Security awareness of wireless networks

The security of wireless networks has become a subject that cannot be neglected. We'll discuss the details of WPA in detail, especially for home and small business users, and then the Wireless Setup Wizard for Windows XP SP2, which greatly simplifies the security setting process for wireless LANs using USB Flash technology.

Introduction to WPA

Before you get to the point, first take a look at WPA. WPA does solve security problems that WEP does not solve. The details are not words can be Daoqing, in short, WEP's problem comes from the network on each device share using a key. This key has unsafe factors, its scheduling algorithm on the weakness of the malicious hacker can be relatively easy to intercept and destroy the WEP password, and then access to the internal network resources.

WPA solves the problem by using a new protocol called TKIP (temporary Key Integrity protocol). The key is merged with the MAC address of each device on the network and a larger initialization vector to make sure that each node encrypts its data using a different key stream. Tkip then encrypts the data using the RC4 encryption algorithm, but unlike WEP, TKIP modifies the common key, making the network more secure and less susceptible to compromise.

WPA also includes integrity checking to make sure that the key has not yet been attacked, while strengthening the dummy user authentication feature provided by WEP and includes 802. 1x and EAP (Extended authentication protocol) support. This allows WPA to authenticate wireless users through the external radius (dial-in user remote Authentication) service, or to automatically change and assign keys in a large network using RADIUS protocols. (Computer science)

Implementing WPA

Prior to the advent of hardware supporting the new IEEE 802.11i security standards, as a stopgap measure, WPA is primarily for corporate networks where the key is relatively easy to capture and destroy. Compared with the home or small enterprise LAN, the process of corporate network key theft is relatively easy, hackers only need to collect and create the information needed from the network traffic for a few days to complete the theft of the key. Similarly, WPA applies to small networks that do not require external authentication and use a simple shared secret key. The designer's intention was to upgrade by adding WPA to an existing wireless device, using the device firmware or the associated client software. Unfortunately, this technology is going to take time, and so does technology, and if you want to use WPA, it's best to make sure your service provider supports the technology. Most service provider support, but not all of them. More importantly, some older equipment may not be upgraded and should be contacted first with the service provider and verified accordingly.

Remember, you need to upgrade all devices to support WPA, including access points, wireless routers, client network adapters, wireless bridges, and printer servers, and any device that has a wireless interface needs to be upgraded and not compatible with WEP. In addition, if you are a Windows XP user, you will also need to upgrade your software to increase WPA support, either by using Windows Automatic Upgrade service or by directly installing SP2. For details, see article No. 815485 of Microsoft Knowledge Base. (http://support.microsoft.com/?kbid=815485)

Figure 1 Older infinite hardware may need to be upgraded to support WPA. The US Robotics access point in the figure is easy to upgrade, but some vendors only support WPA in the new product.

Wireless networks and SP2

There is no doubt that the improvements that Windows XP SP2 bring to wireless networks are enormous, and the next thing we want to discuss is the Windows Smart Network key technology in its Wireless Network Setup Wizard. This technique allows users to save wireless settings (including WEP and WPA keys) in an XML file and use it to make the same customization for all wireless devices, including access points, routers, wireless PCs, and so on.

This technique supports the use of USB flash memory, so to set up a wireless device you just need to insert a USB drive that has settings data.

There may be some doubt about this because USB interfaces are rarely available in access points and routers. I've only seen several USB-enabled devices that connect a broadband modem or printer with a USB interface. But it will not be long before manufacturers realise the potential of the market and make up for a small flaw in the functionality of the equipment--not to mention the addition of USB connectors to these devices.

You can then start customizing your device with the new Wireless Network Setup Wizard, assuming you have SP2 installed. Microsoft's official website has provided SP2 free downloads, but the files are large and the broadband download time takes about 1 hours.

Figure 2 The New Unlimited Setup wizard in SP2 makes the entire setup process much simpler.

Wireless Wizard

In the XP SP2 system, the Wireless Network Setup Wizard can be started in several ways. You can find it in the Control Panel's network and Internet connection, as well as the wizard's startup shortcuts in My Network Places. Running the wizard on your PC does not require you to start the wireless interface, but if you want to automatically convert the settings to another device, you must use the USB port.

If you've already set up a wireless network, the wizard will first ask if you want to add new computers or devices to your network, or you can add a new network setting by default. This is identified by the service set IDENTIFIER/SSID, which requires a valid wireless network name regardless of the type and level of encryption you choose to perform.

Figure 3 The New Wireless Setup Wizard can be used for both WEP and WPA encryption settings. The prerequisite is that the hardware must support WPA.

As shown in Figure 3, the network has a wireless SSID, and you can either have the wizard automatically assign the network key (the recommended option) or manually assign it. The wizard is used only to set up a wireless LAN (the so-called public utility model) that utilizes one or more access points to access the network, and cannot be used in a Ad-hoc network. Although WEP encryption is the default, you can also choose to use restricted WPA. You need to be reminded that WPA is different from WEP and does not support all devices.

Figure 4 shows the operating interface for manually assigning a network key. This is a case for WPA, but when WEP is selected, the rest is essentially the same, except that the length of the key provides two choices.

Figure 4 Most users prefer to use the keys assigned by the wizard, but for security you can choose to type the characters yourself.

The keys can be either normal ASCII characters (such as numbers, letters and symbols found on the keyboard) or hexadecimal digits, and the wizard can recognize the type of characters by typing the number of characters. You can also choose to display the input characters when you enter them, so that you can avoid hand errors.

Next you need to choose between automatic and manual allocation, and here we are talking about automatic allocation. First prepare a U disk, select the "Use USB flash drive" option, then you are required to insert a U disk and then select the system-assigned drive letter. The wizard then saves the wireless network settings, along with several other required files, into a USB drive, which is saved as an XML file.

Figure 5 The wizard will remind you to insert a U disk to back up the XML file containing the settings information.

The rest of the work is very simple, insert a U disk into the wireless AP or any of the wireless devices you want to use in the wireless LAN, the settings in the XML file will be automatically updated to these devices.

For a PC that uses XP SP2, the system recognizes the device and can set the PC's wireless network when it is plugged in. The Wireless Network Setup Wizard starts automatically and asks if you want to add a computer to your wireless network. Click OK, the settings will use the USB disk backup settings information to complete the setup process.

After you have finished setting up all the devices on your wireless LAN, you should plug the USB drive back into the PC running the Wireless Network Setup Wizard and click Next. For security reasons, when you click Finish, the wizard will ask to delete the XML file that contains the settings information. You can back up these files, or print a document through a network printing device, which is easy to use later.

Figure 6 Inserts a USB disk containing the settings information into the device to be set up, and the setup process starts automatically.