72 Y.B. Choi, J. Muller, C.V. Kopek and J.M. Makarsky Currently, there are several security standards that are being used in wireless networks to help combat this security problem. These standards include: 802.11b, 802.1li, Wi-Fi Protected Access(WPA)and Virtual Private Network(VPN). Each of these standard has different levels and methods of protection, and this section describes the features of each 4.1802.llb Security threats and attacks have compromised WLANs for the past several years However, new emerging technologies allow WLANs to be secure and protected from most attacks. One recent step toward reducing WLAN attacks and threats is the security added to the 802. 1lb standard. The 802 1 lb uses the Wired Equivalent Privacy (WEP) protocol. WEP was designed to ensure both encryption and ease of use among wireless users.WEP encrypts the network packet with an encryption key. The encrypted packet is then sent to its destination and the destination must decrypt the packet to retrieve its contents. In theory, this sounds like a perfect way to encrypt packets and keep hackers from seeing the data, because no person or device knows the encryption key except the source and the destination. However, there is one inherent flaw in WEP that compromises its real security to any true hacker. With each packet, the WEp protocol sends a portion of the key in plain text, which hackers can use with a software to steal the encryption key and see the contents of the packets. The best and only way to ensure protection using the WEP protocol is to frequently change the key so that hackers cannot collect data on packets long enough to crack the key. Since WEP has widely known weaknesses, most major companies and firms have not implemented or have even abandoned the 802.11b wireless LAN. Another major problem with the 802.11b standard is that the WEF protection can be turned off. Most firms and companies know about WEP and they make sure they have it turned on. However, many home users are not educated enough to realise its benefits, leaving the WEP turned off. Since WEP is not even used by most home users, and firms have abandoned it for its lack of security features, the 802. 11b wireless security is a failure. Nonetheless, even though security in the 802 1 1b protocol is basically a failed method, it has started a wireless security revolution and has helped advance more current and future security methods. Table 2 describes a time line of the 802.1lb WEP security standard. Table 2 802. 11b WEP security timeline Event Ist half. 2000 802.11b and WEP introduced 2nd half. 2000 No one turns on WEP protection for their wireless network Ist quarter, 2001 WEP flaws are discovered More wep flaws are discovered 3rd quarter, 2001 Terrorist attacks cause fear Ist quarter, 2002 Mainstream press decides to brand WLAN security as a hot story.272 Y.B. Choi, J. Muller, C.V. Kopek and J.M. Makarsky Currently, there are several security standards that are being used in wireless networks to help combat this security problem. These standards include: 802.11b, 802.11i, Wi-Fi Protected Access (WPA) and Virtual Private Network (VPN). Each of these standards has different levels and methods of protection, and this section describes the features of each. 4.1 802.11b Security threats and attacks have compromised WLANs for the past several years. However, new emerging technologies allow WLANs to be secure and protected from most attacks. One recent step toward reducing WLAN attacks and threats is the security added to the 802.11b standard. The 802.11b uses the Wired Equivalent Privacy (WEP) protocol. WEP was designed to ensure both encryption and ease of use among wireless users. WEP encrypts the network packet with an encryption key. The encrypted packet is then sent to its destination and the destination must decrypt the packet to retrieve its contents. In theory, this sounds like a perfect way to encrypt packets and keep hackers from seeing the data, because no person or device knows the encryption key except the source and the destination. However, there is one inherent flaw in WEP that compromises its real security to any true hacker. With each packet, the WEP protocol sends a portion of the key in plain text, which hackers can use with a software to steal the encryption key and see the contents of the packets. The best and only way to ensure protection using the WEP protocol is to frequently change the key so that hackers cannot collect data on packets long enough to crack the key. Since WEP has widely known weaknesses, most major companies and firms have not implemented or have even abandoned the 802.11b wireless LAN. Another major problem with the 802.11b standard is that the WEP protection can be turned off. Most firms and companies know about WEP and they make sure they have it turned on. However, many home users are not educated enough to realise its benefits, leaving the WEP turned off. Since WEP is not even used by most home users, and firms have abandoned it for its lack of security features, the 802.11b wireless security is a failure. Nonetheless, even though security in the 802.11b protocol is basically a failed method, it has started a wireless security revolution and has helped advance more current and future security methods. Table 2 describes a time line of the 802.11b WEP security standard. Table 2 802.11b WEP security timeline Date Event 1st half, 2000 802.11b and WEP introduced. 2nd half, 2000 No one turns on WEP protection for their wireless network. 1st quarter, 2001 WEP flaws are discovered. 2nd quarter, 2001 More WEP flaws are discovered. 3rd quarter, 2001 Terrorist attacks cause fear. 1st quarter, 2002 Mainstream press decides to brand WLAN security as a hot story