Enslaving the Airwaves: the Repercussions of Insecure Wireless Networks


by Josh George - Date: 2006-12-16 - Word Count: 764 Share This!

There is no doubt that wireless technology has evolved the way we communicate. With the popular 2.4 GHz frequency being unlicensed and inexpensive, people all around the world have been able to do things that were nothing short of impossible in the past. While this may be the case, the same also applies to hackers; wireless technologies have allowed them to not only penetrate the impenetrable, but also break into personal networks with blazing speed (as in minutes and even seconds if the wireless network's access point [AP] is completely unsecure).

So what can happen if someone breaks into your network? Well for starters, it acts as a gateway for hackers to break into your system. On top of that, they can install sniffers (which allow them to steal such things as passwords and other sensitive information), adware, spyware, trojans, viruses, worms, backdoors, rootkits, and other malware as well as pursue wireless jamming attacks, encryption attacks, DoS attacks, and other various attacks. In short, given enough time, the sky is the limit on what a hacker could do when they get inside your AP.

At this point, many may say to themselves "Well, I have nothing of value on my computer, so I don't care if they hack into it". This couldn't be any farther from the truth. If hackers compromise your computer, they'll turn it into something called a "zombie" (in other words, their slave), which will do anything the hacker wants it to. This could be anything from helping crack (or decipher) passwords, to breaking into websites, to even breaking into other computers.

Here's the kicker: if the hacker uses your computer to break into something and gets caught, guess who faces the consequences? Well, it was your computer that did the attacking, so it will be your fault, no matter if you knew about the attack or not. Whether it leads to fines or even jail time, you are stuck with a mess trying to prove that you are innocent, all while the hacker carries on with his life and pursues more targets.

Knowing about the consequences that can come from insecure AP's, there are many things you can do to prevent outsiders from trying to break in. Ideally, you'll use a "Defense in Depth" methodology, which means setting up multiple layers of security to try and deter hackers from breaking in. Now, some of these things discussed will not really add much in the way of security, but it is additional security nonetheless. Hackers love easy targets, so every layer of security you add makes it more difficult for them to break in, and thus acts as a deterrent. That being said, use the following security measures on your personal AP:

1.) Hide your SSID broadcast. Your SSID is simply the name of your AP. Without it, hackers will not know the difference between your AP and other ones in the vicinity.
2.) Change the name of your SSID. This may not sound like much but, the name can tell a hacker a lot about your AP. Using the default name probably means you are also using the default password, which can easily be found on the internet.
3.) Use MAC address filtering. A MAC address is simply an address burned into each wireless card. Using this filtering means that only the entered MAC addresses can access your AP.
4.) Enable Encryption. Use the WPA or WPA2 (if available) security mode as well as the AES algorithm. This makes it way more troublesome for hackers to eavesdrop your communications.
5.) Use both hardware and software firewalls. Chances are there is a firewall embedded right in your AP, so make sure it is enabled as well as firewalls on the networked computers.
6.) Keep learning about new wireless security threats. Technology keeps evolving, so it is in your best interest to research computer protection articles and other related news sources.
7.) Invest in computer security tools. While it is important to use layered security on your AP, it is even more important to do the same for your computer in case the hacker breaks through.

When it comes to wireless networks, deterrence can be one of the most powerful things working for you, providing you implement a Defense in Depth methodology like described above. With the large amount of weak and insecure AP's that are live today, layered security will play a vital role in whether or not outsiders try to break into your wireless network. In the end, taking the time to secure your AP now could be the difference of legal repercussions or identity theft down the road.


Related Tags: malware, spyware, adware, trojan, virus, worm, wireless security, wireless network, encryption, hacker, sniffer, rootkit, access point

Josh George has been an active member in the computer security and internet security community since 1998. He has made many presentations to groups that involved members from the FBI, DoD, and NSA and hopes to now help personal and small business users. To learn more about computer security and internet security, the link below provides time-tested best practices and recommended tools: Computer Protection.

Your Article Search Directory : Find in Articles

© The article above is copyrighted by it's author. You're allowed to distribute this work according to the Creative Commons Attribution-NoDerivs license.
 

Recent articles in this category:



Most viewed articles in this category: