Wireless+Security

Wireless Security

The ability to share an Internet connection is great and the ability to do this wirelessly is even better. Wireless networks are easy to install, you don’t have to run cables, and you can roam around a location within the WLAN (wireless local area network), or physical range of wireless connectivity ( here’s a way to get started ). These features are what makes wireless networks so popular with both end users, and hackers. The one problem with wireless networks is the vulnerability of your network. A typical hardwired network has physical security due to limited access to the actual network and one opening to the internet (Gateway) has a firewall in place This can stop most unauthorized access to your network. The difficulty in setting up wired networks has discouraged a lot of people from installing networks in the first place.

Then a long came the wireless which, made the home networking game more appealing and not as intimidating. Having a wireless network means that the physical security that is inevitable in a wired network is simply not there. Anyone in the range of your wireless network can see your network, and if not secured properly, can gain access. If your wireless access point is not the router on your network then outsiders can slip in behind your firewall. There are some practices you can perform to insure that no one is using your connection or trying to get on your personal network. First and foremost you need to get WEP (Wired Equivalent Protection) in place, which is an encryption that stops unauthorized users from accessing your network. There are at least two encryption types in 802.11b (128bit, and 64bit) and should probably be changed every other week or so. Using WEP is essential to wireless security, but don’t rely on it alone, there are other security measures you can put in place as well. With some wireless units you can set a MAC address filters, witch can really beef up your security. A MAC address is an identification number the manufacturer stamps on a network device, and is (or should be) completely unique. If this security is in place then even if someone knows the WEP Key they still cannot get into the network because your wireless access device will deny it. There are two other things you might want to do to tighten up your network: The first thing you should do is go through and change all of the default security settings, and passwords. The reason for this is most Routers and access points usually have a lot of these configuration fields (i.e. username and password or the SSID ) filled out with generic values for ease of setup. The bad thing about this is that people can use these settings against you to gain access into your network. Secondly, with a lot of routers your SSID is set to broadcast by default, this means that it’s broadcasting your network’s name to the physical reaches of your network. Not good, even if your neighbors don’t have the security rights to access your network they will constantly see it every time they boot up one of their wireless PC’s. Through the use of these practices you will not only protect your network, but render it practically invisible, and that’s what you want. Just a side note, if one day you boot up your wireless PC and you see a new connection that isn’t secure, please take it easy on them, it’s probably your neighbor. You have to remember not everyone is as informed or prepared as you and if your feeling nice go over and warn them to tighten up there network before someone not nice finds it open.

Wireless Network Security,: AirSnare

AirSnare is a wireless network monitoring system that has some pretty cool features. In a nutshell, AirSnare takes a list of MAC addresses that you have OK’d as being your network devices, (i.e. your home PCs) and alerts you of access by any other MAC address. The program actually warns you by telling you with a voice that there is “unauthorized access on your network”, and you can even set it to email you any security breeches. In addition to the audio warning, the interface also turns red and you can see the user’s MAC address and what they are doing. That’s right, you can actually see if an intruder is checking their mail or surfing the web. Not only does it tell you this info, but you can actually double click the destination IP address and Airsnar will connect you to the site. This is all very cool, but the best is the Airhorn, an element of AirSnare that allows you to send intruders a message that pops-up on their screen telling them what ever you type in, for example :- “I’m watching every move you make, so get off of my network”.

The GUI is a little on the primitive side, but that’s because it was meant as a low requirements tool, and not a bloated end-user program. Before you download the AirSnare look over the manual, especially the setup instructions. One thing you have to do is download, and install the WinPcap library, it is a protocol analyzer and is an important component in AirSnare.

The whole process (download and install) takes just a couple of seconds, basically download and double click. It does not install a program just a library that AirSnare uses to capture network packets. AirSnare may be a little different than other programs you are used to, but it really is easy to use and if you have a wireless network it could be an invaluable tool for maintaining tight security. Besides, if friends or family come over you can blow them away with your knowledge of wireless security and your super-cool monitoring tools.

Download WinPcap… []

Download AirSnare…

[]  