hi and welcome to module to lessen 3.4. And this lesson we're going to discuss the wireless environment in some of the security aspects of that environment.
This will be our last lesson in the network layer section of this course. Our next section. We're going to discuss things on the in point layer
in this lesson. No, for wireless. We're going to discuss basically two main things. This is gonna be a very quick lesson. It's just I'm just gonna gloss over some of the access and encryption things that are appropriate for wireless security
access. We're talking about how how in points actually gained access to the wireless environment and an encryption is the type of encryption we use within that environment.
Start out with talking about access and first thing I want to say is passwords can be cracked. Everyone knows that. Ah, lot of environments, unfortunately or configured their wild wireless environments are configured so that if you connect to the SS, i d. Your prompted for a password like maybe your home environment does this.
And if you know the password, that's all you need to know. You can get on your get on the network and you're on their unfettered
well, the problem in a corporate environment or in a in a sensitive organization environment that might be fine for home. But in a sensitive organization, you know, people are gonna put a sticky note on the wall that has the wireless password in it, because people ask him what it is all the time. And it only takes one. A lot of times. Organizations that use passwords for wireless
have the same password across all of their wireless environments. They may have
50 locations. This the same password is in every one of those environments. So if I walk into a small strip mall storefront for the organization, there's probably gonna be two or three people working there. They're gonna be a lot less secure than company headquarters. They may have a sticky note on the wall that has the wireless access password.
If I obtain that, I can use that password and go walk into the main lobby at the data center or at the H Q building of the same company.
And chances are I'm gonna be able to get on their wireless environment using the same password so passwords can be cracked. It's a week method of security. We should use certificates and 802.1 X in some in lieu of passwords like we discussed in our network access control module in the previous section.
The last thing we'll talk about with when it comes to access is you should think about where your access points are positioned. Now, a lot of times, geography comes into play and you don't have a lot of control over it. But wherever possible, try to place those access points and locations where they're they're transmit range isn't going to bleed too far into
environments that are out of your control.
For example, if you have an access point, you place it by a window. Half of that radius is gonna be inside your building. But the other half of that radius is gonna be in your pock parking lot, so someone can sit in their car and your parking lot with ever without ever gaining access to your building and try toe connect to your your while wireless environment. This is called war dialing,
so try toe, you know, think about access point placement as your as your building out your wireless infrastructure. A lot of times, there's not a lot you can do about it. I know there's situations where you're on one floor. You've got someone above you and someone below you, and there's not a whole lot you can do about bleed over going into different floors.
But there's a few things you can do as faras placement. There's access points have directional antennas, so you can.
You can point the transmission in certain directions. You can also usually tweak the range of certain devices. So if you've got a spot in the corner that doesn't have good coverage and you want to put an access point in that corner, at least tweak the range. So it just covers the corner and it doesn't blast through the whole building and way out into the parking lot.
When it comes to encryption, really, there's. There's three main types of encryption that are out there available. When you're setting up your WiFi environment, the 1st 1 is wept, and that stands for Wired equivalent privacy.
And really, this was the first encryption standard for wireless. It's it's not secure anymore. It's pretty easily hacked these days. It only uses 128 bit keys.
Remember when we talk about encryption? We talked about the key being secret. The more complex the key itself is the did more difficult. It is to reverse engineer that our them figure out what the data actually is with Web. It was cracked long ago, so it's honestly, you shouldn't use Web at all. There shouldn't be any reason to use wept.
In today's world, if you have a device that can only communicate weap, you should really take a hard look at, um at
changing that device out and figure out if you can live without that device.
W p A stands for WiFi protected access, and that's stronger than weapon uses. A 256 bit key. But really, this one was built as an interim replacement for Web. So when we figured out wept wasn't secure, it was a mad scramble to get something more secure in place. And WP a came about.
It's better than death, then wept. But really, there's no reason today we shouldn't be using Debbie P. A. Two for everything in all cases, unless there is a device that just simply cannot speak to BP a two. We should always use that method because it's the best one out there today.
It uses a yes encryption algorithms, which we discussed in the in the encryption section
as being the most secure algorithms out there.
And that's really all there is to know about wireless encryption for this intermediate course
that takes us to the end of the wireless course, and it also takes us to the end of our section on the network layer. Next class, we're gonna talk about the in point layer and all of the components at that layer in lesson to dot for.