Networking

Is your wireless network secure?

In a recent tour of San Francisco, Oakland, and Palo Alto, a leading security expert discovered over 2600 networks, nearly a third of which were not using any encryption at all.

A leading security guru is making the rounds trying to increase awareness of wireless security, or rather the severe lack of such security. In a recent tour of San Francisco, Oakland, and Palo Alto, he discovered over 2,600 networks, nearly a third of which were not using any encryption at all. This effort did not uncover all the security flaws as the researcher did not want to cross the fuzzy line between legally detecting these networks and potentially breaking the law by trying to connect to them. The line is not clear because the courts have yet to weigh in on the topic of connecting to networks where the administrators have taken no precautions to secure their infrastructure.

A Road Map to Wardriving in These Times (San Francisco Chronicle)

A site map is a good place to start when assessing the potential signal leaks, and when done properly it can be a huge benefit to security personnel. These surveys are about to get far easier with technology from Airwave that promises to make spectrum analysis much easier as it runs on standard Intel Centrino 2 processors. Further security can be obtained with paint-and-window film that attenuate wireless signals to the point that they are extremely hard to detect outside the building.

How to: Conduct a Wireless Site Survey (Wi-Fi Planet)

AirMagnet and Intel® Demonstrate New Technology That Vastly Simplifies Wireless RF Troubleshooting (BusinessWire)

How to: Prevent Parking Lot Attacks (Wi-Fi planet)

Though I do not handle the wireless security for my organization, I do handle it in my home. At work, since I am in education, there are huge potential holes that could be exploited as a result of the university's desire to maintain open systems that anyone can connect to. These risks are mitigated with various technologies used to encrypt information between the clients and WAPs, but they are risks nonetheless. How focused is your organization when it comes to wireless security?

31 comments
jneilson
jneilson

At work our wifi is open, the computer are secure. At home my wifi is secure, plus if someone can see it their in "range".

VikingCoder
VikingCoder

Our is very secure... we don't have one! We're still running 9/10 of our business on mainframes. At the rate we adopt new technology, we'll get wifi about the time we start networking with warp field technology.

Neon Samurai
Neon Samurai

If a wired network has a loop left in the open and I splice into it or tap the coax with a clip; it's not ethical or legal without owner's consent. If a house is left unlocked and I wonder in and look through the firdge; it's not ethical or legal without owner's consent. If a car is left unlocked and I jump in to get out of the rain or borrow the lighter; it's not ethical or legal without owner's consent. If a neibour is sunbathing in the back yard with the presumption of privacy and I get an obscured vantage point through the trees; it's not ethical and potentially not legal without owner's consent (if only in civil court). If I grab the neibour's hose and water down my garden or move the sprinkler so it also covers part of my own yard; it's not ethical and questionably legal (again, in civil court if your neibour is a shmuck). If I grab follen apples from the neibour's tree off my lawn then fine but if I reac across and pull a branch over to pluck the fruite off or insure that it lands on my property with a few shakes; it's not ethical and also opens the potential for a civil case if the neibour is like that. What's the question with wireless? It's a crime that can be commited from your couch so it's ok? The law already exists; Theift of Services. Unless the router is named "free internet" or something equally obvious; stay the F off it. It's really that simple; no explicit owner's consent, no access. Also, do you really want to be connecting to an unknown wireless router without knowing how many sniffers the person has watching your webbanking between the AP and there ISP connection?

Neon Samurai
Neon Samurai

Hehe.. was that aproximate figure plucked from thin air? hm.. me thinks that looks familiar for some reason..

Andy J. Moon
Andy J. Moon

Like I said, my environment is only secure to a degree. Since the powers that be want to allow students to easily connect wirelessly, there is an account that anyone can use and that even a script kiddie could guess in ten minutes or less. However, there are measures in place to assure that only people who enter appropriate credentials can access the interior portions of the network. How far do you go when it comes to wi-fi security?

Editor's Picks