make WWAY your homepage  Become a fan on facebook  Follow us on twitter  Receive RSS Newsfeeds  MEMBERS: Register | Login

Opening up a can of worms

Only hiding your SSID for wardrivers who go around hacking is useless and your suggestion of only locking down a SSIS is worthless and creates a liability. How do you ask? If you have a linux box simply run one of a few programs.. Airjack or Kismet are twop that can sniff out non broadcasting SSIDs. Windows is a bit more complex but Airmagnet or AirSnort will do the trick. Linksys, Belkin and Dlink routers all have a default username and password out of the box. How hard is it to save your router box in a closet and write two passwords inside of it? Your administrative password to your router (make sure your default of not allowing access via https or http is DISABLED) and then your wireless security key... You have a few choices of security with the most two common being WEP and WPA. WEP is weak.. VERY weak.. The same initialization vector can be used more than one time. This makes WEP VERY vulnerable to collision based attacks which the cruddy stateful packet firewall included in those things will not detect. With an IV of 24 bits that means 16.7 million combos.. That is hardly enough to protect your bank account online. With WEP, Master Keys instead of temp keys are used.. This gives usually months and months to work on hacking your connection... With WPA The length of the initialization vector goes up to 48.. This means there is now OVER 500 TRILLION password possibilities. WPA uses a better encryption methodology, only temporary keys are used, and message intregrity tracking is added. My professional opinion? WEP should be done away with as a standard.... The common user if they lock down their wireless is only using WEP with a 10 digit key.. It is not that hard to figure out your cell phone # with area code or your home number or reverse it, add area code to rear, reverse that..etc... But... Why guess at it yourself..There are plenty of tools available at no cost that are used for a Brute-Force attack running millions of possibilities per hour with multiple attempts and your SPI built-in firewall will never stop the attempt.. Ha$h has smoked the ease of hacking.... SO what do you do if you want to have a true secure wireless connection? Deny remote access to your router, change the admin password to a password using a combination of uppercase letters, lowercase letters, numbers AND symbols that is AT LEAST 8 characters long (My standard is 16 -20 characters using the above complexity requirements. Disable any remote access features to the wireless routers, Turn off SSID Broadcast, use WPA as your wireless security standard, AND use MAC address filtering. When you purchased your wireless network card or adaptor, it came with a hardware address (kind of like a long house address) embedded in the firmware.... That MAC address is broadcasted in the header of your signal. Adding MAC address (no.. no relationship to Apple computers at all..)filtering and your MAC address tells the router two things specifically about your computer/laptop... It says hey... You must know the WPA key assigned the the router and ALSO says.. Your MAC address must match the one I am remembering in my memory.. If EITHER of these are not correct.. you have no access to this router... That is a secure private network.. The only other options are to have Intrusion Detection/Prevention set up by a professional and have that monitored... (The average home user will not want to spend this $$$ as it is expensive.. I pay $1300 a year just for signature updates from Cisco for my IPS services... Not to mention the $7000 module cost.. You may think it is a pain to do all of this.. Actually... you can have this done yourself my googling things like "how to set up WPA on linksys router" (do not use the passwords in the example people) and "How to set up mac address filtering on my linksys router".. And don't bother calling these fly by night "pc repair vendors" in Wilmington including the ones at large businesses... While there opinion may be "No you don't need that much security for your house.." But what I recommend IS NOT THAT MUCH SECURITY... And I can have a linux laptop up and ready in a few hours that would bust that false claim... Why go through this much trouble? Because formatting a hard drive and deleting or hiding that secret file with a different file extension does not EVER get rid of the information on your hard drive. The ONLY way to get rid of the information on your hard drive is to Boot and Nuke or simply write 1s and 0s over the surfaces of your hard drive multiple, multiple times... I am sure you have emails, bank account information, secrets, tax returns, passwords.. Guys.. some of you have those naughty naughty pics... And maybe you think that it cannot be accessed or touched.. Maybe you think using your child’s middle name and a portion of your phone number is secure..Maybe you think that the removal of temporary files/cookies is keeping you safe.. How about that "free" antivirus you have installed (in technology.. you get what you pay for..) Well.. what about the keylogger installed on your PC that records every key you type because the infected email from a friends was a trusted source and you didn't now it...? Enough rambling.. My point.. Is the majority of you have personal information and data that is at an extremely high risk of being compromised and all you have to do to fix it is google for what I have told you to google for.. It is not fail proof, it is not completely safe But it will keep you a heck of allot safer than you are right now.... Should you be worried? Yes… Should you immediately do something to lock down your wireless at your home and especially your business… YES. The time it took you to read this and to lock down your router is less than 1% of the time it will take to get your identity back should a crook or thief ever steal it..

Reply

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

More information about formatting options

To prevent automated spam submissions leave this field empty.
CAPTCHA
Please re-enter the code shown in the image below.