|
I was driving around
this weekend stumbling the networks that use just the 802.11b
wireless signal. I drove from one side of town clear to the other and
in that short stretch of city streets I found well over 100 wireless
networks. Some were businesses, and most were residential, but almost 25%
of them had no security what so ever, and 85% of those customers had
the factory Sysid of the manufacture for that product, and 50% of
those people are using the factory username and password.
Why is this a bad thing you ask? Because all
your computers connect to that router\AP. That means that all your
sensitive information goes across that wireless connection, so not
only can I mooch off the bandwidth of your internet but I can see
emails, passwords, credit card numbers, any packets that are not
encrypted using WEP, or WAP encryption protocols, using just about
any packet sniffing software.
I'm not going to go into to a big hacking tutorial,
but knowledge is power, and you need to know how to protect
yourself. I'm going to explain how it works and what you can do to
keep your private information private.
Using a program like Netstubler you can see all
wireless access points that do not have the Sysid hidden. This
program will tell you the Sysid and whether or not the AP is
encrypted.
|
Once I have found an AP that the Sysid is not hidden and not
encrypted, I look for one that the client has left the Sysid stock,
I will use the wireless configuration utility built right into
windows XP, It will detect the network and ask if I want to connect
to the unsecured wireless network. I choose connect and then it will
acquire an address on your network allowing me to gain access to your
internet, or computers, router, what ever I desire. If I need more
access at that point I can connect to your router right through
internet explorer and if you kept the password stock or easy to
guess (for example common passwords are God, Jesus, love, child's name,
ect.) then I have all the access I want.