With interoperable products and a variety of form factors, wireless LANs are coming into the mainstream.

Is wireless as insecure as everyone says, and what can you do about it? And can it compete with wired Ethernet in cost or performance?

There are various new standards on the horizon that will take wireless networking off into the high-speed future.

As outlined in the original 802.11b specification, chip sets would use a modulation scheme known as Complementary Code Keying (CCK) to transmit data signals at 11 megabits-per-second (Mbps) using a slice of the spectrum around 2.4GHz.

When this specification was approved in 1999, the IEEE concurrently approved the specs for 802.11a. These chip sets are designed to use the OFDM (orthogonal frequency-division multiplexing) schema to transmit data at 54Mbps through a separate portion of spectrum around 5.8GHz.

Though offering terrific speed, 802.11a has its flaws. Since 802.11a transmits on the 5GHz band, it's not backwards compatible with the 2.4-GHz 802.11b, and it shares the same flawed WEP encryption algorithm used by 802.11b, so users will likely want to supply additional security of their own.

Finally, use of the 5GHz band means 802.11a's range, about 100 metres, is likely to degrade faster than 802.11b's when used in an office type environment.

On the other hand, 802.11a networks will not have the potential for interference from other 2.4GHz products such as microwaves, Bluetooth devices, and cordless phones.

Since then there has been some development in the area of higher speed transmission in the 2.4GHz spectrum. The mission of 802.11g was to boost the data transmission to the so-called "turbo" rates of 54Mbps while still maintaining interoperability with earlier specs.

This is a great boon for world markets, as 802.11a is currently only licensed for usage in North America as opposed to 802.11b which is accepted throughout Australia, Europe, and Asia as well.

Bridging

Several vendors, such as Waverider, offer specialised equipment to connect geographically separated networks. For instance, wireless links can connect networks in two separate buildings at speeds comparable to a fibre-optic link, and often at a substantially reduced cost--particularly where digging under a road would be involved.

However, 802.11 technology is perfectly capable of performing this task-as long as the software on the access point can handle it. Using specially built directional antennas, the range of 802.11 devices can be extended greatly--even over tens of kilometres in some cases. Groups all over the world are using this technique to build wide-area wireless networks.

Why use wireless?

There are many reasons to run a wireless component to your network:

• To set up a small short-term office that will only be in one place for a few days/weeks/ months.

• To set up a network in a Trust building where you can't punch holes in the wall to run cables.

• In the healthcare sector where doctors and nurses are moving from patient to patient and often need instant access to patient records.

• In a manufacturing or warehousing environment where there are large areas and a need for immediate stock assessment.

• Hot-desking for teams of transient staff.

• To share resources among a few scattered computers in the house without having to climb up in the roof or crawl under the floor.

• To set up a portable classroom of laptops in an academic institution, especially universities.

• In hotels, airport lounges, Internet cafes, or anywhere else you want to provide public access to a network.

Security

If no one had a wireless card, outsiders couldn't very well scan your setup. Now, however, that's changed. Wireless equipment is cheap and readily available so that almost anyone with a PC can afford a wireless network card, making security more vital.

Wireless networks are less secure than wired networks, because they transfer data through the air and are more vulnerable to eavesdropping and unauthorised use. Any laptop with some network sniffing software could be used to monitor network and steal data or bandwidth without the need for a physical network connection.

There are two main problems associated with unauthorised network access. The most common problem is that a would-be cracker is generally inside your firewall, and therefore behind your first, and probably strongest line of defense.

The second problem is that of "bandwidth jacking" where someone could set up a permanent machine (on the roof, in the building next door etc), which makes unauthorised use of your bandwidth, causing either legal problems, or excessive download costs, or both.

Standards, standards, standards

In an attempt to stop attacks from would-be crackers, the 802.11b standards implement what is called the wired equivalency protocol (WEP). The idea is that this protocol will protect network privacy. As a secondary function, WEP is used to prevent unauthorised access to the wireless network.

Unfortunately, many wireless networks are just set up as a quick "test" of the technology, and are often then left in use without even the most basic security features turned on.

There has been much research into the effectiveness of the protocol, and it has found that it is subject to several attacks, including passive attacks to decrypt traffic based on statistical analysis, active attacks to inject new traffic from unauthorised mobile stations, based on known plaintext passwords, and active attacks to decrypt traffic, based on tricking the access point.

The WEP protocol relies on a secret key that is shared by the access point and a set of nodes. This key is used to encrypt data packets before they are transmitted.

The packets are also checked for integrity to ensure that they have not been modified in transit. One flaw of the 802.11 standard is that it does not address the issue of how shared keys are to be established. In most implementations of wireless networks this is a single key that is shared between each node and access point and is manually set.

The problems with this encryption method lie in the heart of the encryption algorithm. WEP uses the RC4 algorithms, which lend themselves to several types of attacks.

One such attack is the changing of a bit by an attacker in an intercepted packet. In doing so, the data that will be decrypted will be corrupted.

Another can lead to the ability to recover all plaintexts sent. In this attack, the eavesdropper need only to intercept two packets encrypted with the same key stream. With this, it is possible to use statistical attacks to obtain the plaintext key.

In recent times, there have been a variety of methods proposed to upgrade the security of wireless networks, including the passing of 128bit encrypted short use keys in both directions. Another option is to have access to the Wireless network controlled by a VPN.

Look out for Range: Be aware that performance degrades as you get further from the access point. If range is an issue, you may need to invest in a range extender antenna. Security/Encryption: Wireless is notoriously insecure. Built-in encryption and authentication algorithms are only part of the equation, but are essential where security is a concern. Futureproofing: Some base stations have the wireless hardware built in, while others opt for a modular approach, allowing you to slot in one or more PC Card wireless NICs. The advantage of the second approach is that you have the option to upgrade the NICs as technologies change. A base station that has space for two or more NICs would allow you to mix and match technologies. Power drain: Does the unit put excessive strain on the battery of the unit that is powering it (especially for PDA's and Laptops)? Compatibility: WiFi is a standard meaning that 802.11b products from different vendors should interoperate. While 802.11a is not compatible with 802.11b, these standards could co-exist within in network. Base stations with two two or more removable network cards could serve both standards, while networking vendors have mooted the posibility of dual-mode NICs.

The January 2002 issue of ZDNet Australia's Technology & Business Magazine contains reviews of wireless LAN products, including Editor's Choice Awards for the best products. For subscription information, visit  Technology & Business.

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.