for better wireless security!
By Jeremy Robertson
I was driving around this weekend stumbling the networks that use just the 802.11b wireless signal. I drove from one side of town clear to the other and in that short stretch of city streets I found well over 100 wireless networks. Some were businesses, and most were residential, but almost 25% of them had no security what so ever, and 85% of those customers had the factory Sysid of the manufacture for that product, and 50% of those people are using the factory username and password.
Why is this a bad thing you ask? Because all your computers connect to that router\AP. That means that all your sensitive information goes across that wireless connection, so not only can I mooch off the bandwidth of your internet but I can see emails, passwords, credit card numbers, any packets that are not encrypted using WEP, or WAP encryption protocols, using just about any packet sniffing software.
I'm not going to go into to a big hacking tutorial, but knowledge is power, and you need to know how to protect yourself. I'm going to explain how it works and what you can do to keep your private information private.
Using a program like Netstubler you can see all wireless access points that do not have the Sysid hidden. This program will tell you the Sysid and whether or not the AP is encrypted.
|Once I have found an AP that the Sysid is not hidden and not encrypted, I look for one that the client has left the Sysid stock, I will use the wireless configuration utility built right into windows XP, It will detect the network and ask if I want to connect to the unsecured wireless network. I choose connect and then it will acquire an address on your network allowing me to gain access to your internet, or computers, router, what ever I desire. If I need more access at that point I can connect to your router right through internet explorer and if you kept the password stock or easy to guess (for example common passwords are God, Jesus, love, child's name, ect.) then I have all the access I want.|
Obviously the first thing to do is setup the encryption on your
access point this discourages the hacker because there is a lot more
work involved in hacking an encrypted wireless signal. Next don't
use DHCP. DHCP will automatically assign an IP address to any
computer that wants to connect to your network. This step makes it
harder for me to find an address in your subnet, and with out that I
can connect but I cannot pass any traffic to or from my computer to
yours or vise versa. Hide the Sysid!!! If I can't see your network
then I don't know it's there and you are a lot safer. In order to
detect a network that the Sysid is hidden I would have to use a spectrum
analyzer and that's expensive and still won't clue me into
what your Sysid is, so your network is pretty safe.
None of these steps alone will keep you completely safe but used in conjunction with each other they will ensure that your private data is safe.
Never use the stock Sysid for your Ap.
So I hope this article helps you have a safe and Happy New Year
Jeremy M. Robertson