Problem solve Get help with specific problems with your technologies, process and projects.

Securing free wireless for customers

Our wireless networking expert has some suggestions for a channel pro installing free wireless for a customer's clients. Get encryption advice.

My customer offers free wireless Internet to their customers. One end-user asked me if it were a secured connection. They have no WEP (which is insecure anyway) or WAP1/2 or anything else.

Question 1: If one user is surfing the Internet through the wireless, could another user sniff their traffic if my customer is using WPA? If both computers are using the same WPA Key, couldn't they decrypt the sniffed data? Or does WPA create a random key off the pre-shared key? I do not know enough about this.

Question 2: Is there any way to automatically encrypt data, say after accepting a certificate (or something)? They currently use a Bluesocket Gateway, which handles user authentication, but I do not think it handles encryption.

Question 3: The customer thinks that if they attempt to implement ANY type of encryption/security, they are setting themselves up for a lawsuit. Do you think this is the case? They think if we have an open use-at-your-own-risk network, this is better than a partially secured network.

Let me skip to Question 3 first, because it's by far the most important, and let me offer my usual advice on this subject, which is: never leave a wireless-LAN system unsecured! Ever! I suspect that if someone uploads or downloads questionable material through an open Wi-Fi system, then the feds just might come knocking at some point. I'm not a lawyer, and I don't want to offer legal advice, but, please secure your network. It's just good practice.

That being said, don't use WEP, because it's fairly easy to break. WPA is not at all easy to break, because (among other features) it changes keys regularly and defeats attacks that easily compromise WEP. If you want even more security, then use WPA2, which is based on an entirely different (and much more secure) encryption technique called AES. Regardless, one user using WPA cannot easily decrypt the data of another using the same key, because the actual keys used will be different from one another at any given moment in time, and neither user can easily determine the key regardless – these are generated by the WLAN system.

I'm not sure which Bluesocket product your customer is using, but these in general provide strong authentication and encryption. So my guess is that your customer is all set, assuming the Bluesocket gateway is properly configured. Regardless, solutions like Bluesocket's are far more secure than WPA or WPA2 alone.

Dig Deeper on Wireless networks technology and services

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.