6 Burning Questions About Wireless Networks

alphadogg writes "Answers to wireless network questions such as: What impact will 802.11n have? Which wireless security threats are scariest? What of wireless VoIP? Will your organization need to change to support enterprise mobility? How do you control costs in an expanding mobile and wireless environment? What can you do to stop wireless denial-of-service attacks?"

My question

[CastrTroy]

Here's my question. When are router manufacturers going to start requiring people to use WPA security? I got a Wii a couple weeks ago, and used the wireless part of my wireless router for the first time. Setup of WPA was very easy. I also found about 5 other open networks that I could have connected my Wii to. I find it amazing that people are leaving their connections open when setting up a secure connection is so easy.

Re:My question

[dattaway]

Those open connections are just part of the redundancy of the internet. And the next time RIAA come knocking on our door, we just point fingers again.

Re:My question

[PhoenixFlare]

I think many people just don't realize how far the range on some of these devices reaches - or they just automatically assume it will be stopped by the windows/wall/floor/etc.

I had the same experience when I got my Wii - it picked up probably 6 or 7 networks within my condo building, with probably 3 or 4 of those unsecured. Even my DS still manages to pick up 2 or 3 other networks from elsewhere in the building.

Re:My question

Require? Why the hell should they 'require' it? I can see turning it on be default, but no way should it be required.

I choose to share my wireless with anyone who might need to connect to check their mail etc. I VPN from my laptop to my OpenBSD gateway to keep my own work encrypted, and also allow access my wired home server.

I use the packet filter to ensure I get first dibs on traffic, but any spare bandwidth is open for others to use as the need.

Having it on by default is good. Having it required is not.

Re:My question

[CastrTroy]

I hope you don't regret it when the cops come knocking on your door because somebody has been using your wireless connection to do something illegal like trading child porn. Maybe you wouldn't get convicted because they won't find any other evidence, but I'm sure it would be a major inconvenience. Why risk it? I know you're just trying to be a good Samaritan, but I pay for my internet, and expect that my neighbors would do the same.

Re:My question

[Idbar]

Well then, that is a good indicator that you are in the wrong neighborhood. However, there's always a way to keep track of the computers using your network.

The only reason I have my network protected, is because I don't want to do all that security thing of encrypting, keeping logs. If I weren't lazy enough, I'd keep logs as future support and keep the network open.

Re:My question

[c_woolley]

I agree. I also think we should point out the number of people that simply do not understand what they are doing or what is needed to secure a wireless connection. My mom is fairly tech-savvy for an older (I hope like hell she doesn't read this) woman. She understands quite a bit more than the average user. She was new to wireless connections, and decided to give it a try. When she called me to ask if there was anything to do besides plugging the provider's connection to her router, she was surprised when I told her she needed to secure it. She assumed (as someone else had already mentioned in a later post) that security was enabled by default. I walked her through the process without any problems, but it still remains that she did not know that enabling security was required. I asked her why she didn't figure it was needed and why wouldn't she feel that anyone could connect if the wireless connection. It didn't ask her for a password or some type of authentication, her computer was able to get to the Internet. Wouldn't that mean Joe Anyone could get there through her connection too. Her answer was simple, and yet effective. "Well, when I plugged my computer into my old router, it never asked me for a password either...smartass." And there is the answer. People are used to not having to secure their physical connections. If they do, it is usually much worse a situation for the average user, since their home is probably being burglarized at the same time. Now, it isn't the same situation for everyone. Some people know fully well that they need to secure their connections, and just don't. Call it lazy or whatever, maybe they just don't care enough or don't think their information is worth stealing. I have even run into one man who opened his connection up so that his neighbors could surf on his dime. He paid for a 12Mb connection and only used the Internet to surf the news. He didn't care that his neighbors were playing World of Warcraft or other online games. As long as his connection to the news was good, so was he. I suppose the bottom line is that there are reasons for everyone. Increasing some people's knowledge about it can help, others may just not care. Either way, I'll still be able to sit at home and open up my network connections and see unsecured networks. It's on me to decide whether or not to take advantage...and on my neighbors to figure out why they have to rebuild their systems every two weeks (just kidding).

Re:My question

[asills]

Most newer routers come with CDs to let the lay people set up their routers. The CD walks them through setting up their wireless router and the recent ones inform people to pick a "security key" and it sets up the wireless security for them (I found this out because I was amazed at finding out my mom had WEP enabled, even though she had no idea what it was - and regardless of how bad WEP is, for any random house in any random neighborhood it's good enough).

So if you would RTFM and/or UTFCD the router came with, it would tell you to set up security :)

Re:My question

[Deliveranc3]

Corrolary question, when will they give me a wireless security setup that matches what I want.

I want to share about 30-40Kpbs and have intelligent performance algorithms managing the rest, I want to have my transmissions encrypted while allowing others to SHARE my web-access. (I know that's a big word, like "communist").

When we move to 802.11n (Assuming the same number of wireless routers as currently exist there will be almost 80-90% coverage in urban areas, why would I need a cell phone if we all shared, how about intelligent sharing between networks as a mesh? Once we overflow the casual bandwidth limits we can stop dealing with this "expensive last mile" crap and start getting isolated fibre channels.

My computer is secure, my internet access is mostly encrypted or tunneled, but I don't have access everywhere for affordable prices, I don't think security and sharing have to be mutually exclusive.

Re:My question

[steveo777]

Well then, that is a good indicator that you are in the wrong neighborhood.

The neighborhood will never have anything to do with what kind of neighbors you have when they shut the front door. Sure, you can get a good idea by looking at the outside, and everything may look pleasant. "Never judge a book by its cover"

A friend of mine had a roommate for six months. Everyone agreed he was a pretty good guy. If not a bit obnoxious. A month after the guy moved out the police broke in with a warrant, took every computer and all his media. Movies, cassettes, CDs, DVDs, blanks, everything. They pull my friend into the station and put him behind a mirror and ask him tonnes of invasive questions about sexuality. After a couple weeks they call back. They talked to the old roommate, who confessed to trafficking child pornography. My friend got everything back, which I understand doesn't always happen.

I'd say it's a good idea to secure your network or at least keep some kind of log.

Re:My question

Because they couldn't possibly use the wireless access at their local coffee shop, university, community network, etc, etc, to do the same anonymously. Right? Open wireless APs exist. Everyone in the world isn't a pedophile out to use your wireless access to do harm. You better make sure the cops go bust everyone at your local Starbucks who has a laptop. I'm sure they must all be sicko's uploading kiddie porn. I mean, that's the only reason anyone would use open wireless access points. Right? Get a grip. You must be one of those sissy neo-cons who are terrified of their own shadows.

Even if someone does use an open access point for bad things, if the police are idiotic enough to arrest someone with an open access point based on no more than that, they are going to tip off the bad guy and let him get away scott-free. And what exactly am I going to 'roll' on when I'm providing the exact same thing as a dozen coffee shops within a few miles of my place? I have an open access point. My own computers are clean. There's nothing to 'roll' about. Show some backbone.

What I want to know is

[rsilvergun]

What the heck are we going to do about everyone and his bro having his own wireless router? It's a special kind of heck when you've got an apartment complex with 7 or 8 or 10 wireless networks all in range and all competing. Add to that cell phones, wireless cameras, printers, etc, etc, and wireless is rapidly becoming useless...

Re:What I want to know is

[mrzaph0d]

I know in my neighborhood Verizon rolled out FIOS recently. Anyone signing up got a free wireless router. So far I've only detected about 3-4 maximum at a time, but I wonder how long before the neighborhood saturates to the point that it gets too crowded to get a good signal from my own router.

printer friendly version

[BestNicksRTaken]

http://edge.networkworld.com/cgi-bin/mailto/x.cgi? pagetosend=/export/home/httpd/htdocs/news/2007/061 107-burning-questions.html

Yeah, I know it looks like some dodgey mailer script, but it just uses Javascript form elements to fill in bits of their standard printer page, instead of making a proper URL. Of course GET vs. POST is not checked ;-)

Re:Somewhat OT question about wireless network

[mr_stinky_britches]

How about creating a LAN over the power lines in your residence?

Here is some more information from wikipedia: Power line communication for home networking

I have a friend who did this at his house and it worked out nicely for him.

Good luck!

--
Wi-Fizzle Research

Re:The real questions about WiFi:

[cdrguru]

WPA requires support in the device connecting which isn't always there. It also requires a lot more effort on the user's part to connect up. If routers came with RADIUS servers where you had to log in it would be much simpler and clearer for everyone... but no.

WiFi is on an unlicensed frequency, which pretty much means that as long as the power is low nobody can complain. I suspect there will be a licensed version of WiFi at some point where you buy a license for a geographic area and a channel. This would eliminate 90% of the problems with commercial use, such as the microwave oven kicking everyone off at Starbucks where you are paying for access. Companies would also have the same thing for "mobile workers" so nobody gets kicked off. On the free unllicensed frequency you are going to take your chances and it is going to get very, very crowded.

Leaving an AP open means you are providing a service for others to use. Your user agreement with them is going to control how they use it and who is responsible for materials being transferred. What? No user agreement? Well then, I guess you are going to be responsible unless you can convince the judge that just anyone might have been using it and you wouldn't have any idea. Sort of like leaving a gun laying around - if someone gets shot you aren't really responsible are you? It is going to depend on the prosecutor and the judge.

I don't know of any "free" (as in taxpayer-supported) municipal WiFi network that has gone anywhere at all. Lots of networks just joined up with T-Mobile, Boingo and others for billing. Yes, you have to log in so the know who you are and they do have a user agreement that you have to accept.

Is 802.11n more reliable?

[jonnyj]

The article seems to assume that 802.11n offers so much more bandwidth that no-one will bother with ethernet any more. Unless the new standard is less susceptible to neighbouring networks, that's just not the case

18 months ago I set up a MythTV setup based around an 802.11g wireless network and, at first, it worked flawlessly - two clients and the server could simultaneously stream TV to/from the router. Then my neighbours started using own networks in anger and the bandwidth available to me gradually dissolved.

Now my network can't come close to supporting one streaming device. Even surfing the net wirelessly is painful, with regular 2-3 second dropouts when the whole street hits the airwaves simultaneously. I've long since given up on wifi and switched to homeplug.

I'm not alone. Most people I know who live in densely populated areas have the same problem. Does 802.11n suffer from the same problems? I imagine that the increased range will just lead to increased contention when its popularity increases. I'm not about to buy it.

Re:Is 802.11n more reliable?

[CallFinalClass]

N suffers from all these problems.

Let me be more specific - 2.4 GHz N suffers from all of these problems. For now, I expect the 5 GHz N implementations to be in much better shape.

Tip of the hat to Apple for making all of their N gear 5 GHz capable.

Wag of the finger to just about everyone else for making their stuff 2.4 Ghz only, likely for backwards compatibility and cost savings.

Re:Is 802.11n more reliable?

[karnal]

The problem with the airspace within the specific band is that there's only so much bandwidth, and that is shared by all devices on that channel, whether they're a part of your network or not.

Of course, this can be mitigated by making your signals stronger (i.e. sitting the devices right beside each other) so that the other devices don't interfere with your signal.

I use wireless A at my place of employment, and I've run into another issue - if I have three people on wireless, and I start transferring a large file (using a good portion of the wireless signal) the other people get squat, and it shows by watching their e-mail sessions just sit there when they try to open the client.

Wireless is good for some things (mobility,) but when it comes to doing large data push/pulls, grab the wire. Your Myth setup isn't a huge drain on even a 802.11g network, but if others in your area are chatting at the same time in a similar channel (peer-to-peer networking?) you'll not have a good time.

Re:The real questions about WiFi:

[Idbar]

1. Why can't Router manufacturers make WPA the default and use "no security" instead?

I say, why WPA, why not WEP or 802.1x? Because everything is based on Drafts not standards so everyone does what they want.

2. Why can't we get the information just how far away the "full bandwidth" works, instead of finding out without fail that most APs can hardly provide the promised bandwidth over distances more than 5 yards?
That mainly depends on both your router and your network card, therefore it's quite complicated to know exactly these distances. You might as well buy a 1W router and radiate everyone around you. They are only US$1000+

3. How long 'til we can't use WiFi anymore because all frequencies are already taken by your neighbors and the companies around you? Worse, can you soon be forced to discontinue your WiFi use because the company next door needs your frequency? (Because, yes, it's unusable past 20 yards but can easily interfere with networks a few miles away, it seems)
Frequencies around 2G are not licensed, reason why cordless phones and later WiFi routers were put into that range. As long as you don't radiate too much power, it shouldn't be a problem. You can switch among (at least) 3 non-interfering channels or 11 channels in total, without counting on the SSID. Of course the more devices you have attached, the worse the performance (which takes you again to your 2nd question).

What it comes to my mind is, WHY people keeps using SSIDs like "linksys" or "netgear", and the really poor implementation of the wireless connection managers in MAC and Windows (Linux is primitive, but at least does what you want).

Re:Do you know how much time that takes

[CastrTroy]

Maybe they could put an LCD Display on the front on the router that can display the default password. The default password is randomly generated when it it plugged in for the first time. It can be regenerated by pushing some button on the router. 1 hour after the first connection has been made, the password stops displaying. I'm not sure what the best solution is, and I realize that it should still be possible to create an open access point for those that wish, but I think they should make it a lot harder for the average joe to do that.

My answers, now forward this to 20 friends...

[pla]

What impact will 802.11n have?

It will replace 802.11a/b/g, but beyond that, none. Speed really doesn't count as the biggest problem with wireless - I'd personally put "reliability" at #1 and "security" at #2.


Which wireless security threats are scariest?

The DOJ sniffing your traffic from outside rather than needing to at least enter the building (and thus possibly get caught on your security camera(s)).


What of wireless VoIP?

What of it? Whether you use a VOIP set that connects via 802.11, or a VOIP set that connects a base station via ethernet and has a cordless handset makes no difference. Except, perhaps, that while the 2.4GHz spectrum has gotten rather crowded lately, the 800MHz range used for cordless phones has become less congested in recent years.


Will your organization need to change to support enterprise mobility?

Probably, because most enterprise apps tweak if they lose their network connection even momentarily - See my first answer.


How do you control costs in an expanding mobile and wireless environment?

"The only winning move is not to play".


What can you do to stop wireless denial-of-service attacks?"

1) Use a wire.
2) Wait for the entropic death of the universe.
Seriously, no realistic solution exists between those two - A wireless DOS doesn't take anything high-tech... A spark-gap transmitter will do nicely. And don't forget "unintentional" DOSs... At my house, I suffer one every few second due to a nearby airport's radar (again, see my first answer), thus I almost exclusively use a wired connection except for totally noncritical and connection-state-less uses such as surfing the web from my couch.

Re:Favorite question so far...

[Deliveranc3]

Ancedote, I have a Ghost Phone. It has no record with any phone company, never gets a bill and can make unlimited calls anywhere.

Now none of the phone hacker people are willing to help me move the ghost account to a new phone, this old one gets terrible reception and has 3 hours standby.

But how much is this phone worth, how much is the freedom to never worry about a bill worth? Not to look at the clock not to wonder if you're going over? Well I offered my sister $1200 for the phone 3 years ago (She had it first with over 4 weeks talk time on it [she literally talked for weeks on this phone])... she told me no in a heartbeat.

$40 a month doesn't sound like much but the peace of mind of not having to deal with cell phone companies when you want to upgrade a phone or deal with them at all, is priceless.

Free service is possible, and it's nice, I recommend it to everyone... if there was free service for the .11G phones I'd be all over them in a second.