Secure with WPA2

As of this writing, wireless networks based on WPA2 are regarded as mostly secure. Dictionary attacks on the pre-shared key are the most promising vector – assuming the attacker has enough time and computer power. Theoretically, the broadcast and multicast keys represent another vulnerability. All network nodes need to know them, and an attacker who discovers one of the keys can at least sniff the key exchange between the access point and the workstation.

Thanks to the WPA2 standard's security design, modern wireless networks now have fairly effective security. The biggest factor of uncertainty is with the user. Today, wherever an inquisitive intruder gains access to a modern WLAN infrastructure and applies enough criminal energy to access the network and cause damage, a careless access point configuration is usually the root cause. So take some time to consider your WLAN router's individual settings carefully (Figure 2).

Figure 2: The Kismet WiFi scanner can check your own wireless network for vulnerabilities – and discover information about the protocols used on your network.

If you want to reduce the residual risk even further, you can add software-based protection for the WLAN. If you use a tunnel, such as a VPN with IPSec, you can raise the barrier even for experienced hackers. As is often the case, the free Linux operating system, with its many built-in security components, is a perfect choice for eliminating residual risk.