If you have a low-end access point, your security will be limited to
Wired Equivalent Privacy (WEP) and MAC address filters. With a higher end access point, you'll be able to turn on
Temporal Key Integrity Protocol (TKIP). WEP is a system for encrypting your data to keep it private from unauthorized users. It was designed to provide privacy equal to what you get on a wired network. TKIP works on top of WEP, offering stronger security than WEP, and increased assurance that your data will not be compromised.
While it has been found that WEP does not offer strong security, it does offer some security, and any security is better than none. Therefore,
you should turn WEP on no matter what. You can also layer more security, such as TKIP, on top of it. WEP uses secret keys that get combined with a keystream that then encrypts your data into ciphertext. At the receiving end, a corresponding keystream is used to decrypt the data.
WEP is used to authenticate you to the network and a component of it needs to setup on both the PCMCIA card and on the access point. WEP can be implemented in 40-bit mode or 128-bit mode. As you may suspect, using the 128-bit mode offers more security than the 40-bit mode.
TKIP evolved to solve some of the security problems that WEP does not solve. However, TKIP is relatively new, and many access points and wireless client cards do not support it. If you want to use TKIP, you'll need to be sure you purchase wireless access points and client cards that support it. With WEP, wireless hackers who have the will and time to do so, can obtain the encryption key need to unlock access to the data. In response to the vulnerabilities of WEP, a task group of the IEEE designed TKIP to add stronger security on top of WEP.
TKIP offers new encryption algorithms, and constantly changes the encryption keys making them harder for wireless hackers to capture them. Because the keys are constantly changing, if one of them gets captured, it won't do a hacker much good because by the time they try to use it, the wireless LAN will be using different encryption keys. With TKIP, the encryption keys are also encrypted themselves so you would first need to decrypt the key, before you can use the key to decrypt the network traffic.
MAC address filtering is used to limit what pieces of hardware can access the wireless network. On a large network, filtering the MAC address can be quite an administrative chore and it's worth using cards with sequential MAC addresses to make the job easier. If you want to use sequential MAC addresses, this is something you will need to specify when you make your purchasing decisions. On some wireless PCMCIA cards you can change the MAC address, but on many wireless PCMCIA cards the MAC address is fixed.
For even more security, you can also install a
Virtual Private Network (VPN) on your wireless network. Unless you have truly sensitive information, it's probably not worth the time and effort to do this. By using a VPN, you tunnel your wireless data through an IPSec gateway. Using WEP, TKIP, and a VPN together will create a very strong security barrier on your wireless network.
Using a VPN can create performance bottlenecks, so don't use one if you don't need one.
Summing It Up Setting up a secure wireless network is not as hard as it may seem. Anyone with the ability to research wireless product capabilities, and follow the installation instructions can do it. The advantages of not using wires is tremendous, and while some organizations may be reluctant to use wireless networks today, in time they will become ubiquitous and wires will become history.
Nicked from here
More info from MS
Oh, and please do tell your neighbour to 'secure' his network.
