Wireless Security

The ability to share an Internet connection is great and the ability to do this wirelessly is even better. Wireless networks are easy to install—you don’t have to run cables, and you can roam around a location within the WLAN (wireless local area network), or physical range of wireless connectivity ( here’s a way to get started ). These features are what makes wireless networks so popular with both end users, and hackers.

The one problem with wireless networks is the vulnerability of your network. A typical hardwired network has physical security due to limited access to the actual network and one opening to the internet (Gateway) has a firewall or two in place (or it had better). This can stop most unauthorized access to your network. The difficulty in setting up wired networks has discouraged a lot of people from installing networks in the first place.

Then a long came the wireless which, as I stated earlier in the article, made the home networking game more appealing and not as intimidating. Having a wireless network means that the physical security that is inevitable in a wired network is simply not there. Anyone in the range of your wireless network can see your network, and if not secured properly, can gain access. If your wireless access point isn’t the router on your network then outsiders can slip in behind your firewall. This used to happen at my college—there was an apartment complex behind a portion of the school, and the other techs would piggyback on some guy’s network. He had an unsecured wireless network—no one did anything bad to him (at least to my knowledge)—they just used him for Internet access but he never knew.

There are some practices you can perform to insure that no one is using your connection or trying to get on your personal network. First and foremost you need to get WEP (Wired Equivalent Protection) in place, which is an encryption that stops unauthorized users from accessing your network. There are at least two encryption types in 802.11b (128bit, and 64bit) and should probably be changed every other week or so. WEP encryption used to be completely the user’s responsibility, but now I’m seeing hardware out of the box with at least one encryption key configured, forcing the user to configure his PCs in order to connect.

Using WEP is essential to wireless security, but don’t rely on it alone, there are other security measures you can put in place as well. With some wireless units you can set a MAC address filters, witch can really beef up your security. A MAC address is an identification number the manufacturer stamps on a network device, and is (or should be) completely unique. If this security is in place then even if someone knows the WEP Key they still cannot get into the network because your wireless access device will deny it.

There are two other things you might want to do to tighten up your network: The first thing you should do is go through and change all of the default security settings, and passwords. The reason I said this is most Routers and access points usually have a lot of these configuration fields (i.e. username and password or the SSID ) filled out with generic values for ease of setup. The bad thing about this is that people can use these settings against you to gain access into your network. Secondly, with a lot of routers your SSID is set to broadcast by default, this means that it’s broadcasting your network’s name to the physical reaches of your network. Not good, even if your neighbors don’t have the security rights to access your network they will constantly see it every time they boot up one of their wireless PC’s.

Through the use of these practices you will not only protect your network, but render it practically invisible, and that’s what you want. Just a side note before I go, if one day you boot up your wireless PC and you see a new connection that isn’t secure, please take it easy on ’em, it’s probably your neighbor. You have to remember not everyone is as informed or prepared as the Worldstart Readers and if your feeling nice go over and warn them to tighten up there network before someone not nice finds it open.

Stay safe out there,

~ Chad

ireless Network Security, part two: AirSnare

Those of you who look forward to the security articles I put out may remember last week’s article on the basics of wireless network security. This week’s article is along the same lines, not so much locking a wireless network down, but rather how to monitor it, and a really cool way to give any freeloaders a little scare.

Before I get ahead of myself, let’s do a little recap of last weeks security article. I talked primarily about locking down your wireless network using some of the integrated tools on wireless routers and WAPs (Wireless Access Points). Things like MAC filters, WEP keys, and changing “out of the box” passwords and SSIDs can stop most users from accessing your network, but what about a knowledgeable experienced user.

In case you didn’t know, there are sites and tools out there that advanced users can use to circumnavigate certain security measures, in order to get what they want. This could be the neighbor trying to get free Internet access or their kid who’s just horsing around. Either way you don’t want this and it’s a nice feeling to be able to catch’ em, who knows, you might even set them straight and teach them a lesson.

If you remember last week I mentioned how my classmates snuck on to some poor guy’s wireless network behind the university (bad place to have an unsecured network—these guys knew what they were doing and had the tools to do it) and surfing the web. If Mr. X had the program AirSnare he would’ve caught the students in the act, and he could’ve sent them a message letting them know the “jig is up”.

AirSnare is a wireless network monitoring system that has some pretty cool features. In a nutshell, AirSnare takes a list of MAC addresses that you have OK’d as being your network devices, (i.e. your home PCs) and alerts you of access by any other MAC address. The program actually warns you by telling you with a voice that there is “unauthorized access on your network”, and you can even set it to email you any security breeches. In addition to the audio warning, the interface also turns red and you can see the user’s MAC address and what they are doing. That’s right, you can actually see if an intruder is checking their mail or surfing the web.

Not only does it tell you this info, but you can actually double click the destination IP address and Airsnar will connect you to the site. This is all very cool, but the best is the Airhorn, an element of AirSnare that allows you to send intruders a message that pops-up on their screen telling them what ever you type in, for example “I’m watching every move you make, so get off of my network”.

The GUI is a little on the primitive side, bu
t that’s because it was meant as a low requirements tool, and not a bloated end-user program. Before you download the AirSnare look over the manual, especially the setup instructions. One thing you have to do is download, and install the WinPcap library—it’s a protocol analyzer and is an important component in AirSnare. The whole process (download and install) takes just a couple of seconds, basically download and double click. It doesn’t install a program just a library that AirSnare uses to capture network packets.

AirSnare may be a little different than other programs you’re used to, but it really is easy to use and if you have a wireless network I think it could be an invaluable tool for maintaining tight security. Besides, if friends or family come over you can blow them away with your knowledge of wireless security and your super-cool monitoring tools.

Download WinPcap…

Download AirSnare…

Stay safe out there,

~ Chad