|
BOOT CAMP 457 (02/01/07)
Wireless Networking, part 3
This week’s topic is security and one of the
first questions many newcomers to wireless networking ask is how safe is it?
The simple answer is that it can be very secure and perfectly capable of
keeping out all but the most determined and well-resourced intruders but like
any security system it has flaws, and the biggest one is the people who use it,
or rather the ones who do not use it properly, or at all!
Wireless networking represents a major threat
to your PC’s well-being, your privacy and the security of your data for the
simple reason that if your network is unsecured anyone nearby with a wi-fi
equipped laptop can log on, steal information, plant malicious software and
hijack your Internet connection, and it is remarkably easy to do.
One of the reasons why security is so important
is because wireless networks and devices are not secret or anonymous. Quite the
opposite in fact and they announce their presence to anyone within range by
constantly broadcasting an identity beacon called a Service Set Identifier or
SSID. This is basically the network’s name, assigned by the user during setup,
though it’s surprising how many Wi-Fi Networks are called ‘Home’ or ‘Wireless’
(common defaults)
A few years ago a minor cult grew up out of the
terrifying lack of security measures employed by many companies and the growing
number of home wireless network users. ‘Warchalkers’ as they were known roamed
the streets (‘wardriving’) looking for unprotected wireless access points or
routers. When they found one they used chalk marks to identify the premises to
their fellows and publicised the information on the Internet. For the most part
they confined their activities to gaining free Internet access but there are
plenty of examples of open wireless systems being hacked into by crooks and
vandals.
Nowadays most PC users should be aware of the
need for security but with the explosive growth of broadband and Wi-Fi it is
frightening how many home systems are left exposed. From my home in South
London I am in range of four of my immediate neighbour’s Wi-Fi networks, two of
which remain completely unprotected (in spite of my warnings...).
Most pre-packaged systems and ‘home hubs’ have
their security systems enabled by default but the biggest loophole is the vast
number of home-brew systems, assembled from off-the-shelf components. In order
to simplify installation (and no doubt ease the burden on support staff) the
security features are switched off and it is left up to the user to enable and
configure them.
Wi-Fi security should be switched on all of the
time. The only exceptions are during the initial setup, briefly when
troubleshooting a faulty connection or if you take your laptop on the road and
need to be able to log on access points or wireless hot spots (just don’t
forget to switch it back on again afterwards).
Wireless security has to work on two levels.
Firstly all of the data flowing between the computers in the network needs to
be scrambled or ‘encrypted’ so even if the signals are intercepted the data
cannot be read. Secondly it has to provide the necessary permission or
‘authentication’ to PCs or devices that are allowed to connect to the network.
There are two wireless security systems that
fulfil those basic requirements, which are included in the IEEE 802.11 Wi-Fi
specification, and therefore the ones you are most likely to encounter. There
are also numerous proprietary systems but these tend to be used on large-scale
networks operated by financial institutions Government departments and so on,
where there is a need to maintain the very highest levels of security.
The earlier of the two Wi-Fi standard systems
is WEP or Wired Equivalent Privacy. Although it can be relatively easily hacked
by an expert (see also this week’s Top Tip), the highest of its encryption
levels is just about sufficient for basic home network security. WEP systems
use a ‘shared key’ to encrypt and decrypt data, which must be entered into all devices
connected to the network. The length of the key determines the level of
encryption and the more random it is, the safer it will be. It’s also a good
idea to change the key on a regular basis. Words, names and phrases etc. are
best avoided as they can be cracked more easily using ‘brute force’ or
‘dictionary attack’ methods.
The alternative to WEP is the newer and more
robust WPA or Wi-Fi Protected Access system. You may also come across WPA2,
which is an amendment to the original 802.11 Wi-Fi specification (aka IEE
802.11i) and sets out detailed security arrangements for more advanced
networking systems.
But back to WPA and this employs two types of
security key. TKIP (Temporal Key Integrity Protocol) creates a new key every
time a PC or device logs onto the network, making it almost impossible for it
to be guessed or cracked. WPA also uses a variation of the shared key system
(WPA-PSK), which can be used on older set-ups that do not fully support all WPA
features. Incidentally WPA support has only been available in Windows since the
release of Service Pack 2 and a free update package is
available from Microsoft.
Next Week -- Wireless Networking, part 4
JARGON FILTER
BRUTE FORCE ATTACK
A hacking program that tries to guess a password or PIN by running
through all of the possible combinations of letters and numbers, potentially
making thousands or millions of attempts per second
DICTIONARY ATTACK
Most people use words or names to create passwords or passphrases
because they are easy to remember. A Dictionary Attack program simply ploughs
through common letter and word combinations to discover a password -- and often
succeeds!
WPA-PSK
Wi-Fi Protected Access - Preshared Key. Less secure method of protecting
a wireless network using a key based on a common passphase provided to all
users
TOP TIP
WEP security has two standard encryption levels: 64-bit encryption
relies on a 40-bit key and the slightly stronger 128-bit level uses a 26-bit
key. Both levels are relatively easy to crack by passively intercepting network
traffic on a Wi-FI equipped laptop. Hacking software analyses the data packets,
looking for repetitive patterns, which can reveal a key. WEP encryption can
also be actively hacked, using ‘brute force’ and ‘dictionary attack’ methods,
bombarding the system with log-on attempts whilst remaining undetected by
simulating normal network activity.
---end---
© R. Maybury 2006, 2712
Part 1 2 4 5
|