Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Open access for all users

Posted on 2008-10-26
4
Medium Priority
?
214 Views
Last Modified: 2013-11-25
hi all, am new here. I would like to know the problems that may arise when talking about open access to a wireless network and what are the recommendation that can be proposed to counteract. Also wanna know how access to the wireless network should be set up and run and the reasons for such proposal?
0
Comment
Question by:Alv45525
4 Comments
 
LVL 12

Expert Comment

by:Steve
ID: 22810249
if you leave your wireless access point OPEN for all users, it means anyone in the local vicinity to you with a wireless capable device (notebook etc), can connect to your access point and use your local network/internet connection without your knowledge..

easiest method to secure your wireless access point is to setup WEP encryption at 64bits and assign your phone number as the password (10digits long) that way when you connect your machines to the access point and are prompted for hte password you wont need to remember the long Hexadecimal password it creates..

that way the only way you can connect is if you know that the password for the access point is your phone number.. and you'll be secure..
0
 
LVL 14

Accepted Solution

by:
Roachy1979 earned 375 total points
ID: 22810938
An open access point is a massive business risk.  Any information sent wirelessly can be captured, and even modified.  Any passwords that are sent in plain text can also be captured - you are also allowing external parties unmonitored access to your internal network.

While WEP provides a little more security I still wouldn't recommend it.  Data can be captured from a WEP connection, ultimately allowing the key to be cracked and allowing third parties to connect to your network.  WEP also stands for Wired Equivalent Privacy...the security provided by WEP is similar to that provided through the use of a Hub....any traffic on a WEP network can be sniffed by anyone connected to the network.....

I strongly recommend doing a Google search for "cracking WEP" - you will find a plethora of sites detailing the methods used to do this, and illustrating how easy this is to do with a few freely available tools.

The other risk associated with using an open network is that attackers could use your network to their own ends - installing rootkits and viruses on connected machines, spamming through your network or hosting or downloading illegal files....In short it's not just a risk to your data, but also the potential misuse of your network resources and bandwidth for illegal or immoral purposes.

I would consider WPA/WPA2 PSK security if your Access Point and Clients support it.  Never use a dictionary password and try to use a combination of upper case and lower case letters, numbers and ASCII characters...

Hope this helps

P
0
 
LVL 10

Expert Comment

by:ampranti
ID: 22817304
Assuming you talk about an enterpise network you should prefer WPA + EAP.
WPA encrypts your data, preventing sniffing and unauthorized reveal.

EAP will allo users to authenticate , for example against your Active Directory or LDAP.
EAP strenght is based on password strenght

For medium size bussiness WPA PSK (Preshare Key) is more than enough (and usually recommended)
0
 

Author Closing Comment

by:Alv45525
ID: 31510201
Thx 4 helping
0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Transparency shows that a company is the kind of business that it wants people to think it is.
Successful collaboration among team members is essential for the growth of your business. When employees work together on projects, share ideas and communicate effectively they get better results.
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Simple Linear Regression
Suggested Courses
Course of the Month14 days, 20 hours left to enroll

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question