Wifi leeching

Printable View

March 26th, 2005, 08:39 AM
CyberGlyph

Wifi leeching

Lets say for a moment that you live in an appt. complex and are running a wifi network. I know there are alot of security issues about wireless, but im going to be using it soon enough. How hard would it be for someine else in my complex to leech my bandwidth (jump on my network) from next door possibly?

I've done what reading I can and plan to use NetStumbler to see if anyone else is using it around me that I can tell. But just to easy my paranoid mind, what would one do to protect and leech bandwidth from a neighbors wireless network? The only real information I can find is wifi sniffers...
March 26th, 2005, 10:52 AM
nihil

If the wifi is not protected then it can happen with virtually no effort. In one respect this is an intentional feature of wifi............for example you can go down to my local railway station and hook up to a wifi link for free............these (intentional) free nodes are all over the place, and reflect the freedom and mobility that wifi provides.

Wifi routers come with security features that are either off or on default settings....just follow the instructions to activate/change them and you should be OK.
March 26th, 2005, 11:44 AM
XTC46

let me give you a run down of basic precausions you will want to take.

Step 1) Change the default username and password on the router. There is no point in any other security if the thing that controls the security can be accessed by anyone.

Step 2) turn on WEP or WPA if your router supports it and use a strong key (think of the keys as a assword to your network and create your key with that mindset)

Step 3) use static IP addresses if possible, and Limit the IPs that can be released. On my network I have 3 computer so only 3 IP addresses can be assigned.

Step 4) If possible turn on MAC filtering.

Step 5) Stop broadcasting SSID. This is debateable and many will argue it auses more problems then its worth, but in my opinion it is a good step in hiding your self. its a method of security through obscurity which I persoannly am a big fan of as long as it is used with other layersof security.

Step 6) keep your router firmware up to date, and keep your computers patched.

follow the above and you should be pretty good to go.

for a little added security if you are really worried, do things like use multiple WEP keys if your router supports it, and alternate the WEP keys. Let the guy that is cracking deal with cracking the wep every few days.. Also run a constant capture with ethereal and if you notice alot of traffc and know its not you, than you either have a fun virus (which is damn good to know about anyway) or somone if using your network. Check the router on occassion to see if anyone has gotten an IP assigned to them that shouldnt have. Turn ont he logs for the router (most cheap ones have this feature off by default). And practice good monitoring of traffic and of logs. These will really lock you down tight. good luck.
March 26th, 2005, 05:31 PM
CyberGlyph

Thanks for the info, that seems like it should just about take care of every security risk for wifi that I can think of.

Im going to school to become a sysadmin, so im trying to brush up on everything I already know and anything else I don't that I might run into. Time to learn a new catagory, thx.
April 4th, 2005, 12:33 PM
Polymira

Re: Wifi leeching

Quote:

Originally posted here by CyberGlyph
I've done what reading I can and plan to use NetStumbler to see if anyone else is using it around me that I can tell. But just to easy my paranoid mind, what would one do to protect and leech bandwidth from a neighbors wireless network? The only real information I can find is wifi sniffers...

Ok, so how the hell does NetStumbler help you out here?

All netstumbler does is broadcasts 802.11 requests, seeing if anybody responds (access points, wifi cards in ad-hoc mode, etc), that's all. It won't tell you who's connected to a network, it won't tell you if someone else is looking for a network ... and it's quite noisy...

Your best bet would be to turn on wep/wpa (wpa prefered). Wep is easy to crack, it's only a matter of time... BUT when someone (especially the netstumber people) see a network using encryption, they usually just keep looking. If it's going over the air unencrypted, i can sit there with any ol sniffer (kismet, ethereal, etc) and see anything going over the air... plaintext == especially easy

And as for leeching bandwidth .... the above should be fine, if you want to be extra careful, you can do any of the following...

*Turn off your routers dhcp server
*Turn on MAC filtering
*Swap your antenna's for something only powerful enough for what you need + directional can be your friend....

Anyways, good luck on the whole sysadmin thing... and ummm ... unless you absolutely need it, keep your wireless seperate from your wired .... invest in a decent router (WRT54G ... ) .... and above all, have fun.
April 4th, 2005, 06:02 PM
spheraice

Simplest answer: it is as hard for them as you make it for yourself;) Atleast use strong wep/wpa....then use authentication @ the router/switch level...I would deny all access(a true IP.....i.e. give them a 192.168 number just to get to the authenticate, then give them a 10.01 number once they have authenticated.....and have the firewall deny all 192.168 #s......even if they crack your wep/wpa keys, they will still need to authenticate to your firewall/router/switch before they can even browse da intarnet.....Setting static won't help you much as the person could forge their mac into yours.....and if they know your mac, then most likely they know your IP.
April 4th, 2005, 08:39 PM
dark5yntax

you can also set up your router to only have a number of IP address for the amount of computers you have. That way if they do manage to get on and all your computers are on they would have to spoof an IP which isn't impossible or all that difficult but its an extra step your making them take.
April 4th, 2005, 09:43 PM
XTC46

First off lock down your netwokr like I said previously. if you still are concerned run ethereal or any other other free packet sniffing program and look fro traffic that does not belong to your computers.
April 4th, 2005, 10:35 PM
Tiger Shark

Ahem....

This is a wireless network in an apartment block not a high security government facility.

Learn about MAC filtering and you will be fine.....
April 4th, 2005, 10:47 PM
phishphreek

To chime in here a bit late... I would go with what XTC46 has already mentioned.
It is even possible to add an additional layer of authentication (UID/PWD) using a RADIUS server.

http://www.freeradius.org/

I was just browsing this solution at borders the other night in linuxjournal
http://www.linuxjournal.com/article/8017
(require subscritption... but it is free if you stand at the magazine rack at your local book store... like I do)

One thing I don't go with is the disabling of the SSID. If someone wants to find it out... it is pretty simple. Maybe the AP won't be broadcasting, but using something like Kismet, you can watch the clients looking for the available APs.

I was sitting there in the library the other day around some people who also had laptops out. There were no available APs there. However, kismet showed several of the laptops around me looking for their "preferred" APs.
April 4th, 2005, 10:59 PM
XTC46

Hey Phish,
I agree that disabling SSID broadcast isnt the best way of securing your AP. But it does prevent people from just stumbling upon it. If you are broadcasting ANYONE can see the network, even if they arent looking for it. If you arent broadcasting then you actually have to be looking for a wireless network to find it. Its one layer of security. Although it can cause problems with WPA sometimes (I personaly have never experienced any trouble with this, but have been told it can casue problems)
April 5th, 2005, 03:50 AM
phishphreek

I agree that it is a layer of security. Though, it is a pretty thin layer. Just like MAC filtering. People can sniff the MACs and spoof a valid mac easily. Thats why its good to use WPA and a VPN or some other authentication server (radius).

I've just found the disabling of the SSID to be more troublesome than its worth. Just my eperience. Your milage may vary.

But, for a home network... then the regular precautions should be fine. I'd just never deploy it at a place of business. Or my house... I'm not the normal user... ;)
April 25th, 2005, 05:43 AM
thwhomp

Ola -

Great information - but what about securing from the other side? I am seeing more hotels offering complimentary wired and wireless access. My question is how best to protect myself if/when I connect to the network - in this case wireless?

The other thing to note is that hotels may or may not have WEP enabled and may broadcast the SSID. So - needing to connect to the Internet, how would I best protect myself if a hotel has not enabled WEP and disabled SSID broadcasting?

Also - I am thinking when I encounter a hotel without basic security setup, I should mention to them the advice noted here and the article posted by XTC46: http://www.antionline.com/showthread...hreadid=267203

At this point however, I am just wondering how best to secure my system when connecting to an unsecured wireless network.

Gracias.
April 27th, 2005, 04:32 PM
CyberGlyph

I was looking at security "av/firewall" the other day and noticed that one of the companies i was looking at had a 'wireless firewall'. I beleive it might have been Sygate or ZoneAlarm. Not sure if its actually any good, but it might be worth checking out on a products page...
April 27th, 2005, 06:44 PM
phishphreek

Wireless firewall? Marketing hype?

Maybe you're thinking about the wireless routers that have a "firewall" built in?

Here is why I say this... You are only changing two layers in the OSI model. Layers 1 and 2.
Layer 1 is changing from ethernet 802.3 to wireless 802.11x x being version a,b,g,etc.

The encryption for wireless is being implemented at layer 2. (AFIAK...)
WEP or WPA. Thats if its enabled. If not... the rest is the same.

You are still using TCP/IP for communications.

Therefore... your standard host based firewall should be enough. Have XP SP2 with the firewall enabled? Good. Have ZoneAlarm or Norton Internet Firewall? Good.

However, just like on a wired network, without encryption... it is easy to sniff and see what you're doing. So... since your data is flying over everyone heads you may want to have your own encryption. If you are not worried about people seeing what your normal traffic is... then don't worry about it. Your secure sites should be encrypted using SSL anyway.

Another option.. setup your own VPN using your home broadband connection. Then you can VPN into your home network and use that connection or even remote desktop into a box on your home network. You could also setup a secure tunnel.

You could even use a proxy such as anonymizer which encrypts your activity...

I have seen some pretty nifty applications for wifi intrusion detection though...

Look at airsnare
http://home.comcast.net/~jay.deboer/airsnare/

Look at air defense (personal)
http://www.airdefense.net/products/

Here is the product that you were talking about...
http://www.zonelabs.com/store/conten...sp?lid=ho_zaws

Just looks like the firewall bundled with a configuration utility for your wifi interface...
I've not tried it or evaluated it... but it doesn't look like anything spectacular.
April 30th, 2005, 12:43 AM
1z2kpqu1

I agree the best way to protect your wireless network is to use a WPA key. And then add all the remaining security figures diable the broadcast, mac filtering, etc...
April 30th, 2005, 09:23 AM
Double//Cut

Quote:

However, just like on a wired network, without encryption... it is easy to sniff and see what you're doing. So... since your data is flying over everyone heads you may want to have your own encryption. If you are not worried about people seeing what your normal traffic is... then don't worry about it. Your secure sites should be encrypted using SSL anyway.

If your talking about securing your computer against other wireless attacks, the obvious stands as everyone else has mentioned, ie firewall etc etc etc

if the hotel have wep, and you could get the key, then so can the guy sitting next to you... ie, he can sniff your packets that arent secured via ssl etc. wep will just help secure the connections to those who know the wep key, compared with those that dont...

So, pretty much, these protocols are the killers (send plain-text passwords etc)

Quote:

TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB,
MySQL, HTTP, NNTP, X11, NAPSTER, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC,
LDAP, NFS, SNMP, HALF LIFE, QUAKE 3, MSN, YMSG

(and yes, it was from the man pages of ettercap :P)

So pretty much, if your really paranoid, when using any of those protocols, be very careful, assume someone is watching your packets all the time.