Wireless security is a major concern for everyone. At least it should be. There are a lot of people out there in the world who think that it is impossible to crack
their wireless network. In my personal belief I think it is because they don't consider the fact that the airspace around them isn't really "theirs". It's public property. But I digress and flood
. I've been wardriving
a few times, and I'm surprised by how many open networks there are. If your network is not encrypted by something like WPA
or at the very least, WEP
, anyone can get in. Here are a few myths about wireless security that everyone should know about:
- Turning off SSID broadcasting hides your network
WRONG. WIFI packets are just a regular ethernet frame wrapped up inside a WIFI burst. How does a different wireless AP discern between which packets are aimed at it (WIFI isn't directional, it is a spherical broadcast region)? It looks at the burst from your client for its ESSID. If some other client receives this burst (It's going through the air in all directions) what prevents it from looking at what ESSID is in the packet?
- Changing the router password should do it
WRONG AGAIN. This only keeps me from changing your IP settings and whatnot. If I want free internet, why would I want you to know that I'm borrowing it? The worst that could happen is that I end up encrypting your wifi so that only I can use it. But thats what the reset button is for.
- You still can't get my IP settings unless I tell you.
Not too commonly heard, but WRONG nonetheless. Within that packet that I got your ESSID from there is certainly a IP packet in there. There are only 3 groups of non-routable IPv4 addresses in the universe. If you pick any address from one of those groups, I can instantly know what IPs I can pick from.
- If I only allow access to my laptop's MAC address, then my security is bulletproof!
STILL WRONG. Once again, let us go back to that example of how I got your SSID. Inside the ethernet packet is your wireless card's MAC address. If every device needs a different address, then that must mean that there is some way to change it, right? On linux it's as easy as pie.
Now that thats settled, pick some form of encryption. WEP is easily crackable (but only if the hacker receives about 1 million packets (Which can take anywhere from 3 minutes to a day)) so go for WPA. It takes vigilance to make a wireless network secure. An unsecured wireless access point is like cutting off the skin on your palms and rubbing them all over a prostitute. Not a good idea.
If encryption is not an option, there is another way (albeit roundabout and depending on the user, harder to accomplish). First, block most ports that provide direct internet access. Then, set up a proxy server through which authentication is required to access the internet. I encounter this, and I give up because I really don't want to waste my time finding your passphrase. I can just go to your neighbor's house and steal his internet.