-
Licensing
The dangers of war drivers.
Okay there is a lot of people out their using Wireless access points because their so easy thanks to Microsoft, but are they really safe you might have asked yourself before purchasing one of these in my opinion nothing can beat wired networking in your own house, but you might have a laptop and want to move around well then I would say you do need wireless.
So what security issues does wireless face?
Simple a lot you might of heard of these so called war drivers, these people drive around in their car trying to pick up wireless signals especially unsecured ones once they’ve done this they will begin to sniff your ‘traffic’ passing through your wireless connection this means everything you’re doing is being logged into their computers so lets use a example, your looking at a shopping site like amazon.com while your shopping the war driver is logging things like pages you visit to your login details, once they’ve done that it is possible to do things like change your delivery address then you wont get your stuff and someone else might get it, this can be a pain when you get your bill and find that you’ve lost thousands of pounds, because of one person and their laptop.
If you have a wireless access point you might of heard of WEP the most popular encryption out their no its not secure I remember hearing a while ago that this protocol was used for testing your network (I’m not fully sure) but was developed into a encryption, which to this day is not secure and can be cracked in a matter of minutes by professional hackers to just script kiddies, now war drivers might target you because that is easy to crack even if it’s a encryption protocol.
What is secure you might be asking at this point?
One of my favorite methods of securing my self when at a café with wireless is using SSH tunneling using a program called Putty there are literally thousands of tutorials out their explaining how it works so I wont go on about it, but this can be used for your home network or just when you want to use it at a café.
WPA you might of heard of this encryption method you should find it comes with your access point if not check the manufacturers site for firmware upgrades so you can use it, if you need to upgrade you might find you can even use WPA2 which is even better, when using an wireless network I always preach to people about securing it using it, this is a much more secure encryption protocol and for the moment at least you wont get script kiddies hacking you.
Is that it are you finished yet?
Nearly one of the most important things is changing your access point name, it you have a default name I would laugh at you as this is the most dangerous thing you can do out of everything and you will be purposely targeted so lets say your default name is Linksys on your linksys wireless router, this means you more than likely haven’t changed your default username and password if you haven’t you NEED to check your DNS setting if their not yours write them down and consult someone preferable your ISP or if worst comes to worst the police you may have been pharmed meaning they have redirected all your traffic to their servers once this happens and you put in yourbank.com into your browser you would be redirected to their server with a fake website, it is very hard to notice the difference and I doubt you would, so now they have stolen all your login details you may of lost a lot of money so please change the default name and login details for your own security!
Comment Darksat
The Best ways to secure a wireless network are.
(1)Disable broadcasting of Session IDS
(2)Use WPA instead of WEP encryption
(3)Change all the routers default passwords to Something SECURE EG:A passphrase with numbers and special charicters.
(4)Restrict the Mac addresses that can connect to the router.
(5)Turn it off when you are not using it (Simple yet very effective).
More on my website.
http://darksat.x47.net
Comment Mike Markie
Brilliant thanks for adding to it, my favorite one is turn it off
simple but really effective.
Comment Darksat
Sometimes the most low tech solutions are the best.
Dont be blinded by the high tech solutions my young padawan, use the force.
Here is a riddle for you, whats the easiest way to get someones password.
Comment Mike Markie
Its always the low tech that are the best no one always looks at it though they think they should go more techy.
Ask for it :D, so simple!
Comment Darksat
Methinks you have progressed beyond "damm good skiddie"You have learned well, although there is still much to learn.Your doing good though, im impressed. The underground awaits your return.
Comment Mike Markie
I shall be back one day, then i can catch up on things
.
Comment Dave Hansen
Yes, always secure your wireless access point by first changing the SSID and username and password. This will prevent some drive by hacker from changing your settings on the router including the DNS servers.
Then set the SSID to not be broadcast. You will have to enter it in all of your wireless computers at home. Then set the allowed MAC addresses that can use your network. (These can be spoofed easily though).
Most prople bring their wireless routers home and stop configuring them once they can connect to the internet. What a big mistake!
The use of WEP or not is another question. Anyone upstream on your internet can SNIFF or SPOOF DNS regardless of how you are connected to the internet.
With some equipment, your WIRED network can even be sniffed.
Do not enter any password, account, billing or other information unless the url in the address bar says https://www.somserver.com.
I am amazed that the windows update and other software update sites do not use an https://…. address. The upstream DNS servers can be spoofed and the update servers (if sophisticated enough) could be updating your computer with alot of horses.
Comment Mike Markie
Yeah I’ve noticed that once their on the internet they don’t bother securing it.
Thanks for the info it seems that SSID is fairly important in wireless I’ll have to look into it a little bit more.