Wireless Security

ITS Home
Help Desk
Academic IT
Computer Labs
Media Center
Smart Classrooms
- Dods 101
- Dods 102
- Fenton 105
- Fenton 108
- Fenton 153
- Fenton 154
- Fenton 158
- Fenton 159
- Fenton 164
- Fenton 166
- Fenton 168
- Fenton 170
- Fenton 174
- Fenton 175
- Fenton 176
- Fenton 179
- Fenton 180
- Jewett 101
- Jewett 120
- Jewett 212
- Jewett 220
- McEwen G24
- McEwen G26
- McEwen 202
- McEwen 209
- Rockefeller 235
- Rockefeller 236
- Thompson E120
- Thompson E122
- Thompson E124
- Thompson E128
- Thompson W101
- Thompson W231
- Thompson E305
- Thompson E327
- Thompson E347
- Thompson E359
ITS Administration
IT Advisory Board
- Meeting Summaries
- Lab Renovations
e-Services
- ANGEL
- FredQuest
- FREDapps
- FREDmail
- Your Connection

FREDsecure now available

Cyber Security for SUNY Fredonia, You and Your Family

Information Technology Services
7th Floor Maytum Hall
SUNY Fredonia
Fredonia, NY 14063
(716) 673-4670
Contact ITS

The use of wireless networking provides a more versatile way to access the Internet and to use a laptop computer, broadening the scope of mobile computing. With the added benefits of a wireless network at SUNY Fredonia, comes additional user responsibility. A wireless user must be aware of the inherent security issues that exist in a wireless environment. Caution must be exercised to ensure a safe, secure and reliable computing environment. This document contains a brief overview of wireless networking and proper computing habits in an unencrypted communication environment.

It is important to understand the unique nature of a wireless network. The differences in the infrastructure of a wireless network versus a wired network create areas of concern, which should be known by all prospective users. The SUNY Fredonia wireless network relies on the 802.11b networking protocol, which uses the 2.4GHz radio frequency range. In other words, communication of data between the client side and the wireless access point, or receiver, is broadcast over radio waves. This means that data is being transmitted in public airspace where the communication could possibly be intercepted by eavesdroppers.

802.11b supports many encrypted standards, such as WEP and LEAP, which provide a certain level of encryption for wireless networking communications. But SUNY Fredonia has decided not to employ these types of encryption due to known security weaknesses, which make the implementation of a WEP or LEAP encrypted network environment less beneficial in the long run, and due to a more effective alternative of Virtual Private Networking (VPN). VPN solutions are available for users with Windows XP, Windows 2000, and MAC OS 10.2. This means that if you choose not to install the VPN client or run a computer that does not have a VPN client available Data sent and received over a wireless connection will generally be in clear text, and unencrypted.

Also, as with any networked computer, a computer on the wireless network will be open to possible unauthorized access from other parties on the network. Proper patching of operating systems and current Virus protection are required when using the SUNY Fredonia wireless network.

Proper Computing Habits:

Wireless connections should not be considered your main network connection. They are intended for simple academic and personal uses such as web browsing and email.
Unless you are using an encrypted protocol, do not use a wireless connection for any University business application, such as Banner web services.
We strongly recommend changing your email password. Due to security issues with the wireless network, you should do this from a non-wireless computer, unless you are using a VPN connection.

While using Fredonia's wireless network, we recommend using the IPSec VPN for a more secure connection. However, this tool is only available to Windows XP, Windows 2000, and Mac OS 10.2 users. Users without these systems can still use the wireless network, however, we recommend that they take the following steps to ensure their security:

Avoid any credit card, banking, or other transactions which may give out sensitive data such as credit card or bank account numbers.
Avoid using Telnet applications. The use of the SSH protocol as an alternative can be more secure.
Avoid Web sites that require a username and password but do not use Secure Socket Layer (SSL) technology.

How to tell if a site is secured:

If you are viewing a secure site, your web browser provides a way of telling you the site is secure. The easiest way to do it is to just look at your browser window. Both Netscape and Internet Explorer provide icons for secure sites.

	Internet Explorer Small yellow lock icon in bottom right of browser window.
	Netscape Small gray and yellow lock icon in bottom right of browser window.

For most sites, only user logins need to be secured, to protect usernames and passwords, but for more sensitive sites such as credit card, banking, and online payment sites, the entire site should be secured.