Table of Contents
Advertisement
Chapter 7 Wireless LAN
These security standards vary in effectiveness. Some can be broken, such as the old Wired
Equivalent Protocol (WEP). Using WEP is better than using no security at all, but it will not
keep a determined attacker out. Other security standards are secure in themselves but can be
broken if a user does not use them properly. For example, the WPA-PSK security standard is
very secure if you use a long key which is difficult for an attacker's software to guess - for
example, a twenty-letter long string of apparently random numbers and letters - but it is not
very secure if you use a short key which is very easy to guess - for example, a three-letter word
from the dictionary.
Because of the damage that can be done by a malicious attacker, it's not just people who have
sensitive information on their network who should use security. Everybody who uses any
wireless network should ensure that effective security is in place.
A good way to come up with effective security keys, passwords and so on is to use obscure
information that you personally will easily remember, and to enter it in a way that appears
random and does not include real words. For example, if your mother owns a 1970 Dodge
Challenger and her favorite movie is Vanishing Point (which you know was made in 1971)
you could use "70dodchal71vanpoi" as your security key.
The following sections introduce different types of wireless security you can set up in the
wireless network.
7.9.3.1 SSID
Normally, the ZyXEL Device acts like a beacon and regularly broadcasts the SSID in the area.
You can hide the SSID instead, in which case the ZyXEL Device does not broadcast the SSID.
In addition, you should change the default SSID to something that is difficult to guess.
This type of security is fairly weak, however, because there are ways for unauthorized wireless
devices to get the SSID. In addition, unauthorized wireless devices can still see the
information that is sent in the wireless network.
7.9.3.2 MAC Address Filter
Every device that can use a wireless network has a unique identification number, called a
MAC address.
example, 00A0C5000002 or 00:A0:C5:00:00:02. To get the MAC address for each device in
the wireless network, see the device's User's Guide or other documentation.
You can use the MAC address filter to tell the ZyXEL Device which devices are allowed or
not allowed to use the wireless network. If a device is allowed to use the wireless network, it
still has to have the correct information (SSID, channel, and security). If a device is not
allowed to use the wireless network, it does not matter if it has the correct information.
This type of security does not protect the information that is sent in the wireless network.
Furthermore, there are ways for unauthorized wireless devices to get the MAC address of an
authorized device. Then, they can use that MAC address to use the wireless network.
1.
Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks.
These kinds of wireless devices might not have MAC addresses.
2.
Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.
126
1
A MAC address is usually written using twelve hexadecimal characters
P-660HN-FxZ Series User's Guide
2
; for
Advertisement
Table of Contents
Troubleshooting
