Wifi leeching

[XTC46]

Hey Phish,
I agree that disabling SSID broadcast isnt the best way of securing your AP. But it does prevent people from just stumbling upon it. If you are broadcasting ANYONE can see the network, even if they arent looking for it. If you arent broadcasting then you actually have to be looking for a wireless network to find it. Its one layer of security. Although it can cause problems with WPA sometimes (I personaly have never experienced any trouble with this, but have been told it can casue problems)

[phishphreek]

I agree that it is a layer of security. Though, it is a pretty thin layer. Just like MAC filtering. People can sniff the MACs and spoof a valid mac easily. Thats why its good to use WPA and a VPN or some other authentication server (radius).

I've just found the disabling of the SSID to be more troublesome than its worth. Just my eperience. Your milage may vary.

But, for a home network... then the regular precautions should be fine. I'd just never deploy it at a place of business. Or my house... I'm not the normal user...

[thwhomp]

Ola -

Great information - but what about securing from the other side? I am seeing more hotels offering complimentary wired and wireless access. My question is how best to protect myself if/when I connect to the network - in this case wireless?

The other thing to note is that hotels may or may not have WEP enabled and may broadcast the SSID. So - needing to connect to the Internet, how would I best protect myself if a hotel has not enabled WEP and disabled SSID broadcasting?

Also - I am thinking when I encounter a hotel without basic security setup, I should mention to them the advice noted here and the article posted by XTC46: http://www.antionline.com/showthread...hreadid=267203

At this point however, I am just wondering how best to secure my system when connecting to an unsecured wireless network.

Gracias.

[CyberGlyph]

I was looking at security "av/firewall" the other day and noticed that one of the companies i was looking at had a 'wireless firewall'. I beleive it might have been Sygate or ZoneAlarm. Not sure if its actually any good, but it might be worth checking out on a products page...

[phishphreek]

Wireless firewall? Marketing hype?

Maybe you're thinking about the wireless routers that have a "firewall" built in?

Here is why I say this... You are only changing two layers in the OSI model. Layers 1 and 2.
Layer 1 is changing from ethernet 802.3 to wireless 802.11x x being version a,b,g,etc.

The encryption for wireless is being implemented at layer 2. (AFIAK...)
WEP or WPA. Thats if its enabled. If not... the rest is the same.

You are still using TCP/IP for communications.

Therefore... your standard host based firewall should be enough. Have XP SP2 with the firewall enabled? Good. Have ZoneAlarm or Norton Internet Firewall? Good.

However, just like on a wired network, without encryption... it is easy to sniff and see what you're doing. So... since your data is flying over everyone heads you may want to have your own encryption. If you are not worried about people seeing what your normal traffic is... then don't worry about it. Your secure sites should be encrypted using SSL anyway.

Another option.. setup your own VPN using your home broadband connection. Then you can VPN into your home network and use that connection or even remote desktop into a box on your home network. You could also setup a secure tunnel.

You could even use a proxy such as anonymizer which encrypts your activity...

I have seen some pretty nifty applications for wifi intrusion detection though...

Look at airsnare
http://home.comcast.net/~jay.deboer/airsnare/

Look at air defense (personal)
http://www.airdefense.net/products/

Here is the product that you were talking about...
http://www.zonelabs.com/store/conten...sp?lid=ho_zaws

Just looks like the firewall bundled with a configuration utility for your wifi interface...
I've not tried it or evaluated it... but it doesn't look like anything spectacular.

[1z2kpqu1]

I agree the best way to protect your wireless network is to use a WPA key. And then add all the remaining security figures diable the broadcast, mac filtering, etc...

[Double//Cut]

However, just like on a wired network, without encryption... it is easy to sniff and see what you're doing. So... since your data is flying over everyone heads you may want to have your own encryption. If you are not worried about people seeing what your normal traffic is... then don't worry about it. Your secure sites should be encrypted using SSL anyway.

If your talking about securing your computer against other wireless attacks, the obvious stands as everyone else has mentioned, ie firewall etc etc etc

if the hotel have wep, and you could get the key, then so can the guy sitting next to you... ie, he can sniff your packets that arent secured via ssl etc. wep will just help secure the connections to those who know the wep key, compared with those that dont...

So, pretty much, these protocols are the killers (send plain-text passwords etc)

TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB,
MySQL, HTTP, NNTP, X11, NAPSTER, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC,
LDAP, NFS, SNMP, HALF LIFE, QUAKE 3, MSN, YMSG

(and yes, it was from the man pages of ettercap :P)

So pretty much, if your really paranoid, when using any of those protocols, be very careful, assume someone is watching your packets all the time.