On The Current State of WiFi Security

An anonymous reader writes "A Flexbeta article covers the basics of WiF security. The article mentions mentions various ways of securing a WiFi network, how easy it is to crack WEP, and what the IEEE is doing about WiFi security. From the article: 'In order to address the security issues of WEP and the current Wi-Fi standards of 802.11a/b/g, the Institute of Electrical and Electronics Engineers (IEEE) is developing a new standard that is called 802.11i. This standard was developed with security in mind. The new standard implements new security entitled Wi-Fi Protected Access (WPA), which takes advantage of the Temporal Key Integrity Protocol (TKIP), is easier to setup using a pre-shared key, and can use RADIUS authentication.'"

WPA2, not WPA

[JemVai777]

The real contender is WPA2, which employs the far stronger AES symmetric algorithm in place of RC4, and adds much-desired features such as fast roaming:

WPA2 overview.

If your hardware supports it, use WPA2. If not, settle for nothing less than WPA, as WEP is a joke and trivial to break into.

Re:WPA2, not WPA

[marcantonio]

Actually 802.11i is WPA2.

Not necessarily

[JemVai777]

doesn't .11g have WPA TKIP

The 802.11g spec does not mandate WPA; however, most modern cards and APs support it. While WPA has no known serious weaknesses, choose WPA2-compatible hardware if you're yet to purchase wireless equipment.

Re:None of which will matter

[frodo+from+middle+ea]

6 dumbest ways to secure WLAN

and Some sensible advice on how really to secure it

Mind you I don't recommend that you turn on SSID broadcast, or turn off mac addr. filtering, but, these options will diter only novice users from stumbling accidently on your WLAN.

But security is not about stopping these novice users, who are less likely to cause any damage in the first place, It's more about stopping someone who is really determined to get in, in order to at best steal your bandwidth or at worst do some real damage like get sensetive data from your PCs.