« Further thoughts on the ApeXtreme Personal Gaming Console | Main | The Secret 2004 Nintendo System Might be an Emulator »
Wifi Security is a Good Idea
I just wanted to make a brief public service announcement about why Wifi security settings are a good idea. You see I am over at my girlfriends place and I accidentally discovered that her neighbors have an Apple Air Port and absolutely no Wifi security settings enabled. I have to wonder about how many folks who get a Wifi network adapter and never turn on or change the security settings. I am about three hundred feet from said house and if I hold my notebook up to the back window in her kitchen or bathroom I get enough signal to log on to their network. If I turned on Wifi ad hoc networking could probably log on to their Mac notebook.
I am not doing anything super bad with this but I could if I really wanted to. Wifi can be used to launch spam and email threats not to mention P2P music downloads. I mean I could write a threatening email to a politician and send it using some other chumps internet account using their Wifi and they would be the one visited by the FBI.
Setting up some decent Wifi security is one of the first thing that I did when I got my Wifi router. Wifi networking security is still and evolving technology and a professional hacker or informed nerd with hours to kill can probably crack it but that is like saying that a professional locksmith can break into your car if he had the time and equipment but it keeps the average person out.
Like I change the defaults, turned off ad hoc file sharing, enabled WEP encryption, enabled MAC address filtering and stopped broadcasting the SSID. Netgear has a pretty simple guide to Wifi security(link goes to a PDF).
I am actually now holding my notebook up to her bathroom window to connect to the network.
N00bz! I 0Wnz J00!
Jake at January 7, 2004 
WebDev
Trackback Pings
TrackBack URL for this entry:
http://www.8bitjoystick.com/cgi-bin/mtype/mt-tb.cgi/492
Comments
Doing a site survey in my apartment building, I can see 4 WiFi access points (including my own). Only one other person even bothered to change the default SSID for their WAP, and even they didn't use any WEP.
When I originally got my wireless router, I'll be honest, I didn't secure it. I eventually discovered that someone in my building was trying to access my network and few malitious attacks were made (actually from outside the network, but an attack none-the-less) on my file server I thought it prudent to lock down my network. I changed the default SSID, enabled 128-bit WEP and turned on MAC address level filtering. Then from the outside I locked down services on my Linux box to a known set of friendly IPs and changed over all file sharing to user-based as apposed to ad hoc.
The problem is, the things I did are non-trivial for the vast majority of people who are buying WAPs these days. They're making it easier for people to set them up, but they're also making it easier for black hat hackers to take advantage of them.
Posted by: Bob at January 8, 2004 6:11 AM
I had a breif conversation about this issue last year with Cory Doctorow. The subject was slightly different, but it's worth a read I think...
Posted by: Dan at January 8, 2004 6:39 AM
Good post regarding wifi security. I recently got a wireless router and I was a bit disappointed the router offered WPA + WEP but the wireless nic adapter did not offer WPA. Kind of strange in my mind.. but oh well :)
Posted by: wuji at January 8, 2004 6:39 AM
A lot of people don't realize how easy it is to get on to unsecured WiFi networks or access someone's PC if they have a WiFi card and AdHoc on.
At E3 a friend of mine started browsing the vacation photos of someone a few tables over because he had a WiFi card with zero security. It was funny, but it just goes to show how unsecured it is if you're not careful.
Posted by: jason at January 8, 2004 7:15 AM
I just wanted to add that Boing Boing recently posted stating that turning off the broadcast of SSID is not a good idea.
http://boingboing.net/2003_12_01_archive.html#107111273828130629
Posted by: Richard at January 8, 2004 12:54 PM
Interesting I will read that and reconsider it
Posted by: Jake at January 8, 2004 1:04 PM
Preaching to the crowd. I am a professional network locksmith and am often shocked how weak people's wireless security is. I could tell you horror stories that would make your toes curl. And yeah, I got a nice shotgun Yagi on my Kismet sensor array. But rarely do I even need that to see some very sensitive info flying around.
If anyone's interested in a good overview of WiFi security, my boss wrote this whitepaper:
http://www.ja.net/development/network_access/wireless/wag/2098324_1214_ENG_A_EFUL_1420.pdf
Posted by: Dunsany at January 8, 2004 5:38 PM
http://airsnort.shmoo.com/ for wep
http://www.klcconsulting.net/smac/ for mac filters
http://www.turnpoint.net/wireless/cantennahowto.html home brew waveguid antenna to extend the range
now what were you saying was secure about any of this???
Posted by: shawn at January 11, 2004 11:16 AM
Sure shawn I will give you 20 bucks if you can find and crack my WiFi network
Posted by: Jake at January 11, 2004 11:24 AM
I personally have not tried airsnort yet but it would be interesting to give it a shot.
Posted by: shawn at January 11, 2004 11:27 AM
