- by Chad, "The Dream", Weaver.
I wanted to finish up my series on wireless networks with just a little bit more on open and or WEP encrypted networks. You won’t always have a choice on which network you are going to connect to but there are some important things you should consider when doing so. When you are connected to either of these networks your traffic isn’t protected from prying eyes. WEP, a little more so, but it uses the same key to encrypt the traffic, which allows a listener to be able to decrypt the stream with almost no effort to ready what is being transmitted. So if you want to keep what you are doing private, whether it is changing your Facebook status, or tweeting about the great cup of coffee you are now drinking at a coffee shop, you might want to take a couple extra steps.
Now a little while back there was an add-on released for Firefox web browsers that would allow anyone running Firefox and this add-on to watch the traffic in the air for session data with popular websites. I don’t want to give any one any ideas about this so I won’t even mention its name. It is still around and has plenty of downloads out there. Not only were they able to see these sessions they could “sidejack” or step in as the user effectively taking over a session as that user including sites again like Facebook Twitter, Flickr and so on. Now to get started; this works best on an open network like a coffee shop or airport where the network is gated by a website providing access once terms are accepted.
So what can you do to keep your awesome status updates your own or those hot tweets about the weather or what-not all yours? One way is to be sure you are using SSL when connection to websites, this is even more important when connection over wireless networks. This encryption prevents data from being read as all transfers between you and the website are encrypted with the help of a digital certificate. So make sure your address bar reads HTTPS rather than HTTP to make sure you’re using this method, also look for the padlock icon to verify the site is secure. One of the biggest flaws with this is that the websites don’t always use HTTPS for every page usually only encrypting the data during login protecting your password but not you against attacks like the one I mentioned above that only needs to have your session information, which is then returned to you unencrypted in some occasions.
Now how can we do better, the first option is VPN, if you can establish a VPN connection to a trusted location and send all your traffic down that new tunnel then everything you will be doing is secure between you and that endpoint, protecting you completely. There are online servers that provide access to VPN servers in various locations across the globe for this and other purposes. This way is 100% secure to their servers so anyone trying to read your wireless traffic would be unsuccessful. You could even create one to your home network using different programs which I won’t go into here.
The next method is to use SSH to encrypt your web traffic by sending all web traffic down an SSH tunnel to a more secure trusted endpoint and from there accessing the internet. This can be done in various operating systems, including Windows Mac and Linux. You can run a small SSH server at home and build a tunnel to it, and then when you are on the road use this to protect your web browsing traffic. Another way and one I have tested myself, which is also sort of fun in a nerdy sort of way is to use an Amazon EC2 cloud server to build the tunnel too, and direct your web browser to use this tunnel for internet traffic through a SOCKS proxy. I used a free micro instance in the cloud and started it up, I have also built and installed other pieces of software on this server but the base install is all you need to protect your traffic for web browsing needs. After you get through the process of logging in creating your key pairs and launching your first instance, just be sure you pick the micro if you want to do this 100% free. You can use your SSH client to create a tunnel through SSH specifying a local port to bind to the tunnel. In this example, 8899, but you can use whatever port number you wish. In your web browser, go to your proxy settings and chose manual settings SOCKS proxy at address localhost and the port number you created the tunnel at. And like magic all your traffic to the web will go through this tunnel to the Amazon cloud before going to the internet. This will protect your internet traffic from any prying eyes, and if you use a site to find your IP you will see that it is changed to the IP of your cloud instance. This has a nice side effect of bypassing some web filtering services also as the traffic would not be coming from the port for HTTP and would be unreadable as it is over a SSH tunnel anyway. If I hear that anyone is interested in a step by step in creating such a proxy I shall make a good write up on how to get it started.
Remember when you are using public networks unless you are protecting your data in some way everything you are doing is well public. If you are not do, not do anything you wouldn’t want anybody to see or have access to, including anything involving private data, work data and anything you wouldn’t want to be public knowledge. Be safe. If you'd like to know more about the secure solutions Trigon Technology provides, be sure to contact us post haste!
- by Chad, "The Dream", Weaver
Don't let that leather jacket fool you, this is no time for fun and games.
Time for part two of my securing your wireless networks! I covered why you shouldn’t use a hidden SSID, and honestly, please stop doing this. Please. This time around, I want to cover how to, and how not to, secure your network. First of all do not use an open wireless network. Wireless networks use the air as its transport medium, and unlike copper you do not physically control the air. Anyone who is listening can read your traffic in plain text - let me repeat that - plain text. How do you secure your network from prying eyes? You need to encrypt it. There are a couple options here. First, if you have to connect to an open wireless network, connecting through a VPN and sending all your internet traffic through that encrypted tunnel can help protect your data. If you have control of your wireless network you can enable an encryption scheme. There are 3 main choices here WEP, WPA and WPA2. You want to use WPA2 if at all possible as it has been shown to be very sound and secure.
Enterprises have an even more secure method of encrypting traffic using a PKI infrastructure based on the WPA2 protection. This uses SSL certificates to protect the traffic and a centralized method of authenticating clients and users on the network. If you have a business this is what you should look for. If you can’t use WPA2 you can fall back to the WPA standard and while it isn’t as secure as the newer standard, it will indeed be very secure. Also, if your password doesn’t fall in a dictionary attack you should be good to go.
What you shouldn’t be using is WEP. I can’t stress this enough, if you are using this even in a home network you should really think about changing it as soon as possible. WEP is an old standard and is not really secure in any way. If you don’t believe me check out this Wikipedia article laying out that it is depreciated and shouldn’t be used due to its extreme flaws. The tools are available on the internet free to download. As a security professional I can use these tools when I am conducting a penetration test on a network to recover a WEP key in around 2 minutes. I must add the disclaimer here; accessing any network you are not authorized to is illegal so don’t try this on your neighbors networks, only on your own devices if at all or while preforming an authorized penetration test. I can’t stress that last part enough! I think the worst part of this is there are attacks that can recover a stored WEP key from a client computer by tricking it to attempt to associate to a fake access point in about the same amount of time. This attack is made possible by people hiding their SSIDs forcing the client to announce networks that they are looking for all the time when they are away from their own networks. I won’t go in to details on how to complete these attacks but they are quite possible and someone skilled in this would have no problems at all recovering your WEP key. So please, please, stop using WEP it shouldn’t be used by anyone any more. I really mean ANYONE! If you're thinking about setting up a network using WEP, or know anyone, please contact us so we can send the help out pronto.