Problem solve Get help with specific problems with your technologies, process and projects.

Protecting your wireless network

Security expert James Turnbull explains the principles of wireless security.

Can you recommend some open source tools that will protect my wireless network?

Protecting your wireless network is not so much a matter of open source or commercial tools rather configuration and security settings. There are some scanning/sniffing tools (which I'll cover later) that might help, but principally you need to get your configuration right. The primary security principle to consider on your wireless network is sufficient encryption. Don't use WEP. Upgrade your wireless hardware and clients to use WPA and preferably WPA2. Read this article for a good explanation of why WPA2 is better than WPA. It also has a link to a previous article explaining why WPA is better than WEP.

Other security considerations include:

  • Hiding your SSID

    Your SSID advertises the presence of your network to wireless clients. Hiding it will keep casual snoopers from seeing your network, more sophisticated attackers armed with wireless sniffers will still see your SSID.


  • Using MAC address filtering

    MAC address filtering only allows hosts with specified MAC addresses to join your wireless network. Like hiding your SSID this is mostly useful for deterring less sophisticated attackers. Serious attackers can 'spoof' an acceptable MAC address and then join your network. This control can also be problematic if you have large numbers of hosts as adding, removing and updating large numbers of MAC addresses in your access point can be time-consuming and complicated.


  • Strong security on your wireless access point

    Ensure you secure your access point with a strong password and that you disable any clear-text administration functions, such as via HTTP or Telent. Use only secure administration methods via mechanisms such as SSH and HTTPS.

As for open source wireless security tools there are a number of excellent scanning and sniffing tools that can help you ascertain the state and number of wireless networks in your environment/organisation. These tools can also sometimes assist in testing the strength of your encryption keys. These tools include:

Dig Deeper on Linux servers

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.