To bring those of you up to date on how WLAN technology works, let me give a brief overview. The version of WLAN that I am referring to is radio wave based and defined by IEEE 802.11b.
There are two pieces of hardware that you will need to be concerned with. The first is an access point. This piece of equipment acts as a combination of a hub and a bridge. One side handles your wireless clients while the other side has a common 10/100 Mbps ethernet connection for integration into an existing LAN, or possibly to connect to a cable or DSL modem. The other piece of hardware is the wireless network interface card, which, as far as the end user is concerned, works pretty much the same as a typical network interface card (NIC). More info can be found here: www.NetworkNewz.com.
I am sure that all of you have heard that wireless technologies are susceptible to eavesdropping because the user has little or no control of where his/her broadcasts can be intercepted. This may be true for some wireless technologies, such as with cordless phones; however, security has been an issue throughout the design phase of WLAN and its related specifications. Because of this, wireless LANs are very secure. Let me explain why.
First of all, we need to look at how the radio waves are transmitted (with wireless LAN) and how they differ from most other wireless technologies. As an example, I will use cordless phones. Most wireless devices transmit and receive on the same frequency or “channel”. What this means is that a person with a receiver set on that frequency can intercept whatever transmission takes place. This is how people eavesdrop on cordless telephone conversations. They simply modify a scanner (which searches many frequencies until it finds a “live” transmission) to receive frequencies in the range defined for cordless devices. Cordless telephones, being analog, usually do not scramble or encode transmissions in any way, and thus, can be listened to on a typical scanner.
If your wireless LAN operated in the same manner, it would not be very secure. This is where our tax dollars have returned something to the community. The military has developed a technique using radio waves called “Spread Spectrum”. This technique involves spreading the transmission across several frequencies and comes in two flavors: frequency hopping spread spectrum and direct sequence spread spectrum. The military developed these techniques so as to avoid eavesdropping and jamming of signals.
The frequencies defined for such use with wireless LANs are known as the ISM (industrial, scientific, medical) bands and occupy the following ranges: 902MHZ-928MHZ and 2.4GHZ-2.484GHZ.
Frequency hopping spread spectrum basically appears to be randomly hopping from one frequency to another. It only appears to be random – this is part of the hardware encoding of the transmitter and the receiver. This schedule of frequency hops would be next to impossible to determine by simply intercepting broadcasts. You would need many scanners checking many ranges very quickly to determine what frequency to listen on when. Assuming that you could decipher the order and length of stay for each hop, you would then need a device that could listen and switch frequencies concurrently, according to that schedule. Not easy. Direct sequence spread spectrum is sometimes known as “pseudonoise”. This involves adding “chips” or “redundant data bits” to the data bits. This effectively causes the transmission to be unreadable except by a device that knows the difference between the chips and the relevant data, in much the same way as frequency hopping spread spectrum uses its algorithms. Again, this will require equipment and capabilities that even the most highly skilled hacker will probably not possess.
A hacker is more likely to determine what type of WLAN devices you are using and obtain a like interface. He will still not be able to connect to your network. At least he will not be able to connect in the same manner as if he plugged a rogue machine into a wired network. In the wired network instance, a packet sniffer or other such device can be put to work simply by connecting to the physical network. With wireless networks, a pre-programmed password between the access point and the wireless interface exists. This means that a hacker will have to negotiate a password before he even has connectivity on the network. Difficult at best. In this respect, wireless may be more secure than a wired network.
Lastly, most wireless LAN manufacturers include some form of encryption. The most common type of encryption used is DES or “Data Encryption Standard” and can include several levels of encryption. In case you don’t know, encryption encodes all transmission between the nodes (WNIC and access point, in this example). This way, even if information is intercepted, it is still useless; that is, unless the hacker in question has several years to decrypt the keys used for encryption.
In conclusion, WLAN technology is no less secure than conventional network technology. It may not be long before most LANs are wireless.
Jay Fougere is the IT manager for the Murdok network. He also writes occasional articles. If you have any IT questions, please direct them to Jay@https://murdok.org.
