By Dave Bailey IT Week

On a Saturday morning trip into town about a year ago, I took break for a coffee near some big-name department stores. At the time I was testing the Sniffer Wireless detection software from Network Associates loaded onto an iPaq handheld...

Call me a geek if you want, but I couldn't resist pulling the PDA out of my pocket and having a quick scan to see what I could find. Letting it search around for a minute brought up about six 802.11b access points, all broadcasting security identifiers (SIDs) and only one of which was operating with WEP security enabled. I didn't pry any further, but these networks were basically open to all comers. At the very least, I could probably have used one of those networks to surf the internet free of charge for as long as I liked.

IT managers ought to be aware by now of just how easy it is for someone to set up unauthorised wireless access to the corporate LAN. Just get hold of an access point - preferably one of the low-cost small-office models with no SNMP support, so it can't be picked up with a network scan - and plug it into the nearest LAN access port. Let it pick up an IP address from the server, and you can be surfing wirelessly in minutes.

Products conforming to the 802.11b standard usually have WEP security turned off by default, so enabling and messing about with ASCII or hex access keys makes it more secure. Locking down access to nodes with specific MAC addresses is a step up, but address spoofing can circumvent this with surprising ease.

A couple of weeks ago Microsoft issued a free Windows XP download to support Wi-Fi Protected Access (WPA), a new standards-based solution for enhanced security from the folks at the Wi-Fi Alliance. As the press release said: "The result is a new level of protection for customers taking advantage of the wireless features of Windows XP."

Microsoft seems to have scented an opportunity here, since the 802.11i standard for enhanced wireless security might not be ratified until the end of the year. There may be a lot of firms out there that would like to make greater use of the opportunities presented by a wireless network, but they don't want to spend a fortune - and take the time - to lock it down.

But despite the problems, use of wireless networks is spreading. Hotspots are popping up all over the place, and you can't move in central London for Centrino adverts. So Microsoft is perhaps hoping to pick up some business from users concerned about security as wireless networks take off. However, those users will need to be running Windows XP and will need to use a WLAN adapter that supports the Wireless Zero Configuration service. They will also have to download and install the new Windows WPA client, which supports these new features - or rather, their friendly neighbourhood IT department will have to do it.

In other words, wireless network standards are a mess. The vision of being able to go anywhere and have access to all your corporate data without any worries still seems as far off as ever.