Tech News - January 2006

Resolve for better wireless security!

By Jeremy Robertson

 

     I was driving around this weekend stumbling the networks that use just the 802.11b wireless signal. I drove from one side of town clear to the other and in that short stretch of city streets I found well over 100 wireless networks. Some were businesses, and most were residential, but almost 25% of them had no security what so ever, and 85% of those customers had the factory Sysid of the manufacture for that product, and 50% of those people are using the factory username and password. 

Why is this a bad thing you ask? Because all your computers connect to that router\AP. That means that all your sensitive information goes across that wireless connection, so not only can I mooch off the bandwidth of your internet but I can see emails, passwords, credit card numbers, any packets that are not encrypted using WEP, or WAP encryption protocols, using just about any packet sniffing software. 

I'm not going to go into to a big hacking tutorial, but knowledge is power, and you need to know how to protect yourself. I'm going to explain how it works and what you can do to keep your private information private. 

Using a program like Netstubler you can see all wireless access points that do not have the Sysid hidden. This program will tell you the Sysid and whether or not the AP is encrypted. 
Once I have found an AP that the Sysid is not hidden and not encrypted, I look for one that the client has left the Sysid stock, I will use the wireless configuration utility built right into windows XP, It will detect the network and ask if I want to connect to the unsecured wireless network. I choose connect and then it will acquire an address on your network allowing me to gain access to your internet, or computers, router, what ever I desire. If I need more access at that point I can connect to your router right through internet explorer and if you kept the password stock or easy to guess (for example common passwords are God, Jesus, love, child's name, ect.) then I have all the access I want. 
Obviously the first thing to do is setup the encryption on your access point this discourages the hacker because there is a lot more work involved in hacking an encrypted wireless signal. Next don't use DHCP. DHCP will automatically assign an IP address to any computer that wants to connect to your network. This step makes it harder for me to find an address in your subnet, and with out that I can connect but I cannot pass any traffic to or from my computer to yours or vise versa. Hide the Sysid!!! If I can't see your network then I don't know it's there and you are a lot safer. In order to detect a network that the Sysid is hidden I would have to use a spectrum analyzer and that's expensive and still won't clue me into what your Sysid is, so your network is pretty safe.

None of these steps alone will keep you completely safe but used in conjunction with each other they will ensure that your private data is safe.

Let's review.....

Never use the stock Sysid for your Ap.
Always Change the user name and password for your router\AP.
Use Strong Passwords (use numbers and letters to make the words)
Choose a Sysid that's Strong and hide it.
Don't use DHCP to assign an IP address.

So I hope this article helps you have a safe and Happy New Year

Jeremy M. Robertson
Senior Technician
The Computer Generation Inc.