Saturday, November 12, 2005

Securing your Wireless Network with WPA


I can't say that I have a complicated home network, it's actually really simple, but it's very wireless

When I was the backup Program Manager, I went out and dropped $300 on an external USB harddrive, when I was the client deployment PM, my network became completely managed by Group Policy (until of course, I had to take my Media Center Edition out of the domain for my externers to work). Now I'm the networking PM. I suppose you think that I should swich my machine into a dual-nic box, run premium, get to know ISA. Well, I might end up there, but I'm not there yet, I believe in simplicity, and besides, things are working now anyways, and I don't need to track my movement on the web. ;o) I know where I've been!

One thing I do want to change is my wireless security. Right now I'm using WEP encryption on my network, 64-bit. I was wondering one day what WEP actually stood for, and when the first hit that came up was Tom's Hardware Guide on how to crack WEP securitiy. Hrm, when something is as easy to crack as WEP is, it comes up on a search prior to the definition. Time to change your security algorithm.

Now if I was a business, I'd probably be installing and configuring Radius, but for me that doesn't work. I have people over all the time, and creating a domain user account for folks to just get Internet access kind of sucks.

So, I'm moving to WPA-Public Shared Key, but first I needed to make sure all my devices supported it:

  • Linksys Router - firmware upgrade was needed

  • Linksys Bridge - new enough that it was included

  • Tablet PC - New drivers for the Wireless card were needed

  • PDA - Pocket PC 2003, ok


Ok, so here goes, first step is to come up with a shared key, I picked "SBS is Cool". (haha! just kidding, I'm not going to post my shared key to the web!). So I picked a Super Secret shared key and configured my router.


Next I configured the bridge with the same shared-key, and then my laptop, then my PDA.

After upgrading the drivers on my laptop, I decided to get started. My first problem was I lost the CD to setup my wireless bridge. Lucky for me, Linksys support works on a Sunday and a typing feind named Jesse told me to set my wired LAN address to 192.168.1.2, I was able to get to the bridge (192.168.1.21) and notice that the version of the firmware that I had didn't support the "#" character. I changed my Pre-Shared Key to something else without that character and everything started working.

And for my PDA, it would seem I need to get Windows Mobile 2003 Second Edition to support WPA.

At least now I can feel more confident that my neighbours aren't on my LAN ..

5 comments:

happyfunboy said...

wait'll i tell bitzie and dana..

time to wardrive sean's place!

:)

Chris said...

Audiotron? Man, get a Squeezebox or two :)

Blake Handler said...

There's always the "other" issue that you may be legibly liable.

http://papers.ssrn.com/sol3/papers.cfm?abstract_id=692881

Anonymous said...

The Windows XP wireless network setup wizard only gives you the option of setting up WEP security. I updated the Broadcom drivers and firmware, as well as my router's firmware, but I can't seem to be able to set up anything but 128-bit WEP. Anyone have advice?

Sean Daniel said...

Well, the above was all done manually, the primary thing you should be doing is making sure that each device in your network can support WPA, then you will have to setup each device manually, without using the Windows wireless wizard.

Sorry for the inconvenience.