Six WiFi Security Myths
There have been lots of articles lately that explain how to secure a wireless network. Most of this articles contain at least one measure that is not enhancing security at all. This does not neccessarily mean that it is lowering the security on the other hand though. Let us take a look at the six dumbest ways to secure a Wireless Lan.
1. Mac Filtering
Mac Filtering does not protect against the forgery of a mac address, which is terribly easy using a network sniffer. It still could be a valuable line of defense against neighbours and kids who are only able to push buttons and don´t understand the concept.
2. SSID Hiding
This is hiding SSID beaconing on the access point while four other mechanisms are able to broadcast the SSID.
3. LEAP Authentication
It relies on its users and their passwords. LEAP requires strong passwords to be relativly secure and we all know about the passwords of normal day users.
4. Disable DHCP
DHCP allows the automatic assignment of IP addresses. If you disable it you have to assign all IPs manually. It is not taking longer than 10 seconds to figure out the IP scheme of any network and assign the own IP address.
5. Antenna Placement
This is pretty useless as well, telling everyone to move their antenna in the midth of the room and running them with little power. The antenna of the access point is not the only factor that determines if it can be reached, the antenna of the client is also a factor. What if the hacker has a bigger antenna that still reaches your access point ?
6. Just use 802.11a or Bluetooth
This has nothing to do with security, those are just different standards.
Author: Martin Brinkmann
Six WiFi Security Myths