Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Wireless Security Attacks and Defenses

Zonk posted more than 8 years ago | from the keeping-the-aether-safe dept.

120

An anonymous reader writes "IT-Observer is running a comprehensive overview of wireless attacks and defenses. From the article: 'Wireless technology can provide numerous benefits in the business world. By deploying wireless networks, customers, partners, and employees are given the freedom of mobility from within and from outside of the organization. This can help businesses to increase productivity and effectiveness, lower costs and increase scalability, improve relationships with business partners, and attract new customers.'"

cancel ×

120 comments

first post (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#15343347)

HELL YEAH!

Re:first post (0, Offtopic)

kanzels (975208) | more than 8 years ago | (#15343377)

Happy now? :) Anyway I was posting my comment and wifi security in same time... and my comment didn't appear?! Strange :( In overall access point vendors should start producing APs with better security defaults, preferably with firewalls.

Wireless wants to be free. (1, Insightful)

Anonymous Coward | more than 8 years ago | (#15343359)

I see that keeping leeching wardrivers out isn't covered.

Re:Wireless wants to be free. (1)

solevita (967690) | more than 8 years ago | (#15344373)

There's no such thing as "leeching wardrivers". Wardriving is not a crime. Please visit the below link for educaiton on the subject:

http://www.staticusers.net/wardrivingisnotacrime/ [staticusers.net]

Wireless defence? (0, Offtopic)

reklusband (862215) | more than 8 years ago | (#15343370)

See the last time I was attacked wirelessly was by an RC plane. I now protect my self by wearing an umbrella hat OVER my tin foil hat. Sexy, stylish AND functional. Or did you mean that funky interweb wirelessness? I can't read much due to the tin foil/umbrella hat slipping into my eyes. BUT AT LEAST I'M PROTECTED!!!!!!!!!!

Re:Wireless defence? (0)

Anonymous Coward | more than 8 years ago | (#15343477)

Big black sunglasses help keep the hat/umbrella from slipping, AND keep them from reading your mind.

Re:Wireless defence? (1)

gEvil (beta) (945888) | more than 8 years ago | (#15343743)

Having my hat/umbrella read my mind is always my biggest worry...

Re:Wireless defence? (1)

reklusband (862215) | more than 8 years ago | (#15346202)

OFF TOPIC? FUCK YOU! The article was pointless. The response was too!!!

I suggest shortening the phrase (4, Funny)

spun (1352) | more than 8 years ago | (#15343376)

I suggest replacing the phrase "increase productivity and effectiveness, lower costs and increase scalability, improve relationships with business partners, and attract new customers." with "blah." This way we can write things like "X will help businesses to blah" knowing "blah" stands for "do anything that business wants done." As an added bonus, we won't have to change "blah" everytime stupid business buzzwords change. "Blah" always means whatever buzzwords are in vogue.

Re:I suggest shortening the phrase (1)

MarchHare (82901) | more than 8 years ago | (#15343423)

I think it's a good idea, and if we start doing this here on slashdot too,
it will make most of the discussions a lot more blah too. :-)

Re:I suggest shortening the phrase (0)

Anonymous Coward | more than 8 years ago | (#15343454)

Actually, "blah" can be even more useful. We can replace nearly every word in a marketing piece with blah without losing any meaning! Watch:

"Blah can provide numerous blah in the blah. By blahing blah, blah, blah and blah are given the blah of blah from blah and from blah. This can blah, blah, blah and blah."

Means the same thing, see?

Re:I suggest shortening the phrase (1)

qwijibo (101731) | more than 8 years ago | (#15343506)

It's more compressable once you realize that the regular expression .* expresses the same idea as blah. By extrapolation, blah.*blah is functionally equivalent to blah. Therefore, all marketing documentation can be compressed to the most accurate statement:

Blah.

Re:I suggest shortening the phrase (0)

Anonymous Coward | more than 8 years ago | (#15343560)

1. I agree, and I, for one, welcome blah.
2. In Soviet blah!
3. ???
4. Blah!

Re:I suggest shortening the phrase (2, Insightful)

gEvil (beta) (945888) | more than 8 years ago | (#15343565)

Yes, but how exactly will your proposal increase shareholder value?

Re:I suggest shortening the phrase (4, Funny)

spun (1352) | more than 8 years ago | (#15343600)

See, you aren't getting "it." You are not an it-getter. When you phrase it like "How exactly will your blah increase blah blah," then the answer becomes obvious: blah!

Re:I suggest shortening the phrase (1)

gEvil (beta) (945888) | more than 8 years ago | (#15343805)

Blah blah blah. Blah?

Re:I suggest shortening the phrase (1)

David_W (35680) | more than 8 years ago | (#15344883)

Duba Bubu?

Blah? (1)

slashbob22 (918040) | more than 8 years ago | (#15344189)

Blah!? Don't you worry about Blah, let me worry about blah!

Re:I suggest shortening the phrase (1)

RayMarron (657336) | more than 8 years ago | (#15343916)

blah = buzzwords lavishly applied here

Re:I suggest shortening the phrase (0)

Anonymous Coward | more than 8 years ago | (#15344410)

Don't use "blah" -- it's already overused.

Use "marklar."

Comprehensive... (3, Interesting)

Anonymous Coward | more than 8 years ago | (#15343387)

..yet not a mention of WPA

Duh! (1)

Illusion2269 (959341) | more than 8 years ago | (#15343396)

Its the same if you leave your door unlocked, or window open. Alot of businesses I work with have been avoiding using Wireless technology because they are afraid it will make them more vulnerable. Its more that they don't understand how to implement and secure it properly, and don't want to spend the time or money to do so.

Re:Duh! (4, Insightful)

Silver Sloth (770927) | more than 8 years ago | (#15343559)

Which is a very good reason for not implementing it. I would strongly advise any business not to install IT which they don't understand how to implement and secure it properly because they would be, unwittingly, leaving the door open.

Here in the rarified atmosphere of /. we may laugh at the lamers and their pathetic inability to utilise IT. Out there in the real world people are simply getting on with it. Maybe they have better things to spend their time and money on than installing all the latest geek toys.

As a frinstance, my brother is a very successful salesman. He doesn't even own a laptop and can see no reason to do so. He's too busy earning a great deal more money than I do to bother about it.

Re:Duh! (1)

nolife (233813) | more than 8 years ago | (#15344192)

The blanket statement of "I don't need IT" is just as bad a saying "I need to have IT". Every situation is different.
There is nothing wrong with not using IT or other types of office helpers in a small business. The problem though is that system does not scale well if you are growing. You eventually will not be able to effectively run your business or maintain any consistent and accurate records yourself. You will either need another person or some type of technology or some combination of both. As the size increases even further, you will find that some amount of IT will be cheaper and more efficient then a dedicated employee for certain functions. If you are not growing, it doesn't matter if what you have works but you can not assume your current method will always be the best method.

Re:Duh! (1)

harrkev (623093) | more than 8 years ago | (#15343576)

Well, there are a couple of differences. Usually, when somebody comes in your business they take something, and there is some physical evidence. They also have to do this after-hours. A wireless attack can happen in a busy environment in broad daylight and leave not a trace (unless you have intrusion detection systems).

And on an only slightly-related note, what can home users do to secure a wireless network -- besides the obvious stuff like use encryption, change passwords, disable SSID, MAC filtering, etc. Using consumer-grade routers, NAS boxes and the like, what is involved in implementing a VPN solution? It must take some specialized gear because I doubt that my Linksys AP can handle it. Bonus points for something that works on XP and Linux.

Re:Duh! (1)

drinkypoo (153816) | more than 8 years ago | (#15344090)

OpenVPN [openvpn.net] runs on: Linux, Windows 2000/XP and higher, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Solaris. An OpenVPN PocketPC port is under development.

Re:Duh! (1, Redundant)

NineNine (235196) | more than 8 years ago | (#15343598)

Its more that they don't understand how to implement and secure it properly, and don't want to spend the time or money to do so.

And that's a perfectly valid reason not to implement it. That's why we won't implement it. Besides, cat 5 cable is insanely cheap.

Re:Duh! (3, Insightful)

harrkev (623093) | more than 8 years ago | (#15343650)

Besides, cat 5 cable is insanely cheap.
Nope.

OK. The cable itself is cheap. Putting it where it needs to be is expensive. At my company, we hire outside contractors to run all of our cable. It seems like I am always spools of cable lying around, and guys with their feet on a ladder and their heads in the ceiling. Since an outside company is doing this, it turns a $10/hour worker into a $30/hour or more expence to my company.

But still, the wireless is usually used for the manager laptops. They have to have to be able to check Lookout ^h^h^h^h^h^h^h Outlook in meeting.

Re:Duh! (2, Insightful)

misleb (129952) | more than 8 years ago | (#15343890)

Network cabling really needs to be planned and implemented as if it were power or phones. When you move into an office, you spend a little extra money to have all offices wired with 2 or more CAT5 connections right next to the phone jack and you never have to worry about it again. PUt a hub under the conference table if you need network access at meetings. Wireless is convenient and all, but hardly essential for a business which thinks ahead to have proper wiring done in the first place. Heck, where I used to work, they even put CAT5 in the bathrooms!

-matthew

Re:Duh! (1)

DrSkwid (118965) | more than 8 years ago | (#15343964)

learn ^w it's much easier

Re:Duh! (1)

cayenne8 (626475) | more than 8 years ago | (#15344336)

"Lookout ^h^h^h^h^h^h^h Outlook"

Ok...I've got to ask as I've seen it often enough before. What do all the ctl-h's mean when used like this..? Is it supposed to look like something? All I get is gibberish...

Re:Duh! (2, Insightful)

ePhil_One (634771) | more than 8 years ago | (#15343634)

Its more that they don't understand how to implement and secure it properly, and don't want to spend the time or money to do so.

No, its because they understand that it cannot be secured properly. If you think it can, either you don't understand the risks or you have a different definition of acceptable risk than they do. Assuming your clients are stupid because they don't agree with you isn't the key to a successful career

Or maybe they know how to implement it, and aren't willing to spend the resources (time & money) to manage it. Have you tried bringing a estimate of how much more productive you can be if you can work wirelessly from the meeting instead of paying attention to the meeting?

The scenario TFA begins with (3, Insightful)

Anonymous Coward | more than 8 years ago | (#15343422)

...IMO indicates a major problem behind the thinking of many corporate IT departments. Anyone who grants access a machine access to sensititive or confidential data simply because it is on the network is a moron.

Know what confidential data you can access by simply connecting a computer to the network at my school and most universities, for that matter? Almost nothing! All confidential data should be protected with end-to-end encryption, then the worst that can happen if a third party gets a machine on the internal network is that they can use excessive amounts of bandwidth. Denial-of-service attacks are much easier to recover from than (possible) leaks of confidential data.

Re:The scenario TFA begins with (0)

Anonymous Coward | more than 8 years ago | (#15343669)

Actually, the worst that can happen with end-to-end encryption is that you lose the keys.

Want to truly secure your wireless network? (2, Insightful)

mmell (832646) | more than 8 years ago | (#15343445)

Make sure your home/office/whatever is built like a Fermi chamber.

Even if somebody somehow makes wireless networking as secure as good ol' fashioned copper, it still can't be made perfectly secure! The ONLY way to ensure absolute security is to pull the power cord(s) out. Oh, and smash the hard disks with an ax.

That said, I wonder how long it'll be before construction companies start offering to make buildings RF-impervious? Y'know, I might actually pay to have something like that done; it would go a long way to enhancing wireless security at my house.

Re:Want to truly secure your wireless network? (2, Insightful)

qwijibo (101731) | more than 8 years ago | (#15343532)

Making buildings impervious to RF seems like it solves the opposite of the actual problem. If construction companies put conduits in house that made it easier to route network cables to all of the rooms, there would be no need use wireless. The only reason I use wireless at home is that I don't want to try to come up with some horrible kludge to get wires everywhere.

Re:Want to truly secure your wireless network? (1)

Intron (870560) | more than 8 years ago | (#15343692)

I guess you didn't read the first paragraph of the article.

...and had decided to set up this wireless access point so that she could move about the office easily and still stay connected with the company network

Re:Want to truly secure your wireless network? (1)

Jedi Alec (258881) | more than 8 years ago | (#15343709)

If construction companies put conduits in house that made it easier to route network cables to all of the rooms, there would be no need use wireless.

How about just putting UTP and coax connectors in every room? Plenty of people I know that build new houses or fix old ones already do this.

Re:Want to truly secure your wireless network? (1)

Sooner Boomer (96864) | more than 8 years ago | (#15343535)

"Make sure your home/office/whatever is built like a Fermi chamber."

Surely you mean a Faraday cage ? Wilipedia [wikipedia.org]

Re:Want to truly secure your wireless network? (2, Funny)

mmell (832646) | more than 8 years ago | (#15343607)

Thanks for the correction. My only excuse is that it's Monday.

What? Tuesday? $#*SF)S....

Re:Want to truly secure your wireless network? (0)

Anonymous Coward | more than 8 years ago | (#15343544)

Heh. Fermi chamber.

Re:Want to truly secure your wireless network? (1)

slashjames (789070) | more than 8 years ago | (#15343550)

You realize you've gauranteed a cell phone won't work in your house if you do that, right? As a prospective home-buyer, that is an immediate no-sale point.

Faraday cages, wireless networks, and cell phones (3, Insightful)

martyb (196687) | more than 8 years ago | (#15343658)

You realize you've gauranteed a cell phone won't work in your house if you do that, right? As a prospective home-buyer, that is an immediate no-sale point.

It is possible to construct a Faraday Cage [wikipedia.org] to block wireless network signals without blocking cell phone communications... Wireless networking uses 2.4 GHz signals. Cell phones use entirely different frequencies.

Try it yourself! Place your cell phone in a microwave, close the door (but don't turn it on, of course), and call your cell phone. If your phone rings, then the cell phone signal made it past the microwave's faraday cage. And microwave and wireless networking signals are almost the same -- my network throughput dies whenever I use my microwave.

NOTE: Different cell phone frequencies exist, so YMMV. I can't try this myself (no land-line) but according to what I learned in physics class (LONG ago), I'm pretty confident it should work just fine. Anyone want to give this experiment a try and post how it worked for you?

Re:Faraday cages, wireless networks, and cell phon (1)

drinkypoo (153816) | more than 8 years ago | (#15344049)

Actually, I don't think the shielding in the microwave is tuned to any particular frequency. Putting a phone in a grounded metal box should pretty effectively stop the signal regardless of the aperture size on a single screened face. But, it will probably work in some cases and not in others, just due to location of tower and such.

Re:Faraday cages, wireless networks, and cell phon (0)

Anonymous Coward | more than 8 years ago | (#15344096)

I can't try this myself (no land-line)

and apparently, no friends with cell phones...

Re:Faraday cages, wireless networks, and cell phon (1)

martyb (196687) | more than 8 years ago | (#15345156)

I can't try this myself (no land-line)
and apparently, no friends with cell phones...

Actually, the cell phone signal here is marginal, at best. I often have calls drop on me, if I can get them at all. Hence my request in the original post for others to try it and report how it worke for them.

Re:Faraday cages, wireless networks, and cell phon (0)

Anonymous Coward | more than 8 years ago | (#15344555)

Anyone want to give this experiment a try and post how it worked for you?

I tried it, but right away I started to hear a crackle noise, saw some sparks, and then my cell phone went up in flames. Why the hell did you have me try that?

Oops, I missed the part where you said not to turn the microwave on..

Re:Faraday cages, wireless networks, and cell phon (0)

Anonymous Coward | more than 8 years ago | (#15344931)

Then give yourself a minute
Push start
Repeat the experiment

Geek QA. (0)

Anonymous Coward | more than 8 years ago | (#15345788)

"Try it yourself! Place your cell phone in a microwave, close the door (but don't turn it on, of course), and call your cell phone."

I don't know what's sadder. The fact that you had to explain a Faraday Cage to a bunch of geeks, or that you had to tell them not to turn the microwave on.

Not to me. (3, Funny)

mmell (832646) | more than 8 years ago | (#15343668)

That's why Al G. Bell invented the landline. He foresaw that cellular would suffer limitations which only landline could prevent.

Re:Want to truly secure your wireless network? (0)

Anonymous Coward | more than 8 years ago | (#15343584)

"...to make buildings RF-impervious? Y'know, I might actually pay to have something like that done..."

Good news! I'll save you a few dollars by simply suggesting you pack your bags and head for the trailer park!

No, I want my home to stay where I left it. (1)

mmell (832646) | more than 8 years ago | (#15343632)

We all know tornados make a bee-line for trailers.

Re:Want to truly secure your wireless network? (0, Redundant)

Bryansix (761547) | more than 8 years ago | (#15343769)

If business' are made impervious to RF then my cell phone will not work when I enter them. That is a serious no-no. Even when I am on the clock, my boss would rather I make outgoing calls to my wife on my cell then charge my work for the phone call by using the business line.

From the article... (1)

TheDarkener (198348) | more than 8 years ago | (#15343461)

"Wireless blah productivity blah low-cost blah blah company blah..." How about something that pertains to the headline of "Wireless Security Attacks and Defenses" instead of a press release about the wonders of wireless networks? /me feels the wrath of the mod-monsters

Dependability. (1)

mikesd81 (518581) | more than 8 years ago | (#15343472)

We run wireless @ the plant I work in and it seems to not be fully dependable. I'm not a big fan of wireless, not for the security, but because of the little things that can take it out. It can be more productive if implemented correctly, but there's alot to keep in mind when you do this.

Re:Dependability. (1)

spun (1352) | more than 8 years ago | (#15343768)

The fact that you call it a plant makes me wonder what kind of RF interference might be there. Many manufacturing plants produce A LOT of RF interference. Could that be the reason your wireless is undependable?

Do they really know what they're talking about (1)

Anonymous Coward | more than 8 years ago | (#15343494)

"Another advanced defense method that is possible, although unlikely, is to create an in-house encryption algorithm to use for encoding your network's data."

No, no, no, no, NO

As Bruce Schneier says "Public security is always more secure than proprietary security"

http://www.schneier.com/crypto-gram-9909.html#Open SourceandSecurity [schneier.com]

Also, why don't they mention WPA? ( http://en.wikipedia.org/wiki/Wi-Fi_Protected_Acces s [wikipedia.org] )

Re:Do they really know what they're talking about (1)

tutori (821667) | more than 8 years ago | (#15343657)

Yes, but any security at all, even if very easily circumvented, is better than no security. Sure, ROT-13 does nothing, but if someone is snooping and doesn't immediately understand, they're more likely to move on to less difficult targets.

any security at all...is better than no security? (1)

Abroun (795507) | more than 8 years ago | (#15343874)

Not if it fools you into thinking you're safe. Paranoia trumps complacency.

Re:Do they really know what they're talking about (2, Insightful)

schon (31600) | more than 8 years ago | (#15343875)

any security at all, even if very easily circumvented, is better than no security

However, *bad* security (such as your ROT-13 example) is worse than no security at all, because it leads you to believe you're actually doing something, when in fact you're not.

If you implement something that doesn't actually do anything, you've wasted time. If it doesn't do anything, why did you implement it?

Because you've convinced yourself that it does do something, and the fact that it doesn't means that you've lulled yourself into a false sense of security.

Unbelievable fluff: why did it get posted??? (2, Informative)

postbigbang (761081) | more than 8 years ago | (#15343495)

Three guys named Brad and another one named Josh post a fluffy little article on security for wireless, then cover about 1/3rd of the basics, and none of the tough stuff.

In a word, they should be punished. And someone should tape their eyes open while reading WiFoo or another good book on just how many zillion interesting hacks there are for wireless. And then, the site should get the check back-- if they were so silly as to have paid these guys.

And I wonder, how many more airy and light posts will there be, today? Slashdot Lite, less filling, less intelligent-- news for birds.

Re:Unbelievable fluff: why did it get posted??? (1)

Aqua_boy17 (962670) | more than 8 years ago | (#15343908)

"news for birds" - stuff that chatters

(ducks) (twice)

The article is 100% wrongheaded (5, Informative)

drinkypoo (153816) | more than 8 years ago | (#15343510)

Look at page 3. It's the one where they tell you what you should do to secure your network.

Even with its inherent weaknesses, Wireless Encryption Protocols or WEP is still a good method for preventing attackers from capturing your network traffic. Less-experienced hackers will probably not even attempt to capture data packets from a wireless network that is broadcasting using WEP.

Bullshit. Everything you need to do this can be found on a single Linux LiveCD (Auditor Linux) including the kit for doing replay attacks. Only unmotivated "hackers" will fail to crack WEP.

Score: 0/1

MAC Address Blocking - For smaller, more static networks you can specify which computers should be able access to your wireless access points. Telling the access points which hardware MAC addresses can join the network does this. Although, like WEP, in which this can be bypassed by knowledgeable hackers, it is still a valid method for keeping many intruders at bay.

Bullshit. Again, this will only get people who are unmotivated. MAC spoofing is a triviality. It typically will stop drive-by users of wifi, because they can usually find one that has no "protection" and they can use that. MAC restriction will NOT stop anyone who wants onto your network for any reason other than a minor whim.

Score: 0/2

Ditch the Defaults - Most wireless devices are being sold today with default configurations that are easily exploited. The three main areas to watch out for are the router administration passwords, SSID broadcasting, and the channel used to broadcast the signal.

Using a halfway decent scanner makes ANY settings changes you do (besides turning on WPA) utterly useless.

Score: 0/3

Beacon Intervals [...] These intervals should be maximized to make it more difficult to find the network. The network appears quieter and any passive listening devices are not as productive at gathering and cracking encryption keys.

Again, a good scanner makes this irrelevant.

Score: 0/4

Access Lists - Using MAC ACL's (MAC Address Access List) creates another level of difficulty to hacking a network. A MAC ACL is created and distributed to AP so that only authorized NIC's can connect to the network.

Uh, this is the same thing as "mac address blocking". They're the SAME FEATURE, just one is default accept, and the other is default deny.

Score: 0/5 (I should really assign a negative point for trying to use the same feature as a bullet point twice, but I'll be nice.)

Controlling Reset - Something as simple as controlling the reset function can add a great deal of security and reduce the risk of potential hack to your network. After all the security measures are in place and the proper encryption settings are enforced, the factory built "reset" button available on nearly all wireless routers/AP's can, in an obvious way, wipe out everything.

If someone has physical access to your AP, you're fucked anyway. If they can do remote admin in your AP, you're an idiot anyway - and turning off remote admin isn't even listed as a good idea here.

Score: 0/6

Disable DHCP - Disabling the use of DHCP in a wireless network is again, a simple but effective roadblock to potential hackers.

No, it isn't. A few moments of sniffing will tell you what you need to know. Utterly useless and it just makes your life harder.

Score: 0/7

This article tells you nothing about how to effectively secure your network. In fact, it tells you to do a whole bunch of things that won't work.

Want to secure wifi? There is only one means to do so, and that is to use a tunnel with strong encryption. Whether you're using commercial VPN software, vpnd, or an ssh tunnel, there is absolutely no other way to be sure that your network is secure. Just block all non-VPN traffic, redirecting any requests to port 80 to a webserver and page that tells you that you need to use the VPN, optionally offering the necessary software. The only hole here? Any holes in your webserver, which could be in its own virtual machine, and the fact that people can use your connection to download a VPN client, thus potentially executing a DoS attack against your network.

WPA seems to also be fairly secure so far, but I don't know that I'd trust it. Certainly, it is based on strong encryption and has been subjected to enormous peer review without, AFAIK, any major holes being blown in it. However, since the only way to really be sure is to use another VPN, my suggestion is to not use any encryption.

This article is stupid through and through.

Re:The article is 100% wrongheaded (4, Insightful)

Anonymous Coward | more than 8 years ago | (#15343564)

Yeah, 'cause setting up a VPN or ssh tunnels is something EVERYONE can do.

Oh wait, they can't... following the techniques outlined in the article won't stop someone who is determined to get somewhere, just like locking your door won't keep someone who really wants to get into your house out, but as a general deterrant works pretty well.

If you're that bloody paranoid about someone scooping your shemale porn downloads, just stay on the wire.

Re:The article is 100% wrongheaded (0)

Anonymous Coward | more than 8 years ago | (#15343641)

The parent isn't a troll... it makes a necessary counterpoint to the practical insanity of the grandparent.
Mods on crack... weee.

Re:The article is 100% wrongheaded (1)

drinkypoo (153816) | more than 8 years ago | (#15344012)

Actually, there are pretty simple VPN products out there. Of course, most of the simplest ones are useless, especially PPTP with MS-CHAP has huge known security holes and should never be used... But getting PPTP to work anywhere other than Windows is kind of a bitch anyway. Regardless, most people simply shouldn't be using WiFi. Those who do should be using WPA, which is what they should have suggested in the first place, since every other suggestion can be run over with freely available tools that are also simple to use.

Re:The article is 100% wrongheaded (1)

GSloop (165220) | more than 8 years ago | (#15344583)

Turning on WPA would be a pretty good bet, and from my quick scan of TFA, they DON'T EVEN MENTION WPA AT ALL!

VPN is better, but WEP is TOTALLY WORTHLESS. TOTALLY!

If you could tell someone to do ONE thing, it certainly ought to be to turn on WPA and use a long PSK. The article was a waste of time for the authors.

Cheers,
Greg

Re:The article is 100% wrongheaded (1, Informative)

Anonymous Coward | more than 8 years ago | (#15344748)

Not everyone has WPA-capable devices. Everyone has WEP.

Re:The article is 100% wrongheaded (0)

Anonymous Coward | more than 8 years ago | (#15343613)

I like this part: "Media Access Control (MAC) addresses act as personal identification numbers for verifying the identity of authorized clients on wireless networks. However, existing encryption standards are not foolproof. A hacker can pick off authorized MAC addresses"

Looks like someone was fooled by the name and thought MAC is a security concept...

WEP is not "Wireless Encryption Protocol" (3, Interesting)

spun (1352) | more than 8 years ago | (#15343750)

Haven't read TFA, just your summary here. Thanks for exposing your brain to this IQ sucking pap so the rest of us don't have to. Do they really call WEP "Wireless Encryption Protocol?" Because it means Wired Equivalent Privacy. They got every fucking word in the acronym wrong!

WEP is also, as you point out, not anywhere equivalent to wired privacy.

Sigh.

"Hey, look at me! I just read two chapters in a "Wireless for Dummies" book and I'm getting paid to write an article in a trade journal!"

Where's the justice?

Googlefight says its Wireless Encryption Protocol (1)

gravyface (592485) | more than 8 years ago | (#15345066)

wireless encryption protocol: 5,860,000 results

Wired Equivalent Privacy: 2,200,000 results

Wikipedia says Wired Equivalent Privacy [wikipedia.org]

Screw the uneducated masses -- this fool probably Googled "WEP", along with the rest of his low-rent "Wireless for Dummies" security tips.

Re:The article is 100% wrongheaded (3, Interesting)

DrSkwid (118965) | more than 8 years ago | (#15343804)

One thing people often do is put the AP INSIDE their firewall, such as hanging it on a spare switch port.

All the advice if for SERVERS but what about clients?

In my office I can reach a nearby free WiFi. For kicks I set up my AP with the same SSID and ran it open. Sniff Sniff. Not even illegal as they are connecting to ME ! Remember kids, no expectation of privacy in public places runs both ways =)

Re:The article is 100% wrongheaded (1)

sharkey (16670) | more than 8 years ago | (#15343918)

You got a lot farther than I did. I got to the part about sticking an antenna into the PCMCIA slot to get a wireless connection and gave up on finding and intelligent discussion in the article.

Re:The article is 100% wrongheaded (2, Informative)

C_Kode (102755) | more than 8 years ago | (#15343949)

Look at page 3. It's the one where they tell you what you should do to secure your network.

        Even with its inherent weaknesses, Wireless Encryption Protocols or WEP is still a good method for preventing attackers from capturing your network traffic. Less-experienced hackers will probably not even attempt to capture data packets from a wireless network that is broadcasting using WEP.

Bullshit. Everything you need to do this can be found on a single Linux LiveCD (Auditor Linux) including the kit for doing replay attacks. Only unmotivated "hackers" will fail to crack WEP.


Basically he said something is better than nothing. A lock on your front door isn't going to stop someone serious about breaking in, but it will stop your neighbor from peaking around inside your house because you left your door wide open. While everything you noted is true, he wasn't claiming that WEP is secure and he noted that clearly. He only said it's better than nothing. He should have said WEP is better than having an open network for anyone to connect to instead of WEP is still a good method for preventing attackers from capturing your network traffic.

Re:The article is 100% wrongheaded (1)

Jane_Dozey (759010) | more than 8 years ago | (#15344165)

He *should* have said "WEP is a rubbish way of trying to prevent attackers from capturing your network traffic, use WPA".

Sometimes bad security is worse than none at all as it makes people feel safe, when infact someone's just walked through that flimsy front door and nicked all the silverware.

Re:The article is 100% wrongheaded (1)

GSloop (165220) | more than 8 years ago | (#15344615)


Even with its inherent weaknesses, Wireless Encryption Protocols or WEP is still a good method for preventing attackers from capturing your network traffic. Less-experienced hackers will probably not even attempt to capture data packets from a wireless network that is broadcasting using WEP. Even if a hacker possesses the skills and tools necessary to crack WEP, it can be an extremely time-consuming process, especially when dealing with the newer 128-bit specification, which requires in excess of 500,000 captured data packets to even begin the cracking process. Not only is WEP a good way to ward off many would-be attackers, it is strengthened when used with other security techniques.


"Extremely time-consuming..."
Huh, like sub 10 minutes for an active attack? That's "extremely time-consuming?"

It says WEP's got problems, but then portrays the caveats as though it was a tiny flaw in pratical terms.
Bullshit. Rather than use WEP, use nothing, IMO. At least that way when the Cops/FBI/Secret Service come to haul your ass away, you can at least have some plausable denyal for what happened using your WiFi network.

If you're going to use some form of encryption, WPA is easiest and very secure, given decent PSK's.
Open VPN is probably next.

Cheers,
Greg

Re:The article is 100% wrongheaded (2, Informative)

GonzoBob (975262) | more than 8 years ago | (#15344293)

Good Comments: For anyone wanting to forego the joy of reading up on this material Steve Gibson and Leo Laporte have an excellent security podcast which has several episodes covering topics like WEP WPA ect. More info can be found at grc.com/SecurityNow.htm

Re:The article is 100% wrongheaded (1, Funny)

Anonymous Coward | more than 8 years ago | (#15344370)

My favorite option is to leave it on defaults, firewall everything but my SSH port and port 80, and route everything over port 80 to goatse.

If that doesn't keep people out, nothing would!

Useless (3, Insightful)

Zephyros (966835) | more than 8 years ago | (#15343543)

I don't trust any article about wireless security that says WEP has any use at all - "Not only is WEP a good way to ward off many would-be attackers, it is strengthened when used with other security techniques." Same for MAC filtering: "[although] this can be bypassed by knowledgeable hackers, it is still a valid method for keeping many intruders at bay." They'll keep your neighbors from hogging all of your bandwidth, but they won't keep out anybody who wants to get at your data.

Not even a mention of WPA2, certificates (hardware/software), or any other actual security measures in there. Some decent stuff about PEBRAC errors in the beginning, and other changes that should be obvious to any netadmin with two brain cells to rub together, but TFA is really not even worth the time it takes to read.

Not so comprehensive (2, Insightful)

HackNack (853020) | more than 8 years ago | (#15343636)

This article may be helpful to some newbies, but I'm looking for something extra here. Where's the 802.11X and 802.11i/WPA2 information?

I see WEP mentioned and then WEP2. I think that by WEP2 the author means TKIP. Of corse there is no explanation of what either does and why WEP2/TKIP is better than WEP.

Why bother learning about MitM attacks? Rogue access points? ISD??? You're using WEP for God's sake!!!

This is is basically something I'd expect to see on Digg. Any self-respecting /. visitor already knows everything mentioned in the article.

Re:Not so comprehensive (1)

HackNack (853020) | more than 8 years ago | (#15343656)

That's IDS by the way.

article doesn't cover quite a few things (3, Interesting)

farker haiku (883529) | more than 8 years ago | (#15343651)

The article doesn't mention several things, like the more modern methods that wireless hackers are breaching security. instead of attacking at layer 3, attackers these days are focusing on layer 2 attacks... they're attacking the wireless device drivers themselves, looking for a way in. I heard a podcast where Joshua Wright was mentioning taking over devices that way so as to avoid those pesky firewalls. I just googled wireless hack layer 2 stack driver joshua wright to find some articles. You're on your own for specifics though - just say no to script kiddies.

worthless (4, Funny)

GonzoBob (975262) | more than 8 years ago | (#15343683)

Funny the moment I read "which had come equipped with a factory-installed 802.11g antenna" I knew there wouldn't be anything of value.

MODERATORS ON CRACK AGAIN (1)

drinkypoo (153816) | more than 8 years ago | (#15344115)

How is this a troll? There is no such thing as a 802.11g antenna, there is only an 802.11g adapter, and a 2.4GHz antenna. Anyone actually qualified to write such an article would not make these errors. Therefore, the people who wrote the article are morons and the parent comment is entirely correct. See my earlier comment in this thread [slashdot.org] for exactly what is wrong in this article. Well, just from one page, and it's seven pieces of COMPLETELY WRONG INFORMATION. And I didn't even read the whole page!

Ep!o! (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#15343775)

people playing can BE FUN. IT USED When Done playing

Hardly comprehensive...barely even useful (5, Insightful)

sarkeizen (106737) | more than 8 years ago | (#15343844)

I maintain a wireless network of over 40 AP's for a college campus. This article spends much time on nothing.

a) 'default' SSIDS are irrelevant. It doesn't make the networks easier to find. It's not like when I ask windows to "View Wireless Networks" it only shows me the ones called "linksys". Perhaps at one time seeing a router called 'linksys' might have made me think that the user is less likely to be running encryption but under XP it tells me right away which ones are encrypted and which aren't.

b) Warchalking - old hat. Perhaps before it was feasable to simply leave my PDA running as I walk around and report all the AP's it sees this might have been useful.

c) WEP - You've got to be joking. The article mentions the 'newer 128-bit specification' doesn't mention DWEP using 802.1x or WPA. Either make it much harder to crack.

d) IDS - Possibly useful but really only once someone is accessing your system via your wireless.

e) MACs - The article seems to vassilate here, on one hand saying that MAC isn't meant for access control and on the other saying that you should use them for ACLs. MAC authentication is useless, it's trival to find a useful MAC address on any network that's used regularly.

f) DHCP - Stupid. Disabling it stops very little for very long. The vast majority of WLANs are using one of the three non-routable IP ranges. It wouldn't take me long to find one that's accessable. It also introduces a serious pain for the maintainers for the network.

What it should mention are the following:

a) Authentication - 802.1x preferably. I personally don't like web portals as it makes it easier to fool users with "evil twin" attacks.

b) WPA2, using WEP or idealy AES.

c) For corporate WLANs use a system that can use your own wireless networks to detect rogue AP's. I'm using Nortel (now cisco) 2270 (with 2230 aps) and I have SNMP traps which warn me when someone in the WLAN starts up an AP.

d) VLANS - keep the WLAN traffic restricted to particular ports, destinations.

e) Have a written policy for your users. Make them understand that adding their own wireless equipment is forbidden.

f) Using some kind of authentication on your ethernet jacks helps - it's hard to find an AP that will do 802.1x on the WAN side. Even so, it would be tied to a particular user. Using the information from (c) you can just disable their account.

f) Invest in a solution that keeps users OS and Virus software up-to-date.

Re:Hardly comprehensive...barely even useful (1)

jleibovitz (796080) | more than 8 years ago | (#15343921)

For 802.1x/RADIUS auth I suggest people check out Radiuz.net -- it's free.

Scary stuff (1)

glas_gow (961896) | more than 8 years ago | (#15343866)

From the article: From his experience, the man knew instantly that he was dealing with a wireless router that was using a factory configuration.

That kind of experience is breathtaking, gained from years and years, or even minutes, of reading the Kismet FAQ.

I'm going across the road to see if any of my neighbours want me to set up their Wireless Routers for them. If they aren't going to read the manual, they certainly wont have read that article. Which begs the question, who exactly is supposed to read that article?

Article Can't Be Current (3, Informative)

IEEEmember (610961) | more than 8 years ago | (#15343881)

The May 10th, 2006 date on this article must be wrong. The article is obviously months or years old. The lack of information about WPA, the discussion of warchalking and the dates of the referenced material all indicate this article was written sometime in early 2005 or late 2004. It was posted on invulnerableit in 11/2005, but I suspect it is older than that.

Re:Article Can't Be Current (1)

Kelson (129150) | more than 8 years ago | (#15344702)

Even better, the invulnerableit version [invulnerableit.com] (Nov 2005) and windowsecurity version [windowsecurity.com] (May 2006) actually have the tables and diagrams referred to in the text.

You do have to wonder, though. I picked up a wireless router in summer 2004, and WPA was a standard, off-the-shelf option for security. All the material I read in preparation to set up the network indicated that WPA was a better choice than WEP. The references for this article include one dated December 2004 -- several months after I did my own research. Given that WPA was already known to be more secure than WEP (which they spent quite a bit of time on), and was a standard option in consumer wireless routers, how on Earth did they miss it?

My solution. (1)

Rob T Firefly (844560) | more than 8 years ago | (#15343905)

I've come up with the perfect method of securing any wireless network from RF-based attack, 100% effective against wardrivers, and with a healthy speed boost as well.

I call it "wire."

Re:My solution. (1)

drinkypoo (153816) | more than 8 years ago | (#15344072)

Someone could still DoS your wired network by pointing a HERF device at the location of the network cable, but you're right about the difficulty of extracting data from that channel. On the other hand, ethernet cables are just long wires, and a long wire with a on-off signal on it is a pretty effective antenna itself...

Somewhat related (1)

ronsta (815765) | more than 8 years ago | (#15344211)

Wired has an excellent article on hacking the RFID...I know it's radio waves, not wireless, but still good security exploit reading:

Read it! [wired.com]

If you manage to get to the end (0)

Anonymous Coward | more than 8 years ago | (#15344258)

My favorite quote:
"A more likely approach would be to implement an existing, proven encryption method such as MD5 or MIC. "
Those are hashes. They don't encrypt anything, (if by encrypting you mean being able to decrypt it later).

mod d03n (-1, Troll)

Anonymous Coward | more than 8 years ago | (#15344569)

by fundamental [tux.org]? Are you of playing your too many rules and the resources that are about 7000/5 engineer1ng project 0f various BSD came as a complete

Easy yet effectivsolution for rogue access points. (1)

da.phreak (820640) | more than 8 years ago | (#15345015)

There's quite an easy solution for this. It's used at our university for the offices of employees. Some time ago you could just plug in a PC, assign a valid IP-address and use the net, authorisation was done by physical access to the room, or lack thereof. Then I had to install a new PC, plugged the network in, but nothing worked. It took me some time to figure out that the network port was blocked, because a new MAC address was seen on this port. That's true, once they detect any new MAC address, they completely shut off that port. You have to phone the helpdesk and explain why there's a new MAC address (= new PC) on that port. Usually you can't use a hubs/switches, as only one MAC address is allowed per port (there are some exceptions though). While this article recommends using MAC addresses as access control, I think in most cases this is just wrong. But in this particular case it does sense: Once an employee plugs in an access point, they'll detect that additional MAC address. Spoofing the address on your wireless card won't help, as only one MAC address is allowed, but two are detected (wireless card + Access Point).

If you have to install new PCs, this is quite annoying. I'm happy if the old PC has a network card that I can take out and put into the new PC, so the address doesn't change (I know spoofing is possible, but I don't think they like it :).

At home I'm using WEP, but unlike the article recommends not for security. I'm just being friendly to my neighbours, so their windows systems won't autoconnect and get an IP address, which they couldn't use for anything: Without a connection to my VPN, there's no internet.

WEP = Wireless Encryption Protocol? (1)

kenblakely (768899) | more than 8 years ago | (#15345455)

I have a hard time taking an article seriously when simple technical terminology is grossly incorrect.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...