Best tips for improving wireless networks

How to secure Wi-Fi, tune an AP for best performance, and why it won’t give you cancer.

Wireless networking is as easy as taking the router out of the box and turning it on. But consumers still have a lot of fear and misconception surrounding Wi-Fi. They don’t know much about channels, beacons and what A, G, or N means and are often confused over built-in security (WEP versus WAP) and so on. Even fears about cell phone radiation get transferred to Wi-Fi. Here’s a rundown of Wi-Fi facts and fiction, from some basics to tips for the IT professionals.

802.11x and all the other letters in the alphabet

Several 802.11 (wireless Ethernet) standards are used with wireless networks. 802.11b is for 11mbits of data on one of 11 “channels” in the 2.4GHz range. 802.11a was defined for 54mbit access in the 5GHz range (it uses a wide range of “subcarriers” between 5.0 and 5.8GHz). “802.11g” was a cross-compatible update to “b”. “802.11n” is compatible with A/B/G, depending on if its dual-band (both 2.4 and 5GHz) or not. Most routers out there are still “G” routers, but aside from cost differences, there’s no reason not to be using N-capable parts that make good use of MIMO technology for using multiple antennae.

History lesson: Wireless networking got its big boost with ALOHAnet: it was meant to enable sharing of a computer in Oahu with other Hawai’ian facilities. Interestingly enough, Ethernet networking adopted its method of collision detection: the nodes operated in a hub fashion, sharing the media (air) by seeing if they conflicted with each other (packet collision) or not.Channels802.11j, which is “A” that uses 4.9-5.0GHz. There was also an “iPad ban” in Israel in early 2010 for its radio usage. Generally, any 2.4GHz network has “channels” 1-11 available: 1, 6, and 11 non-overlapping with each other. One of these will tend to be the “default” for routers and access points. With the advent of MIMO-enabled hardware one is not constricted to those three channels for good performance: you can easily set your router to 3, 9, or something else that’s not immediately in use (you can use a phone app such as WiFi Analyzer to see what’s currently in use).

Not all countries support the same range of “unlicensed spectrum.” Japan has

One thing to take into consideration is that some vendors implement booster techniques: Broadcom-based units can combine 2 2.4 GHz “G” channels; TRENDNet has a 450mbit N-router that apparently utilizes 3 channels on 2.4 GHz “N”; and assorted units can multitask 2.4 and 5 GHz, possibly using the aforementioned enhancements as a compliment.picking a subchannel legal in your country.Security“Firesheep” hacking, recently reported in the news, exploits this kind of environment. Your best defense is SSL-based page encryption: secure logins on eCommerce websites, and tools like HTTPS Everywhere, utilize this.WEP is available on older equipment and most operating systems, however, its depreciated due to its vulnerability to cracking. The next step up is WPA and WPA2: WPA2 has been available on Windows since an update in 2005; support for either spec is available on Linux via wpa_supplicant. One nice change from WEP to WAP, is that you can use passphrases; WEP required use of 13 or 26 digit sequences that had to be typed twice in the client. Enterprises can also invest in lots of extra security from RADIUS-enabled setups, to full-fledged network access control. This means that even if someone found out the passphrase and still be denied access to the network.“attack” on wireless users with content not fit to publish here.Wi-Fi’s affect on health

As for 5 GHz networks, being rare compared to their 2.4 GHz cousins, and having a broad range of channels to operate on, the only main concern is

Obviously, most free Wi-Fi services don’t enable wireless security protocols, or they would require a password to use.

On a wireless router you control, you have several options to lockdown outside use of your network.

Regardless, wireless is never 100% safe: ask the hackers at DEFCon. In 2004, there was an

Fears over high-voltage power lines and cell phone usage has carried over into wireless networking. A school in Canada banned its use after parents claimed the wireless emissions were making the students ill. Personally, I would check for mold or industrial chemicals instead. Having spent most of my schooling in Florida, many a classmate can attest to my frequent nose-blowing in the presence of mold-covered air vents.

Emissions from consumer equipment are generally limited to 1 watt of output. Your microwave oven (which probably uses 2.45 GHz emissions), puts out a (largely self-contained) 600-1500 watts, depending on make and model. So your microwave is more dangerous and they are non-ionizing — meaning your fear of them should not be about getting cancer, but about getting cooked. (The military uses this feature via deployment of a ray gun called Active Denial System used for crowd-control.)Miscellaneous geeky stuff about Wi-Fi for IT professionalsOpenWRT, DD-WRT, or Tomato firmware for expanded functionality.Beacon: defaults to 100 on most routers; this can be dropped to 25 to make the wireless easier to access. More beacons reduce available bandwidth to some extent.

1. Not many wireless boxes are sold without routing functions: most wireless routers can be used as an access point; disable its DHCP and firewall functions per its documentation.

2. A good number of wireless units can be reprogrammed with

3.

4. How many clients per access point? Most consumer units can handle 5-10: I’ve managed to get a 50-room hotel working with five consumer-grade units; its still a bit spotty with that, so get “enterprise” grade when you can for those applications (look for multiple radios too).

5. More than one access point in an area? My experience has been to make the units the same channel, so that the radio can wander between available access points without having to “reconnect” to the local network.

Like this? Also check out:

Best Networking Tweaks for Windows Server, Vista and XP

Best Networking Tweaks for Linux

Follow all Open Source Subnet bloggers on Twitter @OSSubnet