October 6th, 2003, 07:54 AM
Secure your wireless network
Secure your wireless Network
A lot of people these days are setting up wireless networks in their homes and at the work place. because it is quicker and easier than spending a few days or an entire afternoon running cat5 cable through walls and ripping up the carpet just so they can have internet access in other rooms. so a quick and easy solution to it is setting up a wireless network but most computer users donít even bother thinking about securing it. Most users think that it is secure when they take it out of the box and hook it up and that they don't have to do anything to it . they are the ones who attackers love to find and take advantage of. I hope that what is written here will make you more aware of the security risks when setting up your network and how to make it more secure
To start out you will have to do the following things
Ban rogue access points If you have an Access Point that is currently connected to your home network, check to see if you were the one who put it in there and it is also a real good idea to check it periodically to make sure nothing has been added that you donĎt want or need to be on there.
Limit access rights While not everyone in your home will need to have a wireless card in their computer(s) Once you know who should have access to the access point, set it to only allow access with authorized MAC addresses only. Any resourceful person can spoof the MAC address quite easily
Use 128-bit WEP Using encryption is better than using nothing at all. Cracking the WEP (Wired Equivalent Privacy) security protocol is an added obstacle that the skilled attacker has to get through in order to gain access to your network. For the casual wardriver will just move on and not bother trying to crack the wep or try to access your network
Control your broadcast area Some security officers think that if the ap is away from streets or up on a high floor they will be safe from trespassers but being up on tall buildings or on a hill top they still can detect your network The only way to decrease the risks of your access point from being picked up by someone who is wardriving. is to use a wireless access point that will let you adjust the signal strength and adjust the signals direction. The first thing you will want to do is place your Access Point as far away as possible from any exterior walls and windows. The next step is to adjust the signal strength so that you barely get a connection near the exterior walls and windows. The less signal strength that you get at the windows and walls. The less likely someone will be able to pick it up from outside keep this in mind though that this really isn't enough to prevent someone from picking up the signal.
Limit the number of user addresses If you don't have many users that need to have wireless access the smart thing to do is limit the maximum number of DHCP addresses that the network can assign, just allowing just what you need is enough for the users you currently have and if everyone that is authorized in the group tries to connect and some can't connect, that will tell you that there is a few unauthorized log-ons on your network
Use the SSIDS wisely. Changing the default Service Set Identifiers for your Access Points will make the attackers attempt to get into your network a bit harder and more time consuming, and another thing don't use anything that will give an attacker any useful information as a example donít use your home address the less information the attacker has the more likely he/she will move on to another target.
Lock down each AP. This is one of the things that most people donít even bother doing and it makes it easy for attackers to connect to networks with out breaking a sweat because a lot of people don't even think about changing the default settings on their Access Points when they plug them in and are setting them up. changing the default administrator password will make your system more secure and make the attacker spend a little more time trying to crack the password donít forget to use a strong password that is very hard to crack, but easy for you to rember. A few things to keep in mind when creating a password is to never use any word that is in a dictionary. the longer and complex it is the more time it will take the attacker to crack it. so use a combination of upper and lower case letters, numbers and special characters such as Ab112%&Üś etc
Authenticate users. Use a firewall that supports VPN (virtual private network) connections, if you are sharing your network with friends and family you should set it up so it will require them to log on as if they were dialing in remotely yes it maybe a pain in the ass but it will make it more secure in the long run.
Listed below is free software that will let you scan your wap network and help you make your wireless network more secure by fixing the problem areas.
Windows 2000,Me,xp and pocket pc
NetStumbler, mini stumbler
netstumbler is used to detect wireless networks around your current area
this is a wireless audit software package
this software program recovers encryption keys
use this program with a gps device to map the surrounding area.
Freeware wireless sniffer and monitor that passively monitors wireless traffic and sorts data to identify SSIDs, MAC addresses, channels, and connection speeds
Freeware wireless LAN analyzer that interactively browses captured data, viewing summary and detail information for all observed wireless traffic
Toolkit that converts a wireless LAN user station to function as an access point. (Available for wireless LAN cards that are based on Intersil'sPrism2/2.5/3 chipset.)
Toolkit for determining 802.11 WEP keystreams and injecting traffic with known keystreams. The toolkit also includes logic for firewall rule mapping, pingscanning, and portscanning via the injection channel
Freeware encryption breaker that cracks 802.11 WEP encryption keys using the latest discovered weakness of RC4 key scheduling
Soft AP setup utility that is designed to steal usernames and passwords from public wireless hotspots by confusing users with DNS and HTTP redirects from a competing AP
Windows MAC Address Modifying Utility that allows users to change MAC address Network Interface Cards (NICs) on Windows 2000, XP, and 2003 Server systems, regardless of whether or not the manufacturer allows this option
Denial-of-Service tool kit that sends spoofed authentication frames to an AP with inappropriate
authentication algorithm and status codes. AP then drops connections with stations. Includes WLAN_JACK, Monkey_JACK, and hunter_killer
Internet Routing Protocol Attack Suite designed to attack common routing protocols including CDP,DHCP, IGRP and HSRP
Suite for Man-in-the-Middle attacks. It features sniffing of live connections and content filtering on the fly. Additionally, it supports active and passive dissection of many protocols and includes many features for network and host analysis
Password recovery tool that allows easy recovery
of various kinds of passwords by sniffing the network and cracking encrypted passwords using Dictionary, Brute-Force, and Cryptanalysis attacks. Decodes scrambled passwords and analyzes routing protocols
Passively monitors the network for probe request frames to identify the preferred networks of clients. Acts as an access point to allow the client to authenticate and associate
Brute-Force WEP cracker that uses Dictionary attacks against WEP keys. Is usually very
effective against residential gateways
Toolkit that can recovers weak LEAP passwords,read captured files, or sniff the air. Can also actively de-authenticate users on LEAP networks, forcing them to re-authenticate
Toolkit that can break the Cisco LEAP authentication protocol and can also spoof challenge-packets from access points, allowing the hacker to perform Dictionary attacks against all users
dsniff Collection of tools for network auditing and penetration testing. Can passively spy and perform Man-in-the-Middle attacks
Authentication crack tool that can use Brute-Force or a Dictionary attack against key/password used with Pre-Shared-Key IKE authentication
Remote security scanner
For a complete list of terms and definitions that are used in wireless network technologies and standards.
July 11th, 2008, 01:54 PM
quick question.. i bought a router with built in security, it generated/provided me a key to use that i had to input in all other pcs that i wanted to connect to. should i be concerned?
July 11th, 2008, 02:08 PM
Does it give you the option of creating your own key? My fears border on paranoid with defaults or manufacturer generated keys. They say they're random, how would you know if the "default" key was the same with every router?
"Somehow saying I told you so just doesn't cover it" Will Smith in I, Robot
July 11th, 2008, 02:06 PM
As long as it's WPA2 (or even just WPA) and the key is sufficiently complicated (which it probably is if it's been generated by the router's software), you're good.
July 13th, 2008, 01:45 AM
I must admit that I appreciate people that leave their router's open. When I have to cart the wife around, I usually can connect my ipod touch while sitting in the vehicle nearby due to this. I certainly don't do anything bad, just surf, youtube, etc.
Only trust Pipe-smoking Penguins.
July 13th, 2008, 02:03 AM
Bruce Schneier is a high-profile advocate of doing so:
I must admit that I appreciate people that leave their router's open.
July 21st, 2008, 12:16 AM
Indeed. Using two laptops, one using two wireless cards and BackTrack, a buddy of mine cracked a 128 bit WEP key in 14 minutes.
Might be time to update this info to WPA2
I haven't cracked one in awhile, but using the two-laptop setup I've done it in less than an hour (not using backtrack, but probably using the same or similar apps).