Last Thursday, CNN.com ran a story on a security threat to wireless users called an Evil Twin. Essentially, all an attacker does is give her AP an identical SSID as the legitimate AP, drop it within proximity of wireless users, and wait for people to connect.

The end user has no idea that they are connecting to the wrong AP, and the attacker is able to conduct any number of attacks on the user including a man in the middle attack or simple packet capture.

Being seduced by an Evil Twin can be deterred by using WEP or WPA security, though there is still no guarantee that you are secure. WEP's been pretty well compromised and it's well accepted that WPA's days are also numbered.

Ultimately, the solution doesn't lie on the network layer, but on the data layer. If you really want to secure yourself, use something like ReefEdge's Dolphin. This software's an all in one wireless router/firewall with VPN capabilities. Place Dolphin on a machine between your wireless router and the rest of your network and it will regulate and secure access. From their site:

The Dolphin software transforms dedicated x86 hardware into a secure wireless gateway. Dolphin is ideal for a home environment or for IT professionals interested in exploring wireless network security. Dolphin supports secure authentication, IPSec security, and session roaming across subnets. Users authenticate with the wireless LAN using SSL and Dolphin enforces security policies based on type of user. Dolphin even supports encrypted access for trusted users via IPSec.

Cool stuff huh? With Dolphin, you can forget about WEP or WPA. The pipe to your network is regulated by a free enterprise strength security appliance that you can assemble yourself! Very cool stuff!

Note: As of this posting, the techzone.reefedge.com domain doesn't seem to be responding. Oh well, try try again.