Wireless Networking and Remote Access

Wireless Networking and Remote Access
Wireless networks were once an expensive, esoteric choice, used only in specialized business applications where their benefits outweighed their tremendous cost and complexity. In recent years, however, the price of wireless networking hardware has plummeted to very affordable levels. Setting up a wireless network no longer takes an advanced engineering degree, either—if you use Windows XP, wireless adapters literally configure themselves, and the task of setting up a cable-free network usually takes only a few minutes.

The benefits of wireless networking are practically irresistible. Using a lightweight notebook computer equipped with an inexpensive wireless LAN adapter, you can browse the Web and access shared files and printers from anywhere within radio range of your wireless access point. At home, you can use your computer on the couch, on the back porch, or while lying in bed. In the office, you can bring your computer to a conference room and still have access to information on your company's intranet or on the Web, and you can e-mail the minutes of the meeting the minute it's over.

Unfortunately, all that convenience comes at the expense of serious security trade-offs. If you can connect to your network from a distance, so can anyone with a computer, a wireless adapter, and a little determination. Although you can implement some simple security measures, the most popular wireless standard includes some gaping security holes that demand your attention.

In this chapter, we explain what you should and shouldn't do with a wireless connection. We also explain how to allow remote access to your Windows network without compromising security. As it turns out, the most secure form of remote access—the virtual private network, or VPN—makes an excellent addition to wireless networks as well!

Security Checklist
--------------------------------------------------------------------------------

If you have a wireless network, follow these steps to safeguard your shared resources.

Configure your wireless access point with a strong password.
Consider disabling remote administration of the access point; if you need to change settings, you can do so directly, using the Ethernet connection or a cable.
Upgrade the firmware of your wireless hardware to the most recent versions, which may incorporate security fixes.
Change the network name (SSID) of your access point to one that doesn't match the hardware defaults and doesn't give away any information about you or your business.
Use MAC access control, if it's available.
Turn on Wired Equivalent Privacy (WEP) and set strong keys.
Change your WEP keys at least monthly and preferably weekly.
Scan your wireless network to determine whether you are vulnerable to attack from widely used hacking tools.
Consider using virtual private networks for wireless connections.