Many of the current problems with 802.11 protocols stem from design issues. WEP suffers from cryptographic design problems. Access points were designed to act as layer 2 bridges to facilitate roaming, which opened the network up to extensive ARP attacks. The focus on ease of use and quick setup has led to manuals that don’t mention key security issues or safe configurations. As these issues have been brought to light, products have improved. Much work still needs to be done.

The newer 802.11 variants, such as 802.11a and the forthcoming 802.11g, attempt to address the shortcomings of 802.11b, providing improved bandwidth and security fixes. These changes will take time to mature, and will likely initially have some problems as well. However, security experts now are much more interested in the investigation of security problems in 802.11, so problems should be examined much more deeply.

The 802.11 family of protocols will continue to grow rapidly in both industry and the consumer market. It provides convenience for users and is affordable. Anyone who has worked from a wireless laptop understands how much less of a hassle it is compared to dealing with network cables strung all over.

Another strong driving force of the advancement of wireless technology is how hackable, in the good meaning of the word, 802.11 devices are. Many groups have sprung up that are attempting to use this equipment in novel ways. Some notable examples are the creation of mesh networks out of clusters of access points, loading Linux onto off the shelf access points to extend their functionality and the development of software like HostAP, which extends the capabilities of the hardware beyond the manufacturers intentions.

Unfortunately, wireless networks are also very hackable, in the bad meaning of the word. War drivers seek out vulnerable systems for exploitation from the wireless side, while all the usual suspects on the Internet probe the network from the other side. This increased risk and all the security issues discovered in 802.11 during 2001 created a media flurry of negative articles about wireless security. But, it seems, at least from our personal experience, that the benefits far outweigh the risks in most peoples minds. Many people realize there are security dangers and choose to set up a wireless network anyways since the convenience is worth much more to them than the possible compromises they might suffer.

In this book, we have presented a basic, practical approach to building small and medium sized wireless networks. Follow the instructions in this book, read the web sites of vendors and community wireless networks to learn about new threats and protections, and keep your software and drivers up to date.