Wireless LAN (WiFI)

Wireless should be your last choice . . . not your first choice.

illustration: Mhare

A Second Opinion:

Wireless vs Wired

Wireless networks in homes and offices offer two advantages:

Freedom of movement;
No cables to install.

But, there are serious disadvantages:

Each wireless link is slower than a wired link.
Each wireless user slows down the other wireless users.
A wireless access point may expose all wireless PCs and wired PCs to attack.

Wi-Fi Hotspot Security

What Is Wardriving And How Can I Prevent It?

WiFi Internet For Buildings and Cities

Theoretical Speeds:

802.11b - 11Mbps at 2.0 GHz

802.11a - 54Mbps at 5.0 GHz

802.11g - 54Mbps at 2.4 GHz

As a rule of thumb, count on Wi-Fi links having real world throughputs of about a tenth of those of wired links.

Distance will vary from tens of feet to hundreds of feet.

Official IEEE 802.11 wireless local area network site

What about 802.11n?

As of mid-2008, 802.11n is not yet an official specification, though some manufacturers have delivered products with "Draft N" capability.

These "Draft N" products rarely work with "Draft N" products from other manufacturers in 802.11n mode.

Flash!As of 11 September 2009, the IEEE has ratified 802.11n. Let the new N products flow!

Wikipedia's 802.11n page

802.11n hard truths

802.11n router road tests

Planning a new network

Plan on cabling as much of a new network as possible. In many cases, cables will suffice for all connections. This offers much better security and speed than wireless connections.

Important Security Tip: If you're not using a router's wireless access capability, turn off its wireless access point.

Wi-Fi exposes all PCs to attack.

Networks that connect to the Internet reside behind at least one firewall that prevents malicious users from entering your network. However, if you have an unsecured wireless access point, you've opened a backdoor to all of your computers.

Remember that your Wi-Fi access point resides behind your firewall. Anyone can connect wirelessly to your network and attack your computers -- wireless and wired -- and try to download, damage, or delete your files.

Your Wi-Fi link won't be 54 Mbps.

Some Wi-Fi components are advertised to work at up to 54 Mbps (megabits per second). This is an inflated number that excludes real world overhead. The maximum theoretical throughput for 802.11b (11 Mbps data rate) is only about 4.5 Mbps and for 54 Mbps 802.11a/g service it's about 24 Mbps.

In the real world, Wi-Fi throughputs are much less. Reasons for further throughput reduction:

Multi-path signal distortion
'Foreign' signal interference
Path loss
Packet collisions
Electrical noise

Packet collisions occur on multi-station wireless networks because all wireless stations on an access point share a single Ethernet segment. (On a modern switched and cabled network, packet collisions are dramatically reduced.)

Luckily, Wi-Fi specs include error correction methods, but the process of correcting errors reduces throughput. Users don't see packet collision and dropped packet reports; they perceive them as a slowing of their network.

Setting up a secure Wi-Fi wireless link

We must walk before we can run. I recommend that first, you create a wired link between your router and the PC in question. Make sure that you have communication in both directions. (You may need to temporarily place the PC near the router to connect a Category 5 100baseT LAN cable between the router and the PC.) Then, create an unsecured wireless link. Finally, secure the wireless link.

Modern routers usually include a built-in web server which allows you to manage the router from a web browser such as Internet Explorer. Usually you access this by first connecting an ethernet cable from your computer to the router and then, from within your web browser, logging unto the router's default IP address. If you don't have the documentation for your router, try http://192.168.0.1, http://192.168.0.254, http://192.168.1.1, or http://192.168.1.254.

Your router may challenge you to enter a username and password. Find the defaults for these in your router's documentation. If you don't have documentation, note that many routers are shipped with username admin and no password, so try that first. Otherwise, find your router's default username/password here or here.

From within your router's configuration screens, you should enable wireless security. WEP (Wired Equivalent Privacy), while based on a good algorithm, is weak. With the right software, a hacker can break it within a few minutes. Don't use WEP if WPA is available.

illustration: lars strand

AP = Access Point WN = Wireless Node = User's PC

I recommend WPA (Wi-Fi Protected Access) or WPA2. When used with a strong passphrase it's very difficult to break. (From Microsoft: Strong passwords: How to create and use them)

You'll need to configure your wireless computers so that they and your router's wireless access point agree on the encryption scheme and password.

While configuring your router, create a "whitelist" of computers that are allowed to use your wireless link. Each computer will be defined in this whitelist by its MAC (Media Access Control) address. You can configure your wireless access point to exclude all other computers. (Note: This step alone won't suffice. It's possible for a hacker to sniff your wireless link and spoof a whitelisted computer's MAC address. Think of it as a "soft" barrier that can be easily cracked.)

Some routers allow "WAN administration". Make sure that if yours does, that it is disabled. Otherwise, a hacker anywhere on the Internet can bang away at the router's password prompt until he hits the right one.

Finish by creating a password to protect the router's admin account.

Extending The Range Of Wireless Networks

Excellent article on how to use your notebook computer on WiFi.

Computer Technical Support

by Russ Bellew · phone 954 873-4695