My blogging colleague George Ou has updated his excellent article on Wireless LAN security myths that won’t die. It's an excellent article that does an good job of "mythbusting" WiFi security myths.
Popular WiFi myths include gems such as:
- Using MAC filtering will prevent unauthorized machines from connecting to your network
- Disabling DHCP and SSID makes it hard/tough/impossible for hackers to connect to your system
Both of these are totally bogus tips but you'll find both being recommended by people who really should know better.
I agree with 99.9% of what George says in the article, but there's one part that I don't agree with. Here's the bit that puts my teeth on edge:
If WPA security isn't available to you, at least run WEP as a 10-minute deterrence mechanism.
NO! If you have technology that keeps you bound to WEP in any way, it's time to (ethically) dispose of that kit and spend some cash. WiFi hardware and software that can't be upgraded to support WPA should be eliminated.
There's hardly any difference between running a WEP-protected WiFi network and an unprotected WiFi network. True, it will prevent an honest person hooking in to your network, but it's not the honest people you need to be worried about…