punkwalrus (punkwalrus) wrote,

Wireless Insecurity

"I thought," he said, "that if the world was going to end we were meant to lie down or put a paper bag over our head or something."

"If you like, yes," said Ford.

"That's what they told us in the army," said the man, and his eyes began the long trek back down to his whisky.

"Will that help?" asked the barman.

"No," said Ford and gave him a friendly smile.

-- Ford Prefect to man at a pub, from Douglas Adam's "Hitchhiker's Guide to the Galaxy."

I have get asked a lot why I, a tech geek, do not have wireless in my house. Simple. Security. I am not putting this in my tech geek Slashdot journal because I think everyone should know this:

Wireless is very insecure.

First, all "out of the box" wireless routers and stuff don't have security enabled. They know most everyone out there would find this complicated, so they hope that you get it up and working first, and then worry about the security next. This is okay, if you actually follow the second part. I would, and on my cable router, I have it set for the most secure possible. If that was all it took, I'd say, "Pfft... piece of cake."

But see, there are some problems. See, wireless cannot be contained within my walls. It broadcasts about 20-50 feet or more in all directions from my house. The picture in this entry shows how far your connection roams from just *one* wireless access point (More details by these fine folks). Note that not only do his three immediate neighbors have total access to his network, but that people across the street on BOTH SIDES have "weak" access as well. In fact, the people across the street from his back yard almost have full signal strength. See, this worries me more than most, because my back yard faces an alley, where anyone can park and get access.

"Okay," you say. Why should you care about access? Put a firewall on your computers and be done with it." It's not so much the breaking into my network and stealing files I am worried about. A firewall would protect that. But it's the fact that I have given anyone access to my Internet connection to do whatever they want. Download illegal files. Crack computers. Launch attacks. All that will be traced to my connection.

"Well, silly, secure your router!" Sure, I can do that. Let's look at the "big three" in wireless protection.

Allow only certain IPs: I could turn off DHCP, and have only static IPs. But IP addresses can be EASILY sniffed (detected) and then spoofed (pretending to be an IP address). In the real world, this is like posing as the delivery guy to get into a secure building.

Allow only MAC addresses: The MAC address (the physical address of your network card) is a unique number that's a bit harder to spoof. But it is spoofable. A good wardriving hacker with the right card can spoof a MAC address easily. This is like posing as a random employee to get into the building.

WEP: Wireless Encryption Protocol: This is the last, and for most, the best defense. It's kind of hard for a newbie to set up, but once working, the 128-bit encryption will be a lot harder to crack. Most people will see this and move on. This is like posing as a specific employee, with a badge, to get into a building. But a good, determined hacker can crack any WEP in less than a few hours. By, say, parking in an alley

Starbucks Coffee (in the shopping center behind my house) doesn't use WEP, and someone at my house, with a wireless connection, showed me how easy it was to get into their network. He waited for someone to log in, got their MAC, sniffed their password, decrypted it, and waited for the guy to log off. Then he connected as this guy to prove that he was a manly geek not afraid of fraud (although, to his credit, he did nothing but prove he could get Internet access before he logged off). We also saw someone with a wide-open access on their personal network, inlcuding their mp3 collection of rap music, some pr0n (hacker term for pronographic material), and how many computers were connected to that router.

There are even easy-to-use hacker tools like Phlak, Kistmet, and WarBSD that make it easier to get this stuff done. This stuff is supposed to be used to test your own network leaks, but, of course, the hardware store that sells you the flashlight, crowbar, and locksmith kit won't ask many questions, either.

So this is why I don't have wireless. Unlike the man at the pub talking to Ford, I don't have army training to tell me to put a bag over my head if the end of the world comes, or some cracker uses my network connection to attack the FBI website. The FBI can get past my paper bag.

This entry was originally posted at http://www.punkwalrus.com/blog/archives/00000260.html
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded