Wireless networking made easy

WEP/WPA/WPA2 Security
There's an easy way to secure a wired network -- just stop anyone you don't like from plugging a cable into your router. But what do you do when your router is wireless, and the connection point is essentially anywhere that's within range? That's the challenge with wireless networking, and while older wireless security protocols offered about as much protection as a rice paper umbrella, the situation has improved markedly.

The original wireless security offering, called WEP (Wireless Equivalency Protocol), was intended, as the name suggests, to be the equivalent of wired security, but was quickly proven to have a large number of points of attack. If you've got existing wireless equipment you may be stuck with WEP, although it's worth checking if there's an update to your equipment to allow the next generation of wireless security -- WPA and WPA2 (Wi-Fi Protected Access). Any equipment manufactured after November 2003 that bears the Wi-Fi compatible logo must implement WPA security.

Implementing either WEP or WPA security involves the the creation of a passphrase or passkey (your router's documentation may refer to it as either, and confusingly sometimes use both terms interchangeably). WEP uses hexadecimal characters (0-9, A-E), and most routers will either let you work out a character set yourself, or generate one based on a passphrase of your choosing. WPA-PSK (the most common home/small office use of WPA) utilises just a passphrase, although the underlying technology actually makes it harder to crack externally.

For most home/small office applications, WPA/WPA2 should be plenty of security -- it'll solidly stop people either deliberately or inadvertently pinching your broadband connection, and should keep your data relatively safe. If you're more worried, however, you can implement further security measures, such as locking down access only to the MAC addresses of your known wireless adaptors. If you're likely to want to let others use your wireless network from time to time, you'll need to add their MAC addresses as and when the need arises.

With security firmly in place, you can now configure each of your client PCs to connect to the router. Windows has a wireless configuration service -- it's the utility that'll pop up the information balloon to let you know when nearby wireless networks are in range -- but many wireless adaptors come with their own connection utilities which often (quite safely) disable the inbuilt Windows connection service. If you've left your SSID broadcasting, you should be able to "see" the router as soon as your wireless card comes online, at which point it's just a case of choosing to connect to the router and entering the passphrase you created. If your SSID is hidden, you'll need to manually add a connection utilising the hidden SSID in order to gain access to the network.