email, but also used for malicious intent.
All access points include at least three basic security mechanisms; WEP Encryption, MAC filtering, and SSID broadcasting
A secure network could be created using all three of these security systems, and will detour the casual person trying to find a network to latch into, however to an experienced cracker, or someone who is determined to access a particular network, this will be of little challenge.
Newer technologies can utilize WPA which at a high level view is the same concept as WEP, however, the keys are not specific to one device, and they rotate. This makes current cracking utilities unable to crack the keys. Basically, since once there is enough data to determine the key, the key has already changed. Also available are server side authentication systems that interact with Radius or LDAP servers to provide password or other forms of user authentication.
In closing, it is important to secure your access point. No mater how you do it, you save yourself a lot of possible issues, and keeps you and your network safe.
References include, worldwidewardrive.org, wikipedia.org