Recent surveys have revealed the increasing threat of hackers getting access to wireless local area networks (WLANs).
This type of hacking activity is also known as "drive-by" hacking. Attacks come from hackers driving around in dense WLAN areas, such as the City of London, with home-made code cracking kits looking for vulnerable wireless networks.


silicon.com has teamed up with wireless security consultancy Orthus, to put together the 10 best tips to keep those drive-by hackers at bay.

1. Use directional antennae to avoid excessive spreading of the signal. Signals can emanate many hundreds of feet!

2. Change the default password on the access point (AP). As most freeware scanning software can quickly suss out the default password it is vital that the password is changed.

3. Always use wired equivalent privacy (WEP). While WEP is not automatically secure it does at very least act as a barrier.

4. Ensure the WLAN is on a separate network or firewalled interface. Treat the WLAN as a semi-untrusted network.

5. Install a personal firewall on all systems using WiFi (The wireless protocol). Many new laptops are being shipped with inbuilt WiFi cards which means your system may be remotely accessible without the protection of firewall.

6. Perform regular external WLAN audits with a scanning tool. Check for the introduction of unauthorised APs to the network.

7. Perform regular internal WLAN audits. Additionally, check for the introduction of unauthorised wireless cards and APs that maybe used for illegal file sharing.

8. Administration of wireless networks is important! Administration should be conducted via secure encrypted sessions. Make sure you are using SSL (secure socket layer) and VPN authenticated sessions that protect the administrator password when doing this.

9. Maintain audit logs of who is using the WLAN. Audit them regularly to identify unauthorised access and internal abuse of the network.

10. Assess the information passing over the wireless networks. Consider the sensitivity and lifetime of data passing over the wireless network. Is it covered by the Data Protection Act?
And remember - wireless networks should always be treated as public networks!

Source: http://www.xatrix.org/modules.php?op=modload&name=News&file=article&sid=1184&mode=thread&order=1

very nice post on something very important that we dont hear enough about

thanx s0nic , id give u positive points but i have to spread them around first ;)


_NetSyN_

useful info s0nIc.

God this crap is getting on my nervous , i say this is a nice post and i like it and its a important topic and i get negative points stateing
"It was not a nice post, it was someone else's article"

Christ grow the hell up!

quit acting like little children when it comes to using the anti point system!

THE ANTI-POINT SYSTEM IS TO SHOW THE DIFFERNCE BETWEEN GOOD USERS AND BAD USERS (in short)
HOW THE HELL IS ME COMPIMENTING SOMEONE ON THEIR POST MAKING ME A BAD USER?!

bluntly put
GROW THE F UP!

_NetSyN_

It does neglect to say anything about VPNs except that you should administer the WAPs by it and SSl. How about running your clients through a VPN when they are on the WLAN??

I agree with NetSyn!
Almost all the info shared at AntiOnline isn t infented during the writing of a post!
There is no mistake about it,sharing good info from third sorces[online info,books,radio/tv or other]is no anti-point worth!
Someones cheers/anger/miscontent about a post[good/bad]should never be awarded with pos/neg points.



At your serves.[Pim Fortuyn]

Static WEP can be broken relatively easily.

I would recommend using Kerberos for authentication. In deploying Kerberos, you can set an expiry on each encryption key.

Having dynamic WEP keys (rotating every few minutes) drastically reduces all vulnerabilities associated with WEP encryption.

lol i guess some people dont get the idea of Computer Security... its not about who is the author of the post or not.. what matters if the contents are important or not. And i would understand if you dislike the post coz its not mine and for the fact that IM CLAMING ITS MINE. but im not, as you could see i posted the source. I see some of us here dont know the true spirit in computer security... Its all about securing your boxes and gettint the right information on how to secure it. remember.. this IS a security site, not an "article originality marathon". If i read something important and i think that others should know, I post it. I share it. thats what its all about. And clearly if you want to read something original go read my tutorials coz they are as original as they can get.

You cant handle the heat, stay out of the kitchen. Coz i will not withdraw information just because its not mine... the people has the right to know. Right now there are people out there with their Wireless network secured because of this post, because they RELY on AO to give them useful information. Isnt that what this site is all about? Helping in contributing Computer Security..

Like NetSyn, he didnt care if the article was originally mine, what he cared was what was in the article, its contents. And he found it useful, and he is grateful. there is nothing bad about that... This isnt a damn poetry site, its a Computer Security site. so wake up neo...

It does neglect to say anything about VPNs except that you should administer the WAPs by it and SSl. How about running your clients through a VPN when they are on the WLAN??

interesting point there.. probably the reason is because VPNs are kind of GENERAL.. targeting and isolating security flaws would take some time.. but dont worry, im working on it. Ill compile a document form for VPN Security and post it here. hopefully some of you can download it. but thanks for pointing that out Korp.. im on it.

that happened these days at CEBIT -one of the biggest computer trades in the world:


Wireless LANs in Abundance (http://www.heise.de/english/newsticker/data/anw-14.03.02-009/)



Wireless LANs in Abundance

In accordance with their previous announcements MobilCom and Cisco are offering free wireless LAN access at the international CeBIT IT trade fair, which is currently taking place in the northern German city of Hanover. But not only they are making such offers -- many exhibitors are running their own wireless networks; these are unprotected and thus more or less intrude upon the attention of visitors that have brought their WLAN notebooks along.

Members of the WaveHan project in cooperation with c't magazine have taken a look around the trade fair and in doing so have brought to light a number of astonishing facts. In Hall No.1 alone they discovered 108 different wireless networks, of which less than a third were encrypted. The majority of WLANs are configured in such a manner that one is assigned an address automatically, thus gaining free access to the Internet on the spot -- and, what is more, at times at an astonishing level of quality: Transmission speeds of 280 Kbytes/s are likely to make even DSL-spoilt surfers envious.

As if these unintended free offers were not enough these radio networks were also frequently transparently linked to the cable-based LANs of the exhibitors with their demo computers and servers. In the streams of data our network sniffer detected, above all, calls for web pages, but also e-mails (IMAP), Telnet sessions and SMB Windows-data-clearance packages.

One less than radiant example among many was Intel, part of a web presentation of which was on air. Even next to the stand of a firm whose standard boldly bears a "Wireless Security" motto we found an open network. The SAP stand, on the other hand, showed that this need not be the case: Here the wireless networks were WEP encoded at least. This encryption too can be decrypted, but to do so an assailant would have to eavesdrop on network transmissions for several hours first. At least one exhibitors is playing it safe and is running a wireless LAN with IPSec.

One can only hope that the exhibitors' stands' systems do not contain sensitive data. That every employee at the stands who chances to be reading or writing an e-mail happens to be aware of the fact that the CeBIT´s ether just may be listing in is doubtful.



it's amazing how stupid some companies are!! :eek:

Another "Cheap Trick" I use for my home wireless network is to set the AP to accept only the known MAC addresses from within my network. Combined with WEP, I feel reasonably secure at home.

Administering a MAC access table in a corporate net is another story - too many issues.

(maybe out of subject) I have wired network, it's cheap and fast (in my opinion). What's the advantages of wireless network?

well same advantage with cordless fones compared to the ones with a cord..
same advantage of a cell phone compared to a car phone..

no wires.. lol

you can access the network anywhere... no need for cables or fone lines.. all you need is a transmitter and the right frequency.. Ofcourse its aided by a sattelite.

very useful post .. no matter source whom is it...

nice post sonic, and hard to find.

this link may help to.

http://www.hideaway.net/Wireless___PDAs/Library/library.html

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=221708#post476436) by s0nIc
well same advantage with cordless fones compared to the ones with a cord..
same advantage of a cell phone compared to a car phone..

no wires.. lol

you can access the network anywhere... no need for cables or fone lines.. all you need is a transmitter and the right frequency.. Ofcourse its aided by a sattelite.

Does it effect mobiles or the internet connection?

could you please clarify?