I have found in life that many things we deal with are…mixed blessings. Such is the case with wireless technology. The very factors which make it so convenient (and thus popular) also make it less secure. A WAP is a radio station. It broadcasts its signal in all directions, for a limited distance; and it “listens” for signals as well. It (by default) sends out a constant “I’m here. I’m ready. I’m here. I’m ready…” When a passing device, a laptop or PDA say, gets within range it hears the WAP (Wireless Access Point) and can connect with it by sending a “I’m ready too. Let’s begin.” message.
So convenient. So easy. And no wires holding you to one spot. It’s a modern miracle!
It’s little wonder that nine out of ten networking devices sold in the US are “wireless”. They cost basically the same as wired, so why not get wireless too? My router is wireless (a WAP). Isn’t yours?
But I know about wardriving. Yes--”war+driving”. What’s that? It’s driving around with a laptop and a sensitive antenna (or a piece of coaxial cable stuck into the bottom of a Pringle’s can) and trying to “sniff” (detect) unprotected WAPs. It’s a game hackers play: who can detect the most unsecured WAPs in an hour? When they’re not doing it for kicks, they’re accessing a wardriven WAP and ‘creeping’. What’s that, you ask? “Creeping” is browsing around the data on the computers connected to the WAP. Most of the time they’re not interested in stealing your data (there’s no challenge there), they’re just snooping. They get some kind of kick out of it. (Sometimes they’ll leave behind a ‘calling card’ to let you know you’ve been ‘creeped’.) Most of the time these guys cause no harm…unless they see that you’re a total non-geek novice (no anti-virus, all your .docs are in one folder, you’ve never ‘defragged’, etc.) and they decide you’re “too stupid to own a computer” and they take it upon themselves to “punish” you by erasing your config.sys file (which will cause Windows to fail to load).
Sometimes they will simply “pile on” or “coast” a WAP and use it to surf the web for free--the main downside to the owner is reduced bandwidth (speed).
When a hacker runs across a WAP in his wardriving games that the owner has taken the precaution of encrypting, he usually passes on by, but sometimes they get bored with the super-easy creeping, and feel the need for a challenge (I’m sure, thinking, “what’s this guy hiding behind that encryption?”). This is when hackers become crackers. See, it’s terribly easy to turn on encryption--every WAP manufacturer builds it into the product--and use it. The trouble is most folks don’t know about it, much less use it…But for those who do, manufacturers included the ability to use WEP encryption (Wired Equivalent Privacy): a 128bit stream cipher key. So now the hacker is looking at gibberish and needs to find a way to “crack” the code to see the data being transmitted, and to talk/co-operate with the WAP--thus the ‘challenge’. Sadly, with the computing power of today’s personal computers and freely available tools a hacker can break into WEP protection in less than two minutes (much less).
Eventually, the hacker’s methods were discovered and WEP was quickly declared to be next-to-useless, and manufacturers switched to a new (2003) and improved methodology called WPA--Wi-Fi Protected Access. Now there’s WPA2. Have the hacker/crackers been thwarted? Well…um…no. However, WPA and the newer WPA2 are so time consuming to crack, the average hacker won’t bother. Why should he? There’s still plenty of folks broadcasting “Here I am. I’m free and easy. Here I am…” Seeemingly every house on the block an unwitting Internet café.
WPA2 is pretty good, and keeps out all but the determined (and sometimes even them).
The main points I want to make here are:
* You really do want to turn on the feature that scrambles your wireless transmissions. (To read my How-To article, How-to-secure-your-wireless-network, click here.)
* Securing your wireless by encrypting with WEP is next to useless; with WPA is so-so; and, WPA2 is the way to go at this time.
* Your network is only as capable as its weakest link, so if you have older devices that aren't WPA-capable, your newer devices will default down to WEP (or no encryption) level to acomodate your old. I recommend replacing your older gear with newer, WPA2-capable devices.
Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment