Learn how to keep intruders out of your wireless network and protect your sensitive communications!
It's ten o'clock—do you know who's using your wireless network? If you haven't changed the default network name or admin password someone could be eavesdropping on your email, plucking your passwords out of the air, or sending spam through your Internet connection right now! When you're using a wireless network—whether a Macintosh with AirPort gear, Windows with any Wi-Fi equipment, or a Wi-Fi handheld like the iPhone—you're exposed to risk unless you take steps.
More Info
Contents & Intro
FAQ
Wireless networking experts Glenn Fleishman and Adam Engst have spent years researching and covering wireless security issues on Glenn's Wi-Fi Networking News blog and in two editions of The Wireless Networking Starter Kit. Now they've distilled that experience into this essential guide for anyone using wireless networks, whether at home, at work, or on the road. You'll learn how to evaluate your real security risks; the best way to restrict access to your network using WPA; how to secure your data in transit with PGP, SSL, SSH, and VPNs; and how to protect your computers from viruses and attacks. The book provides extra advice on how to secure small office wireless network, including details on choosing VPN hardware and software and on setting up 802.1X for secure Wi-Fi logins. The final section of the book helps you determine how successful your security efforts have been by showing you how to perform a detailed security audit on your wireless network using the same freely available tools that crackers might use against you.
"The authors, two guys with enormous geek credibility, take the confusing tangle of Wi-Fi security issues and break it down for you in plain language. The book is a marvel of excellent technical writing for a general audience."
—Barry Campbell on Blogcritics.org
Read this book to learn the answers to questions like:
Should I worry about someone eavesdropping on my home wireless network?
How can I find out if someone is snooping on my wireless network right now?
Do I need a VPN to protect my sensitive work communications?
How can I protect sensitive communiations on my iPhone?
What is sidejacking, and what should I do about it?
Can I control access to my wireless network by user name and password?
What software can I use for secure email and file transfer?
How does public-key encryption work?
Our office has only 15 people—can we afford the best Wi-Fi security?
Is it really possible to break a WEP key in less than a minute?
Book Info
114 pages
Version 1.5
Check for Updates Web page updated for Leopard, now up through 10.5.2: Feb-08
Glenn Fleishman is editor of the daily Web log Wi-Fi Networking News, a contributing editor for TidBITS, the Practical Mac columnist for The Seattle Times, and a regular contributor to The Economist,
Macworld, Popular Science, and The New York Times.
Adam C. Engst is the publisher of TidBITS and of the Take Control ebook series. He has written numerous technical books, including the best-selling Internet Starter Kit series, and many magazine articles - thanks to Contributing Editor positions at MacUser, MacWEEK, and now Macworld. He has been turned into an action figure.
Welcome to Take Control of Your Wi-Fi Security, version 1.5.
This book is devoted to helping you most effectively secure your home and office wireless network under Mac OS X, Windows XP, and Windows Vista using common networking hardware. This book was written by Glenn Fleishman and Adam C. Engst, edited by Tonya Engst, and published by TidBITS Publishing Inc.
Introduction
Just because you're paranoid doesn't mean they're not out to get you. —Internet security saying
Networking wasn't supposed to be like this. When computer networks were invented, no one anticipated hundreds of millions of naive users. Nor did they expect crackers, viruses, worms, spam, or spyware. But that's where we've ended up. Most people are clueless about security, and few people devote any time to making their systems secure.
The biggest security risk comes from the fact that computers are all networked these days: to each other and to the Internet. Want a totally secure computer? Make sure it isn't connected to the Internet, or to any other computer, and put it in a locked room with an armed guard checking identification on those who enter. Not very useful, eh?
Wireless networking, because it makes connecting computers so simple, makes proper security even more critical. Before wireless networking, you could rely on a locked door to restrict access to your Ethernet jacks, and thus to your network. But now, transmissions over wireless networks—because they go through locked doors, along with walls, ceilings, floors, and other obstructions—are easily intercepted by consumer-level equipment just like the gear you use to connect your computers and access point. So anyone within range of your wireless network can connect to it, and, unless you've taken appropriate precautions, wreak all sorts of havoc. And, unfortunately, understanding the reality of wireless security is nowhere near as simple as setting up a wireless network to start.
Even more problematic from a security standpoint is the rise in handheld devices that have Wi-Fi built in, but weren't designed to "worry" about the risk of free-flowing data. The iPhone is a notable example: it's the best of all the handheld, Wi-Fi-enabled smartphones, but access to its security options is among the worst. Wi-Fi-equipped cameras that don't use secure protocols for transferring files and
Wi-Fi phones that send conversations in the clear also expose you, although in more limited ways.
Our goal in Take Control of Your Wi-Fi Security is to bring clarity to the topic; to help you determine how worried you should be about different security problems; and to give you the knowledge you need to lock down your network, protect your data in transit, and secure your systems against attack.
Before we get started, we want to mention a few important caveats:
We're writing this book for individual users with wireless networks at home and for people who run small to medium-sized office networks (from 2 to 50 people), not for veteran network administrators who manage large institutional networks.
Security, whether you're talking about protecting your car, your home, or your wireless network, is hard, mostly because it's a battle with another human being. Locking your door with a simple knob lock stops amateur thieves, but keeping more experienced thieves out requires a strong deadbolt. And if you live where burglary is likely, or if you have especially valuable property, you have to think about whether multiple locks, alarm systems, or bars on the windows are also necessary. Unfortunately, the kind of people who break into networks are usually much smarter than garden-variety thieves, and as a result, the security measures you must take are commensurately more complicated. So, our apologies up front, but some sections of this book are inherently quite technical.
Because every network uses different hardware, software, and configurations, we can't give exact, foolproof, step-by-step instructions for every task we explain. That said, by the time you finish reading this book, you should have the background necessary to configure the networking hardware and software you do have (or are willing to purchase) to the level of security you want to achieve.
We've been using and writing about various forms of networking for more than 40 years combined, and we've both set up and maintained numerous wired and wireless networks over that time. And over those years of networking computers together, we've experienced the seedier side of the industry: attacks on our networks via the Internet, password thefts, wireless snoopers, and more. We've shared our experience in many articles and public presentations, and now we look forward to sharing it with you.
Quick Start
You can read this title in the order shown here, or you can click a link to jump to a topic immediately. That said, if you're new to the topic of security, we encourage you to read Determine Your Security Risk first to get a sense of how concerned you should be about security.
Determine how worried you should be about security:
Learn about the three Ls of security: likelihood of attack, liability in the event of loss, and lost opportunity. See Determine Your Security Risk.
Figure out where you stand on the continuum of people who should be concerned about security. See What You Should Do.
Lock down your wireless network:
Discover which widely used security mechanisms won't prevent determined attackers. See Ignore These Sops to Security and Avoid WEP encryption.
Turn on wireless security that is guaranteed to keep intruders out. See Use Wi-Fi Protected Access (WPA or WPA2), and be sure to read Appendix A: Password Advice.
Test your network's security with Perform a Security Audit.
Protect your data in transit:
Keep miscreants from discovering your passwords and reading your communications. See Encrypt Email Passwords and Encrypt Specific Files and Messages.
Armor your Internet sessions inside protected tunnels to keep snoopers from listening to your traffic. See Encrypt Chunks of Data with SSL/TLS, Encrypt Data Streams with SSH, and Encrypt All Data with a VPN.
Secure your computers:
Protect Your Systems from viruses, spyware, and crackers.
Set up secure wireless networking for small offices:
Make sure your organization's users use good passwords; see Appendix A: Password Advice.
Lock down your office network and protect your organization's traveling users with the advice in Secure Small Office Wi-Fi.
I have a wireless router connected to cable modem, but my router isn't from Apple. Will this book help me set up WPA security on my wireless network?
The book does explain how to set up WPA security, but we don't provide specific instructions for each router. The details we offer should be enough to make your router work, and we do include step-by-step setup for Mac OS X, Windows XP, and Windows Vista for configuring WPA connections to a router that uses WPA encryption.
Does this book cover Mac OS X 10.5 Leopard?
Leopard coverage isn't in the book (it shipped about a month before Leopard's release), but we feel that a great deal of the material in the book is useful and correct for people running Leopard. Once you have the ebook, you can click the Check for Updates button (on page 1) to access some update information relating to Leopard.
Leopard 10.5.2 has no additional features or changes that relate to Wi-Fi Security.
Ask a Question
Feel free to ask us if you have a question about this book!
