Wi-Fi security tutorial
Today, many hardware devices: routers, mobile phones, TVs, console games, PCs, can connect via wi-fi.
It operates in the 2.4 GHz and 5 GHz frequency ranges, each of which is divided into several channels. Due to relatively low emission power, the area of ??use does not exceed several hundred meters.
Instead of Ethernet networks, where data links are made by wires or FOs that can be physically protected, at wi-fi (WLAN) local area networks, with air being the environment, for security, other methods than classic ones should be used.
- It is possible to configure the access point (wireless router), not to transmit its SSID (Service Set IDentifier) publicly, or the name it appears in the search for wi-fi networks. Thus, only those who know the same SSID can connect.
However, if someone intercepts transmission frames between the router and a station connected to it, it can determine this SSID.
- Another possibility is to filter MAC addresses that can connect to the access point (AP).
But, from the intercepted transmission frames, you can see these MACs. In this case, a hacker, will be able to configure this MAC address on a personal device and will be able to access the wireless network.
The most effective technique for protecting a wi-fi network is encrypting AP connection data.
This technique was first used to encrypt frames at the data link level. WEP uses the RC4 algorithm, using a key for the duration of the session. Data integrity control is achieved through the CRC control amount. Now WEP encryption is no longer used.
In WPA, besides the RC4 algorithm, the TKIP (Temporary Key Integrity Protocol) technique was introduced, which changed the key during the work session. The amount of CRC control was replaced with the Michael algorithm
In WPA2, the RC4 encryption algorithm has been replaced with the AES algorithm, and the control amount is computed with a CCMP code.
WPA2 and WPA2 require configuring passwords to gain encryption keys.