Protecting Wireless Networks – CompTIA Security+ Lesson 10

Make your WIFI secure. Learn all about WEP, WPA, WPA2 and the IEEE802.11x family. Plus the most common vulnerabilities for wireless networks.

IEEE 802.11x Wireless Protocols

Wireless communications use the IEEE 802.11x protocol family to transmit over radio frequency. The frequencies used are 2.4 GHz and 5 GHz. You’ll need to have some basic knowledge on the protocol family. I made a little list a while ago here. You should know what each protocol means and when to use which.

Most APs (Access Point) will work with more than just one of these standards.


This section is about the security for wireless networks. Since they’re also topic for the Network+ exam I thought I could use the following video to explain them briefly but thoroughly:

Wireless Access Points

A wireless access point (AP) is a low-power transmitter/receiver that grants access to a wireless network. They come in different forms and variatons. Some have exterior antennas, other have interior antennas.

It is important to place them strategically in a building to grant access to the right users. In a worst case scenario you might end up with such a misplaced AP, that a hacker on the outside of the building can access the network, but the users inside the building can’t :P. Consider even having multiple APs.AP Meme wireless

Also a good practice to protect your wireless network is to implement MAC filtering, which as the name implies filters out MAC adresses. It kinda works like a implicit deny but for MAC adresses. However an intruder could circumvent the filtering by spoofing a valid MAC adress.

As for public WLANS (for a coffee or bar) you should use VPN to supplement the insecurity of open wirelesses.

Vulnerabilities to Know

One of the big downsides of wireless networks is that they are using radio frequency signals. These signals can be easily intercepted. You don’t even need physical access. A quick list of what could be done to your wireless network by an evil user/ intruder:

  • Site Survey
    • Allows to gain inteliggence about the system. Virtually all wireless networks are vulnerable to site surveys.
  • Jamming
    • I’m not talking about the kind of jamming bob marley was talking about. What I mean is interference to the radio waves on purpose by an attacker.
  • War driving
    • People driving around in a car with a laptop trying to hack into wireless networks
  • Rogue Access Points
    • Any wireless access point in your network that is unauthorized by the admins.
  • Evil Twin Attack
    • When a rogue access point poses as a legitimate AP
  • Other
    • Make sure to change the default password when installing an AP
    • Set WPA2 or higher encryption levels
    • Disable broadcasting the SSID

WEP IS WRONG wireless