Posted by The Blogging Desk on Mon, Feb 28, 2011
- by Chad, "The Dream", Weaver
Don't let that leather jacket fool you, this is no time for fun and games.
Time for part two of my securing your wireless networks! I covered why you shouldn’t use a hidden SSID, and honestly, please stop doing this. Please. This time around, I want to cover how to, and how not to, secure your network. First of all do not use an open wireless network. Wireless networks use the air as its transport medium, and unlike copper you do not physically control the air. Anyone who is listening can read your traffic in plain text - let me repeat that - plain text. How do you secure your network from prying eyes? You need to encrypt it. There are a couple options here. First, if you have to connect to an open wireless network, connecting through a VPN and sending all your internet traffic through that encrypted tunnel can help protect your data. If you have control of your wireless network you can enable an encryption scheme. There are 3 main choices here WEP, WPA and WPA2. You want to use WPA2 if at all possible as it has been shown to be very sound and secure.
Enterprises have an even more secure method of encrypting traffic using a PKI infrastructure based on the WPA2 protection. This uses SSL certificates to protect the traffic and a centralized method of authenticating clients and users on the network. If you have a business this is what you should look for. If you can’t use WPA2 you can fall back to the WPA standard and while it isn’t as secure as the newer standard, it will indeed be very secure. Also, if your password doesn’t fall in a dictionary attack you should be good to go.
What you shouldn’t be using is WEP. I can’t stress this enough, if you are using this even in a home network you should really think about changing it as soon as possible. WEP is an old standard and is not really secure in any way. If you don’t believe me check out this Wikipedia article laying out that it is depreciated and shouldn’t be used due to its extreme flaws. The tools are available on the internet free to download. As a security professional I can use these tools when I am conducting a penetration test on a network to recover a WEP key in around 2 minutes. I must add the disclaimer here; accessing any network you are not authorized to is illegal so don’t try this on your neighbors networks, only on your own devices if at all or while preforming an authorized penetration test. I can’t stress that last part enough! I think the worst part of this is there are attacks that can recover a stored WEP key from a client computer by tricking it to attempt to associate to a fake access point in about the same amount of time. This attack is made possible by people hiding their SSIDs forcing the client to announce networks that they are looking for all the time when they are away from their own networks. I won’t go in to details on how to complete these attacks but they are quite possible and someone skilled in this would have no problems at all recovering your WEP key. So please, please, stop using WEP it shouldn’t be used by anyone any more. I really mean ANYONE! If you're thinking about setting up a network using WEP, or know anyone, please contact us so we can send the help out pronto.
