6.7 Wireless LAN Security
WLAN security is a widely discussed topic as using a wireless network without encryption exposes users to many security risks.
In some cases, access points are still sold with encryption deactivated by default. If encryption is not configured by the owner of the network, any wireless device can access the network without prior authorization. This configuration is used in most public hotspots as it allows users to easily find and use the network. As the frames are not encrypted, however, it is easy to eavesdrop on their activities. Without protection on the network layer, it is left to the users to use virtual private network (VPN) tunnels and take other measures to protect themselves.
The use of such an open configuration for private home networks that use the wireless network to access the Internet is even more critical. If encryption is not activated, neighbors can use the Internet connection without the knowledge of the owner of the Internet connection. Furthermore, it is possible to spy on the transmitted frames, for example to collect passwords, in the same way as it is possible in public Wi-Fi networks. As open access points also allow an eavesdropper to gain access to any PC that is connected to the wireless network, it potentially allows him to exploit weaknesses of operating systems which could then enable him to read, modify or destroy information.
6.7.1 Wired Equivalent Privacy (WEP)
To protect WLANs from unauthorized ...