WIRELESS NETWORKING
Wireless Network
Security
Wireless Network
Security is a serious issue and is
not to be taken lightly. There are
countless tools out there to help
hackers compromise your wireless
security.
So how do you
minimize or possibly eliminate the
risk of hackers accessing your data?
Below I'll list key items to help
secure your wireless network; I'll
also list a few free tools that
hackers use to grab your
information. Wireless hackers are
commonly referred to as `war
drivers' and `war walkers'.
The first item
you'll want to consider when working
with Wireless Network Security is
identification. Change your SSID to
something other than the
manufacturer's default and disable
broadcasting of your SSID.
Many basic wireless
scanners will not detect a hidden
SSID. Check your wireless network
hardware manual for more information
on how to do this.
Wireless Network
Wireless network
security should also include
allowing only your network cards to
communicate with your wireless
network. This is accomplished by
enabling MAC address filtering; each
network card has a Media Access
Control address (MAC address) on the
back, is 12 characters long,
contains numbers and the letters
`A,B,C,D,E or F' of the alphabet. It
will look something like this
0006250E0B81.
Wireless Encryption
Encrypt the data
that travels around your wireless
network. WEP (called Wired
Equivalent Privacy) is designed to
provide protection by encrypting
wireless data as it traverses the
airwaves.
When using WEP, use
a 128-bit key. The programs that can
crack WEP need to collect a large
number of encrypted data to figure
out your key.
This means that a
hacker would need to sit around for
at least a few hours (usually days)
collecting this information - an
unlikely scenario for most hackers.
WEP is not flawless, but it is a big
deterrent considering there are
probably other, more inviting, none
WEP networks nearby.
Note: Some wireless
vendors sell devices that change the
encryption key after a set amount of
time. Changing the key every 20
minutes would make it just about
impossible to break.
Wireless Network
Security Tools
There are a number
of wireless network security tools
that can be used to grab the
wireless information out of the air,
some are detectable and some are
not. On the Linux side, the most
popular is Kismet and Airsnort; Both
will display the hidden SSID's,
capture packets and will remain
completely invisible to Intrusion
Detections Systems because they
operate by passively monitoring
transmissions.
Another product
growing in popularity is the
wireless security scanner called
WellenReiter at http://www.wellenreiter.net/index.html
Handheld PDA
Wireless
On the Windows side,
you have Network Stumbler, and
Aerosol.
Wireless Security
Handheld tools include Pocket
Warrior
(http://pocketwarrior.sourceforge.net/pwdl.html)
and Mini Stumbler
(http://www.netstumbler.com
So what software
should you use? If you really want
to analyze your wireless security, I
suggest Kismet. Ritchie at
Tipsybottle.com has put together a
superb how-to document at
http://www.tipsybottle.com/technology/wireless/RedHat8-Kismet-HOWTO.shtml
that will save you thousands of
dollars in consultant fees!
Ritchie's document explains
everything, from installing Linux to
installing the software and
configuring the drivers. This is by
far the most complete, well written
'wireless' how-to document on the
web.
http://www.justvb.net/it/