The Weakness of Wireless Networks
Content
The Weakness of Wireless Networks
Andysah Putera Utama Siahaan, Eko Hariyanto
Universitas Sumatra Utara Jl. Dr. Mansur No. 9, Medan, Sumatra Utara, Indonesia
[email protected], [email protected]
Abstract— Security issues are very important in computer networks, especially in wireless networks. The presence of many vendors of wireless products serving a variety of products at affordable prices contributes to drive widespread the use of wireless technology. Wireless technology is not only suitable for use in office or business users but home users can also use this technology to make the connectivity easier. This paper is intended to provide information on threats and the easy way to secure wireless network. As we know, the wireless technology is relatively more vulnerable to security problems. Keywords— Wireless, Network, Threat, Computer, Security. I. INTRODUCTION
Regular insecure internet protocols are usually not protected against eavesdropping attacks because they transmit information unencrypted. Sensitive information transmitted in clear text, such as usernames and passwords, is especially vulnerable to eavesdropping attacks. The best defence against eavesdropping/sniffing is the use of secure network protocols which use encryption to protect confidentiality. Examples of such protocols include Secure Shell (SSH), Secure Sockets Layer/Transport Layer Security, and Encapsulating Security Payload (ESP, part of the IP Security Architecture - IPSEC). B. Distributed Denial of Service Attack. A distributed denial-of-service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users. In a typical DDoS attack, a hacker (or, if we prefer, cracker) begins by exploiting a vulnerability in one computer system and making it the DDoS master. It is from the master system that the intruder identifies and communicates with other systems that can be compromised. The intruder loads cracking tools available on the Internet on multiple -- sometimes thousands of -compromised systems. With a single command, the intruder instructs the controlled machines to launch one of many flood attacks against a specified target. The inundation of packets to the target causes a denial of service. While the press tends to focus on the target of DDoS attacks as the victim, in reality there are many victims in a DDoS attack -- the final target and as well the systems controlled by the intruder. Although the owners of co-opted computers are typically unaware that their computers have been compromised, they are nevertheless likely to suffer degradation of service and malfunction. Both owners and users of targeted sites are affected by a denial of service. Yahoo, Buy.com, RIAA and the United States Copyright Office are among the victims of DDoS attacks. DDoS attacks can also create more widespread disruption. In October 2010, for example, a massive DDoS attack took the entire country of Myanmar offline. A computer under the control of an intruder is known as a zombie or bot. A group of co-opted computers is known as a botnet or a zombie army. Both Kaspersky Labs and Symantec have identified botnets -- not spam, viruses, or worms -- as the biggest threat to Internet security.
As the name implies, wireless technology uses radio waves as a means of data transmission. Security process will become more difficult because we cannot see which radio waves are used for data transmission. The weakness of wireless networks can generally be divided into two types, such as the weakness on the configuration and the weakness on the type of encryption used. One of the examples of the causes of weakness in the configuration is because at this time to build a wireless network quite easy. It means when people do the defence easily, it can be attacked easily too. Many vendors provide features that allow users or admins to maintain the configuration easily. So we often found in wireless networks that they are still using the default built-vendor wireless configuration. The admin who configurates the wireless network is still using the default settings from the vendors such as SSID, IP address, remote management, DHCP, and the frequency without any encryption and even the password for the wireless administration is still the standard factory default. II. SECURITY GAP Many the users of wireless connections don’t realize the danger which is available when they are connected to wireless access point (WAP) such as WLAN signals can be infiltrated by hackers. Some of these threats can be a threat in wireless networks, such as: A. Sniffing to Eavesdrop. To eavesdrop is to secretly listen to private communications. Eavesdropping is a passive attack which affects confidentiality of information. Network eavesdropping involves reading packets which are not addressed to us. Eavesdropping is usually used with other, active, attacks.
C. Man-in-the-middle Attack. Internet connections can be attacked in various ways. A general type of attack is called ―Man-in–the-middle‖. The idea behind this attack is to get in between the sender and the recipient, access the traffic, modify it and forward it to the recipient. The term ―Man-in-the-middle‖ have been used in the context of computer security since at least 1994, Some different variants of this kind of attack exist, but a general definition of a man-in-the-middle attack may be described as a ― Computer security breach in which a malicious user intercepts — and possibly alters — data traveling along a network".
Fig. 2 - Kismet Testing
III. SECURING THE WIRELESS NETWORKS An unsecured wireless network is an open invitation to hackers to walk right in to our computer and steal personal information, upload malware onto our computer, and otherwise terrorize us. A. Changing Administrator Password and Username. After we've taken the wifi router out of the box and started the setup process, we will be asked to sign on to a specific Web page and are required to enter information such as our network address and account information. In theory, this Wifi setup page is protected with a login screen (username and password). The Problem: Though the username and password are intended to allow only us to get access to the Wifi setup and the personal information we have entered, the fact remains that the logins provided are usually given to everyone with the same model router, and because most people never change them, they remain an easy target for hackers and identity thieves. In fact, there are sites that list the default usernames and passwords for wireless routers, making a hackers job even easier. The Solution: Change the username and password for the Wifi setup immediately after the first login. And if we are going to spend the time changing our password, make sure it is difficult to guess. Name, birth date, anniversary date, child's name, spouse's name, or pet's name are going to be among the hacker's first guesses. And because many hackers use a technique called 'dictionary hacking,' (running a program that tries common English words as passwords) we should make sure that our password isn't just a common English word, but rather is a combination of letters and numbers.
Fig. 1 - Man-in-the-middle Attack
D. Hidden SSID. Many administrators conceal the wireless network SSID with the intention that only those who know the SSID can connect to their networks This is not true, because the hidden SSID is not perfectly unseen. At certain times or in particular when the client connects to or disconnects from a wireless network, the client itself keeps sending the SSID in encrypted plain text. If we want to eavesdrop, we can easily discover the information we want. Some tools that can be used to get the SSOD which is hidden are kismet (kisMAC), ssid_jack (airjack), aircrack and much more.
B. Upgrading the Wifi Encryption. If the information sent back and forth over Wifi network isn't adequately encrypted, a hacker can easily tap into the network and monitor the activity. When we type personal or financial information into a Web site, that hacker can then steal that information and use it to steal our identity. The old encryption standard Wired Equivalent Privacy (WEP) can be hacked within 30 seconds, no matter the complexity of the passphrase we use to protect it. Unfortunately, millions of Wifi users are still using WEP encryption technology to encrypt their information, despite the availability of the vastly superior WPA2 encryption standard. The Problem: Despite the superior encryption protection that WPA2 provides, most Wifi home users have failed to upgrade their protection because they were unaware of the problem, or simply felt overwhelmed by the technical prospects of upgrading. As a result, many continue to use WEP encryption, which is now so simple to hack that it is widely regarded as little better than no encryption at all. The Solution: The solution, of course, is to upgrade the Wifi encryption to WPA2. But before adding WPA2 protection, we will have to complete a few steps in order to update the computer. The first step is to download and install Microsoft's WPA2 hotfix for Windows XP. We will also likely need to update the wireless card driver. These updates, if needed, will be listed in Microsoft's Windows Update page under the subheading "Hardware Optional". Now that the computer and wireless card are up to date, we will need to log into the router's administration page through web browser. Once signed in, change the security settings to "WPA2 Personal" and select the algorithm "TKIP+AES". Finally, enter the password into the "Shared Key" field and save the changes. C. Changing the Default System ID. When we got our Linksys or D-Link router home from the store and set it up, it came with a default system ID called the SSID (Service Set Identifier) or ESSID (Extended Service Set Identifier). This ID is also commonly referred to as the name of our Wifi setup. The Problem: Usually, manufacturers assign identical SSID sets to their devices, and 80 percent of Wifi home users leave their system on the default setting. So that means that 80 percent of homes have Wifi systems titled, "Default" or "LinkSys" or whatever our provider sets as the default name. The problem with these default settings is that they serve as strong signals to hackers who have been known to just cruise neighborhoods looking for Wifi networks with default names to hack into. Though knowing the SSID does not allow anyone to break into our network, it usually indicates that the
person hasn't taken any steps to protect their network, thus these networks are the most common targets. The Solution: Change the default SSID immediately when we configure our LAN. This may not completely offer any protection as to who gains access to our network, but configuring our SSID to something personal, e.g. "The Smith House Wifi Network", will differentiate us from other unprotected networks, and discourage hackers from targeting us. As an added bonus, having a Wifi network with a unique name also means that neither we or our family will make the mistake of connecting through a neighbor's Wifi network, and thus exposing our computers through their unprotected setup. D. MAC Address Filtering. If we've had an unsecured Wifi setup in our home in the past, we can be fairly certain that at least one of our neighbors is mooching off our Wifi to connect to the Internet. While everyone loves a friendly neighbor, providing an easy resource for others to steal Internet access is morally and legally questionable, but even scarier is the harm those moochers can do to our computer. In order to check who has been using our network, we'll need to check the MAC address. Every wifi gadget is assigned a unique code that identifies it called the "physical address" or "MAC address." Our wifi system automatically records the MAC addresses of all devices that connect to them. But busting our Internet-stealing neighbors isn't all that MAC addresses are good for, they can actually be a great help in securing our WLAN. The Problem: We are not sure who or what is accessing and endangering our wifi network, and once we find out that someone or something is mooching off our network, we want to stop them. But how? The Solution: Checking the MAC address long for our wifi network will give us a quick view of all the devices accessing our network. Anything that isn't ours, we will want to keep out. To do this, we will need to manually key in the MAC addresses of our home equipment. This way, the network will allow connections only from these devices, so our mooching neighbors will be out of luck. Caution: This feature is not as powerful as it may seem. While it will stop our average neighborhood moocher or amateur hacker, professional hackers use advanced software programs to fake MAC addresses. E. Stop Publicly Broadcasting the Network. By now we've renamed the wifi so that hackers won't see the default name as they sweep for unprotected wifi setups. But wouldn't it be even better if hackers and curious neighbors didn't know we had a wifi setup at all? Usually, the access point or router is programmed to broadcast the network name
(SSID) over the air at regular intervals. While broadcasting is essential for businesses and mobile hotspots to let people find the network, it isn't needed at home, so eliminate it. The Problem:Why broadcast to the world that we have a wireless connection? We already know it; why do strangers need to know? For most personal uses, we are better off without this feature, because it increases the likelihood of an unwelcome neighbor or hacker trying to log in to our home network. The broadcast works like an invitation to the hackers who're searching for just that opportunity. The Solution: Most wifi access points allow the SSID broadcast feature to be disabled by the network administrator. If we are using a router, we have to set the SSID hidden or disable the SSID broadcasting. Otherwise, we will need to check the mane352ual for our hardware for specific instructions on how to disable broadcasting for our router. F. Auto-Connect to Open Wifi Networks. Most computers provide a wifi setting that will configure the computer to automatically connect to any open wifi network without notifying us. While this setting isn't the default, many individuals select the setting because it makes connecting faster when we are traveling, or connecting at a friend's house. Even more common, is to have selected 'connect automatically' to networks that we regularly connect to. Again, this makes sense, as most people do not want to have to manually type in the name of their wireless network and the password each time they want to sign in at home. Unfortunately, both wifi setups can cause major security problems. The Problem: If we connect to every available wifi network automatically, we will inevitably end up connecting to dummy wifi networks designed specifically to catch unsuspecting users and hack their computers. Similarly, if we automatically connect to the regular wifi networks (meaning we don't manually type in the network name and password every time) then we may be setting theself up for a security breach. That is because 80 percent of wifi users have not changed the name of their wireless connection. Therefore, it is very easy for a hacker to create a dummy network entitled "Linksys" or "Default", then sit back and watch 80 percent of computers automatically connect to the network since it has a 'trusted' name. The Solution: Never select the 'connect to available wifi networks automatically' setup option under the Network Connections window. If we don't want to have to manually type in the name and password to the wifi connection each time we sign in (the safest option), at least make sure that we have named the wifi connection something unique, and that we eliminate all generic titled networks from our 'preferred networks' list. That way, we won't get automatically
connected to dummy wifi networks setup by hackers and given the names, "Default" or "Linksys". G. Using A Built-in Firewall. The IT security needs to use a layered approach. While no single layer of the security is enough to withstand every attack, adding layers to the security will help ensure that spyware and malware are kept out. Two important security layers are the router firewall and the individual PC's firewall. The Problem: Routers come with built-in firewall capability. However, since there is an option to disable them, they can often be accidentally turned off by someone toggling options. The Solution: Ensure that the router's firewall is enabled, along with related built in security featured which block anonymous internet requests or pings. This extra step will help hide the network's presence to the internet, and thus help protect the network. After all, it's harder for hackers to infiltrate what they can't find. H. Positioning of the Router or Access Point. Wifi signals don't know where the house ends and where the neighbor's begins. This wifi signal leakage gives hackers and neighbors the opportunity to find the wireless network and attempt to access it. The Problem: While a small amount of overflow outdoors is not a problem, it is important to keep this leakage to a minimum. This is important because the further the signal reaches into the neighborhood, the easier it is for others to detect and exploit. The Solution: If we haven't yet installed the wireless home network, make sure to position the router or access point in the center of the home rather than near windows or doors. If we live in an apartment, consider that a wifi network is restricted in part based upon the materials that it must pass through, the more walls, doors, and metal the signal passes through, the weaker it is. So if the goal is to reduce leakage, we might consider mounting the wifi in a closet in order to reduce signal strength. I. Turning Off the Network. Most of us know that it is impractical to constantly turn devices on and off. Having a wifi connection is in large part a device of convenience, and having to turn it off every time we aren't using it, eliminates much of that convenience. Unfortunately, a wifi connection is vulnerable when it is on; therefore shutting off the wireless signal when not in use would be a huge boon to its security.
The Problem: There is an inherent tension between convenience and security in deciding whether to turn off a wireless access point between connections. The Solution: Just as we take extra home security measures when taking a vacation, like asking the neighbors to pick up the mail and leaving a light on, so also should we take extra wifi security measures when the network will not be in use for expended periods of time. Shutting down the network is a basic but effective security measure that can protect the network when we are not around to protect it, and hackers may take the opportunity to mount their attack. J. Putting the Improvements to the Test. Now that we've made all these changes to the wifi setup, it would be nice to know that we are secure. Unfortunately, the only surefire test for how secure we are is to wait to see if we get hacked. Trial by fire is no way to test the security, however, so thankfully there is a program to help audit the wifi security. The Problem: There is no way for the average home wifi user to know if the changes they made to upgrade their wireless security will really prove successful in keeping them safe. The Solution: The Netstumbler utility, by Marius Milner will both determine the network's vulnerabilities and unauthorized access points. In addition to these security concerns, the downloadable program will also reveal the sources of network interference and weak signal strength, so that we can improve the strength of the wifi signal. Netstumbler is free for download, although the author asks that those who find the tool helpful make a donation to support the creation of future utilities. Part of the problem of unsecured wireless networks can be traced back to the manufacturers. Most retail WiFi products are shipped with all security options turned off by default. Since they work fine out of the box, many users may not feel a need to look more into the setup options. However, all such devices come with pretty good instructions and there is no excuse for not reading the product manual. An unencrypted wireless network is not just a security risk to the owner of the network, but potentially to everyone else on the Internet. Once someone has anonymous access to a wireless network, they can do whatever they want on the Web with total anonymity. Do ourself and our fellow Net citizens a favor and take the steps to secure our network. V. CONCLUSION This article should serve as a basic primer on how to secure wireless networks from the wide array of threats that face it, but it is important to keep in mind that no single article can cover completely every security measure which can be used to strengthen wifi system. Consequently, we have left off from
this list a wide variety of other valid security measures such as; limiting intra-network file sharing, changing the default IP address of our wireless router, assigning a static IP address to each of our PC's, disabling the DMZ and Remote Management features, along with a host of indirectly related but nonetheless necessary measures such as installing a PC firewall, anti-virus software, anti-malware software, patch updates and so on. Despite these intentional omissions, following the 10 steps outlined in this article will take the average user a long way along the path of wireless security and ensure that we and our family are able to enjoy the convenience of our wifi system without compromising our PC's security. . REFERENCES
Mitch Tulloc, Understanding Microsoft Virtualization Sokutions, 2nd ed., Redmond, Washington 98052-6399, 2010. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specification, IEEE Std. 802.11, 1997. Charlie Russel and Craig Zacker, Lunderstanding Windows Server 2008 R2 , 2nd ed., Redmond, Washington 98052-6399, 2010. Bernard Golden, Virtualization For Dummies, 2nd ed., Wiley Publishing, Inc, 2009. Jim, Jr. Smith, Ravi Nair, James E. Smith, Heath Potter, Virtual Machines: Versatile Platforms For Systems And Processes, Morga n Kaufmann Publishers, May 2005 daemon9, route, infinity, IP-Spoofing Demystified, Phreak Magazine, Vol.7, Issue 48, File 14 (1996). R. T. Morris, A Weakness in the 4.2BSD UNIX TCP/IP Software, Computing Science Technical Report 117, AT&T Laboratories (1985). V. Paxson, S. Floyd, Wide-Area Traffic: The Failure of Poisson Modeling, IEEE/ACM Transactions on Networking, 3 (3) (1994) pp. 226-244. V. Paxson, S. Floyd, Why We Don’t Know How to Simulate The Internet, Proceedings of the 1997 Winter Simulation Conference, Atlanta, GA (1997). P. A. Porras, A. Valdes, Live Traffic Analysis of TCP/IP Gateways, Proceedings of the Internet Society Symposium on Network and Distributed System Security (March 1998). J. Postel, editor, Internet Protocol, RFC791 (1981). J. Postel, editor, Tranmission Control Protocol, RFC793 (1981). C. L. Schuba et al, Analysis of a Denial of Service Attack on TCP, IEEE Symposium on Security and Privacy (1997). W. R. Stevens, TCP/IP Illustrated, Volume 1, The Protocols , Professional Computing Series, Addison Wesley (1994). W. R. Stevens, TCP/IP Illustrated, Volume 3, TCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols, Professional Computing Series, Addison Wesley (1994). Computer Emergency Response Team, TCP SYN Flooding and IP Spoofing Attacks, CERT Advisory: CA 96-21 (September 1996). C.P.S.T. Ltd., TCP SYN Flooding Attack and the Firewall-1 SYNDefender (October 1996). L. S. Laboratories, Livermore Software Lab. Announces Defense against SYN Flooding Attacks (October 1996). SUN Microsystems, SUN’s TCP SYN Flooding Solutions, SUN Microsystems Security Bulletin: #00136 (October 1996). D. Mills, Internet Delay Experiments, RFC 889 (1983). Internet Traffic Archive, data available at URL: http://ita.ee.lbl.gov http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci557336,00.ht ml
Andysah Putera Utama Siahaan, Eko Hariyanto
Universitas Sumatra Utara Jl. Dr. Mansur No. 9, Medan, Sumatra Utara, Indonesia
[email protected], [email protected]
Abstract— Security issues are very important in computer networks, especially in wireless networks. The presence of many vendors of wireless products serving a variety of products at affordable prices contributes to drive widespread the use of wireless technology. Wireless technology is not only suitable for use in office or business users but home users can also use this technology to make the connectivity easier. This paper is intended to provide information on threats and the easy way to secure wireless network. As we know, the wireless technology is relatively more vulnerable to security problems. Keywords— Wireless, Network, Threat, Computer, Security. I. INTRODUCTION
Regular insecure internet protocols are usually not protected against eavesdropping attacks because they transmit information unencrypted. Sensitive information transmitted in clear text, such as usernames and passwords, is especially vulnerable to eavesdropping attacks. The best defence against eavesdropping/sniffing is the use of secure network protocols which use encryption to protect confidentiality. Examples of such protocols include Secure Shell (SSH), Secure Sockets Layer/Transport Layer Security, and Encapsulating Security Payload (ESP, part of the IP Security Architecture - IPSEC). B. Distributed Denial of Service Attack. A distributed denial-of-service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users. In a typical DDoS attack, a hacker (or, if we prefer, cracker) begins by exploiting a vulnerability in one computer system and making it the DDoS master. It is from the master system that the intruder identifies and communicates with other systems that can be compromised. The intruder loads cracking tools available on the Internet on multiple -- sometimes thousands of -compromised systems. With a single command, the intruder instructs the controlled machines to launch one of many flood attacks against a specified target. The inundation of packets to the target causes a denial of service. While the press tends to focus on the target of DDoS attacks as the victim, in reality there are many victims in a DDoS attack -- the final target and as well the systems controlled by the intruder. Although the owners of co-opted computers are typically unaware that their computers have been compromised, they are nevertheless likely to suffer degradation of service and malfunction. Both owners and users of targeted sites are affected by a denial of service. Yahoo, Buy.com, RIAA and the United States Copyright Office are among the victims of DDoS attacks. DDoS attacks can also create more widespread disruption. In October 2010, for example, a massive DDoS attack took the entire country of Myanmar offline. A computer under the control of an intruder is known as a zombie or bot. A group of co-opted computers is known as a botnet or a zombie army. Both Kaspersky Labs and Symantec have identified botnets -- not spam, viruses, or worms -- as the biggest threat to Internet security.
As the name implies, wireless technology uses radio waves as a means of data transmission. Security process will become more difficult because we cannot see which radio waves are used for data transmission. The weakness of wireless networks can generally be divided into two types, such as the weakness on the configuration and the weakness on the type of encryption used. One of the examples of the causes of weakness in the configuration is because at this time to build a wireless network quite easy. It means when people do the defence easily, it can be attacked easily too. Many vendors provide features that allow users or admins to maintain the configuration easily. So we often found in wireless networks that they are still using the default built-vendor wireless configuration. The admin who configurates the wireless network is still using the default settings from the vendors such as SSID, IP address, remote management, DHCP, and the frequency without any encryption and even the password for the wireless administration is still the standard factory default. II. SECURITY GAP Many the users of wireless connections don’t realize the danger which is available when they are connected to wireless access point (WAP) such as WLAN signals can be infiltrated by hackers. Some of these threats can be a threat in wireless networks, such as: A. Sniffing to Eavesdrop. To eavesdrop is to secretly listen to private communications. Eavesdropping is a passive attack which affects confidentiality of information. Network eavesdropping involves reading packets which are not addressed to us. Eavesdropping is usually used with other, active, attacks.
C. Man-in-the-middle Attack. Internet connections can be attacked in various ways. A general type of attack is called ―Man-in–the-middle‖. The idea behind this attack is to get in between the sender and the recipient, access the traffic, modify it and forward it to the recipient. The term ―Man-in-the-middle‖ have been used in the context of computer security since at least 1994, Some different variants of this kind of attack exist, but a general definition of a man-in-the-middle attack may be described as a ― Computer security breach in which a malicious user intercepts — and possibly alters — data traveling along a network".
Fig. 2 - Kismet Testing
III. SECURING THE WIRELESS NETWORKS An unsecured wireless network is an open invitation to hackers to walk right in to our computer and steal personal information, upload malware onto our computer, and otherwise terrorize us. A. Changing Administrator Password and Username. After we've taken the wifi router out of the box and started the setup process, we will be asked to sign on to a specific Web page and are required to enter information such as our network address and account information. In theory, this Wifi setup page is protected with a login screen (username and password). The Problem: Though the username and password are intended to allow only us to get access to the Wifi setup and the personal information we have entered, the fact remains that the logins provided are usually given to everyone with the same model router, and because most people never change them, they remain an easy target for hackers and identity thieves. In fact, there are sites that list the default usernames and passwords for wireless routers, making a hackers job even easier. The Solution: Change the username and password for the Wifi setup immediately after the first login. And if we are going to spend the time changing our password, make sure it is difficult to guess. Name, birth date, anniversary date, child's name, spouse's name, or pet's name are going to be among the hacker's first guesses. And because many hackers use a technique called 'dictionary hacking,' (running a program that tries common English words as passwords) we should make sure that our password isn't just a common English word, but rather is a combination of letters and numbers.
Fig. 1 - Man-in-the-middle Attack
D. Hidden SSID. Many administrators conceal the wireless network SSID with the intention that only those who know the SSID can connect to their networks This is not true, because the hidden SSID is not perfectly unseen. At certain times or in particular when the client connects to or disconnects from a wireless network, the client itself keeps sending the SSID in encrypted plain text. If we want to eavesdrop, we can easily discover the information we want. Some tools that can be used to get the SSOD which is hidden are kismet (kisMAC), ssid_jack (airjack), aircrack and much more.
B. Upgrading the Wifi Encryption. If the information sent back and forth over Wifi network isn't adequately encrypted, a hacker can easily tap into the network and monitor the activity. When we type personal or financial information into a Web site, that hacker can then steal that information and use it to steal our identity. The old encryption standard Wired Equivalent Privacy (WEP) can be hacked within 30 seconds, no matter the complexity of the passphrase we use to protect it. Unfortunately, millions of Wifi users are still using WEP encryption technology to encrypt their information, despite the availability of the vastly superior WPA2 encryption standard. The Problem: Despite the superior encryption protection that WPA2 provides, most Wifi home users have failed to upgrade their protection because they were unaware of the problem, or simply felt overwhelmed by the technical prospects of upgrading. As a result, many continue to use WEP encryption, which is now so simple to hack that it is widely regarded as little better than no encryption at all. The Solution: The solution, of course, is to upgrade the Wifi encryption to WPA2. But before adding WPA2 protection, we will have to complete a few steps in order to update the computer. The first step is to download and install Microsoft's WPA2 hotfix for Windows XP. We will also likely need to update the wireless card driver. These updates, if needed, will be listed in Microsoft's Windows Update page under the subheading "Hardware Optional". Now that the computer and wireless card are up to date, we will need to log into the router's administration page through web browser. Once signed in, change the security settings to "WPA2 Personal" and select the algorithm "TKIP+AES". Finally, enter the password into the "Shared Key" field and save the changes. C. Changing the Default System ID. When we got our Linksys or D-Link router home from the store and set it up, it came with a default system ID called the SSID (Service Set Identifier) or ESSID (Extended Service Set Identifier). This ID is also commonly referred to as the name of our Wifi setup. The Problem: Usually, manufacturers assign identical SSID sets to their devices, and 80 percent of Wifi home users leave their system on the default setting. So that means that 80 percent of homes have Wifi systems titled, "Default" or "LinkSys" or whatever our provider sets as the default name. The problem with these default settings is that they serve as strong signals to hackers who have been known to just cruise neighborhoods looking for Wifi networks with default names to hack into. Though knowing the SSID does not allow anyone to break into our network, it usually indicates that the
person hasn't taken any steps to protect their network, thus these networks are the most common targets. The Solution: Change the default SSID immediately when we configure our LAN. This may not completely offer any protection as to who gains access to our network, but configuring our SSID to something personal, e.g. "The Smith House Wifi Network", will differentiate us from other unprotected networks, and discourage hackers from targeting us. As an added bonus, having a Wifi network with a unique name also means that neither we or our family will make the mistake of connecting through a neighbor's Wifi network, and thus exposing our computers through their unprotected setup. D. MAC Address Filtering. If we've had an unsecured Wifi setup in our home in the past, we can be fairly certain that at least one of our neighbors is mooching off our Wifi to connect to the Internet. While everyone loves a friendly neighbor, providing an easy resource for others to steal Internet access is morally and legally questionable, but even scarier is the harm those moochers can do to our computer. In order to check who has been using our network, we'll need to check the MAC address. Every wifi gadget is assigned a unique code that identifies it called the "physical address" or "MAC address." Our wifi system automatically records the MAC addresses of all devices that connect to them. But busting our Internet-stealing neighbors isn't all that MAC addresses are good for, they can actually be a great help in securing our WLAN. The Problem: We are not sure who or what is accessing and endangering our wifi network, and once we find out that someone or something is mooching off our network, we want to stop them. But how? The Solution: Checking the MAC address long for our wifi network will give us a quick view of all the devices accessing our network. Anything that isn't ours, we will want to keep out. To do this, we will need to manually key in the MAC addresses of our home equipment. This way, the network will allow connections only from these devices, so our mooching neighbors will be out of luck. Caution: This feature is not as powerful as it may seem. While it will stop our average neighborhood moocher or amateur hacker, professional hackers use advanced software programs to fake MAC addresses. E. Stop Publicly Broadcasting the Network. By now we've renamed the wifi so that hackers won't see the default name as they sweep for unprotected wifi setups. But wouldn't it be even better if hackers and curious neighbors didn't know we had a wifi setup at all? Usually, the access point or router is programmed to broadcast the network name
(SSID) over the air at regular intervals. While broadcasting is essential for businesses and mobile hotspots to let people find the network, it isn't needed at home, so eliminate it. The Problem:Why broadcast to the world that we have a wireless connection? We already know it; why do strangers need to know? For most personal uses, we are better off without this feature, because it increases the likelihood of an unwelcome neighbor or hacker trying to log in to our home network. The broadcast works like an invitation to the hackers who're searching for just that opportunity. The Solution: Most wifi access points allow the SSID broadcast feature to be disabled by the network administrator. If we are using a router, we have to set the SSID hidden or disable the SSID broadcasting. Otherwise, we will need to check the mane352ual for our hardware for specific instructions on how to disable broadcasting for our router. F. Auto-Connect to Open Wifi Networks. Most computers provide a wifi setting that will configure the computer to automatically connect to any open wifi network without notifying us. While this setting isn't the default, many individuals select the setting because it makes connecting faster when we are traveling, or connecting at a friend's house. Even more common, is to have selected 'connect automatically' to networks that we regularly connect to. Again, this makes sense, as most people do not want to have to manually type in the name of their wireless network and the password each time they want to sign in at home. Unfortunately, both wifi setups can cause major security problems. The Problem: If we connect to every available wifi network automatically, we will inevitably end up connecting to dummy wifi networks designed specifically to catch unsuspecting users and hack their computers. Similarly, if we automatically connect to the regular wifi networks (meaning we don't manually type in the network name and password every time) then we may be setting theself up for a security breach. That is because 80 percent of wifi users have not changed the name of their wireless connection. Therefore, it is very easy for a hacker to create a dummy network entitled "Linksys" or "Default", then sit back and watch 80 percent of computers automatically connect to the network since it has a 'trusted' name. The Solution: Never select the 'connect to available wifi networks automatically' setup option under the Network Connections window. If we don't want to have to manually type in the name and password to the wifi connection each time we sign in (the safest option), at least make sure that we have named the wifi connection something unique, and that we eliminate all generic titled networks from our 'preferred networks' list. That way, we won't get automatically
connected to dummy wifi networks setup by hackers and given the names, "Default" or "Linksys". G. Using A Built-in Firewall. The IT security needs to use a layered approach. While no single layer of the security is enough to withstand every attack, adding layers to the security will help ensure that spyware and malware are kept out. Two important security layers are the router firewall and the individual PC's firewall. The Problem: Routers come with built-in firewall capability. However, since there is an option to disable them, they can often be accidentally turned off by someone toggling options. The Solution: Ensure that the router's firewall is enabled, along with related built in security featured which block anonymous internet requests or pings. This extra step will help hide the network's presence to the internet, and thus help protect the network. After all, it's harder for hackers to infiltrate what they can't find. H. Positioning of the Router or Access Point. Wifi signals don't know where the house ends and where the neighbor's begins. This wifi signal leakage gives hackers and neighbors the opportunity to find the wireless network and attempt to access it. The Problem: While a small amount of overflow outdoors is not a problem, it is important to keep this leakage to a minimum. This is important because the further the signal reaches into the neighborhood, the easier it is for others to detect and exploit. The Solution: If we haven't yet installed the wireless home network, make sure to position the router or access point in the center of the home rather than near windows or doors. If we live in an apartment, consider that a wifi network is restricted in part based upon the materials that it must pass through, the more walls, doors, and metal the signal passes through, the weaker it is. So if the goal is to reduce leakage, we might consider mounting the wifi in a closet in order to reduce signal strength. I. Turning Off the Network. Most of us know that it is impractical to constantly turn devices on and off. Having a wifi connection is in large part a device of convenience, and having to turn it off every time we aren't using it, eliminates much of that convenience. Unfortunately, a wifi connection is vulnerable when it is on; therefore shutting off the wireless signal when not in use would be a huge boon to its security.
The Problem: There is an inherent tension between convenience and security in deciding whether to turn off a wireless access point between connections. The Solution: Just as we take extra home security measures when taking a vacation, like asking the neighbors to pick up the mail and leaving a light on, so also should we take extra wifi security measures when the network will not be in use for expended periods of time. Shutting down the network is a basic but effective security measure that can protect the network when we are not around to protect it, and hackers may take the opportunity to mount their attack. J. Putting the Improvements to the Test. Now that we've made all these changes to the wifi setup, it would be nice to know that we are secure. Unfortunately, the only surefire test for how secure we are is to wait to see if we get hacked. Trial by fire is no way to test the security, however, so thankfully there is a program to help audit the wifi security. The Problem: There is no way for the average home wifi user to know if the changes they made to upgrade their wireless security will really prove successful in keeping them safe. The Solution: The Netstumbler utility, by Marius Milner will both determine the network's vulnerabilities and unauthorized access points. In addition to these security concerns, the downloadable program will also reveal the sources of network interference and weak signal strength, so that we can improve the strength of the wifi signal. Netstumbler is free for download, although the author asks that those who find the tool helpful make a donation to support the creation of future utilities. Part of the problem of unsecured wireless networks can be traced back to the manufacturers. Most retail WiFi products are shipped with all security options turned off by default. Since they work fine out of the box, many users may not feel a need to look more into the setup options. However, all such devices come with pretty good instructions and there is no excuse for not reading the product manual. An unencrypted wireless network is not just a security risk to the owner of the network, but potentially to everyone else on the Internet. Once someone has anonymous access to a wireless network, they can do whatever they want on the Web with total anonymity. Do ourself and our fellow Net citizens a favor and take the steps to secure our network. V. CONCLUSION This article should serve as a basic primer on how to secure wireless networks from the wide array of threats that face it, but it is important to keep in mind that no single article can cover completely every security measure which can be used to strengthen wifi system. Consequently, we have left off from
this list a wide variety of other valid security measures such as; limiting intra-network file sharing, changing the default IP address of our wireless router, assigning a static IP address to each of our PC's, disabling the DMZ and Remote Management features, along with a host of indirectly related but nonetheless necessary measures such as installing a PC firewall, anti-virus software, anti-malware software, patch updates and so on. Despite these intentional omissions, following the 10 steps outlined in this article will take the average user a long way along the path of wireless security and ensure that we and our family are able to enjoy the convenience of our wifi system without compromising our PC's security. . REFERENCES
Mitch Tulloc, Understanding Microsoft Virtualization Sokutions, 2nd ed., Redmond, Washington 98052-6399, 2010. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specification, IEEE Std. 802.11, 1997. Charlie Russel and Craig Zacker, Lunderstanding Windows Server 2008 R2 , 2nd ed., Redmond, Washington 98052-6399, 2010. Bernard Golden, Virtualization For Dummies, 2nd ed., Wiley Publishing, Inc, 2009. Jim, Jr. Smith, Ravi Nair, James E. Smith, Heath Potter, Virtual Machines: Versatile Platforms For Systems And Processes, Morga n Kaufmann Publishers, May 2005 daemon9, route, infinity, IP-Spoofing Demystified, Phreak Magazine, Vol.7, Issue 48, File 14 (1996). R. T. Morris, A Weakness in the 4.2BSD UNIX TCP/IP Software, Computing Science Technical Report 117, AT&T Laboratories (1985). V. Paxson, S. Floyd, Wide-Area Traffic: The Failure of Poisson Modeling, IEEE/ACM Transactions on Networking, 3 (3) (1994) pp. 226-244. V. Paxson, S. Floyd, Why We Don’t Know How to Simulate The Internet, Proceedings of the 1997 Winter Simulation Conference, Atlanta, GA (1997). P. A. Porras, A. Valdes, Live Traffic Analysis of TCP/IP Gateways, Proceedings of the Internet Society Symposium on Network and Distributed System Security (March 1998). J. Postel, editor, Internet Protocol, RFC791 (1981). J. Postel, editor, Tranmission Control Protocol, RFC793 (1981). C. L. Schuba et al, Analysis of a Denial of Service Attack on TCP, IEEE Symposium on Security and Privacy (1997). W. R. Stevens, TCP/IP Illustrated, Volume 1, The Protocols , Professional Computing Series, Addison Wesley (1994). W. R. Stevens, TCP/IP Illustrated, Volume 3, TCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols, Professional Computing Series, Addison Wesley (1994). Computer Emergency Response Team, TCP SYN Flooding and IP Spoofing Attacks, CERT Advisory: CA 96-21 (September 1996). C.P.S.T. Ltd., TCP SYN Flooding Attack and the Firewall-1 SYNDefender (October 1996). L. S. Laboratories, Livermore Software Lab. Announces Defense against SYN Flooding Attacks (October 1996). SUN Microsystems, SUN’s TCP SYN Flooding Solutions, SUN Microsystems Security Bulletin: #00136 (October 1996). D. Mills, Internet Delay Experiments, RFC 889 (1983). Internet Traffic Archive, data available at URL: http://ita.ee.lbl.gov http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci557336,00.ht ml
