Chapter 3. Wireless Security
Hacks 40–51: Introduction
When it comes to wireless networking, there is no such thing as physical security. You might be able to lock down the physical network infrastructure of a business or other facility, but radio waves pass through walls, carrying your network data with them. Don’t delude yourself by thinking that a low-powered access point (AP) won’t reach much further than your parking lot. Remember that although you might not see your network while using a laptop outside your building, someone with a large enough antenna can likely read your network traffic from a mile or more away.
I have personally seen a simple 24 dBi dish detect hundreds of wireless networks from the top of Queen Anne hill in Seattle. These were networks with SSIDs like Linksys and default, which obviously were coming from low-end, consumer-grade access points without any external antennas. I certainly couldn’t have made a reliable network link to them, but I could have passively logged their traffic from miles away quite easily. Short of wrapping your entire building with a metal screen to build an effective Faraday cage, you should expect the signal of your APs to leak out well beyond your immediate vicinity.
This chapter is devoted to workable methods for controlling access to your wireless network. A control mechanism could be something as simple as a WPA key, or as complex as a captive web portal with a RADIUS backend. We will also look at several ways you can protect ...