0
ChasingBlueSky

For the Geeks - Wireless Security

By ChasingBlueSky, in The Bonfire

Recommended Posts

ChasingBlueSky    0

ChasingBlueSky
I've been reading up a bunch on WEP 128bit and how easy it is to hack.

Is WPA Pre Shared worth turning on?

I realize I could set up a Radius server - but I just don't feel like it.
_________________________________________
you can burn the land and boil the sea, but you can't take the sky from me....
I WILL fly again.....

Share this post

Link to post
Share on other sites

ChasingBlueSky    0

ChasingBlueSky
I realize most of it sucks - and if someone really wanted to sit outside my apartment for a day sniffing packets so they could spoof my MAC....I doubt I have the skills to block them other than pulling the plug.

I'm trying to stop the average hack from getting into my net.
_________________________________________
you can burn the land and boil the sea, but you can't take the sky from me....
I WILL fly again.....

Share this post

Link to post
Share on other sites

PhillyKev    0

PhillyKev
  Quote

I realize most of it sucks - and if someone really wanted to sit outside my apartment for a day sniffing packets so they could spoof my MAC....I doubt I have the skills to block them other than pulling the plug.

I'm trying to stop the average hack from getting into my net.



Well...if you're just worried about someone looking for hotspots and then using your internet connection, enabling WEP authentication will do the trick. Guess it depends on where you live and what you keep on your machine.

IMO - no business should use it. No one in densly populated areas should use it. If you live in the burbs, you'll probably be fine.

Share this post

Link to post
Share on other sites

PhillyKev    0

PhillyKev
Depends on what your hardware supports. WPA is newer and supposedly more secure, but my understanding is that a lot of the WEP vulnerabilities still exist if the hardware manufacturer didn't take certain steps.

In other words. If you're really worried about security....do a lot of research. If you're realy REALLY worried about it, don't go near wireless. I chose the latter, so I'm definitely not the expert on this. I'm waiting for the experts to tell me it's safe, then I'll do the research myself to confirm.

Share this post

Link to post
Share on other sites

Clownburner    0

Clownburner
Here's the scoop:

Wireless security isn't.

But you're not building missles.

If you've got _any_ access control, even WEP, it's usually not worth bothering to 'crack' into your network, because the odds are you have a neighbor who isn't using any and is an easier target. Remember the old saying: If you and your friends are being chased by a grizzly bear, you don't have to outrun the bear, just your friends. :)
At my house, I have three neighbors who's networks I can see; none of them have any security at all, and two of them are using default SSIDs. If I was wardriving the neighborhood, I sure as heck wouldn't bother with trying to break into a secured network when I could just walk onto one of those instead.

If you're paranoid (I am), you can 1) use MAC filtering, 2) Turn on WPA (which is just WEP with rotating keys) (and even just WEP is good enough for most people), and 3) Disable SSID broadcasts. This makes you hard to find (without SSID broadcast most wireless 'sniffers' won't find you at all) and if they do find you it's a hassle to break in, so it's hard to imagine someone bothering. It's not an impregnable fortress, but it's usually more trouble than it's worth.

Remember that security is a balance: You have to weigh the risks against the value of your assets. If what you're protecting is your quicken files and a DSL internet connection, you won't have highly-funded government intelligence organizations or international cartels trying to break in. And if someone like the NSA really wants in, you're NOT going to keep them out, even if you don't have wireless at all.

It's worth it. Wireless (especially with a laptop) is cool. I love surfing from my couch. B|
7CP#1 | BTR#2 | Payaso en fuego Rodriguez
"I want hot chicks in my boobies!"- McBeth

Share this post

Link to post
Share on other sites

ChasingBlueSky    0

ChasingBlueSky
Curious - I have my SSID broadcast off, but I can still see it on Network Stumbler (no, it is not default SSID).

Now, I am running Stumbler from my laptop - the only place I have wireless access for the moment. Do you think that is why it can see the SSID?
_________________________________________
you can burn the land and boil the sea, but you can't take the sky from me....
I WILL fly again.....

Share this post

Link to post
Share on other sites

PhreeZone    20

PhreeZone
One other thing you might consider doing is reflashing your hardware with the firmware from a country in Europe since they have a slightly larger range of frequencies that they are allowed to use for 802.11b/g. If you hide your hardware in this upper range that very few people have enabled on theirs then you just hid from a large majority of the wardriving kiddies.

If they can't see you, they can't stumble you.

If some one does find you with an out of local frequency and sniffs your WEP key over WPA and spoofs your MAC addy... buy them a beer and invite them in for dinner ;)
Yesterday is history
And tomorrow is a mystery

Parachutemanuals.com

Share this post

Link to post
Share on other sites

Clownburner    0

Clownburner
I'm not too familiar with netstumbler on Windows. If it's piggybacking on the windows drivers, it may 'automagically' find the network that's alreadyassociated. You could try unconfiguring your wireless and then running it to see.

According to the docs, it _shouldn't_ find the network if broadcast SSID is off.. perhaps your AP needs to reboot before that change kicks in. ;)
7CP#1 | BTR#2 | Payaso en fuego Rodriguez
"I want hot chicks in my boobies!"- McBeth

Share this post

Link to post
Share on other sites

andrewstewart    0

andrewstewart
  Quote

If you're paranoid (I am), you can 1) use MAC filtering, 2) Turn on WPA (which is just WEP with rotating keys) (and even just WEP is good enough for most people), and 3) Disable SSID broadcasts. This makes you hard to find (without SSID broadcast most wireless 'sniffers' won't find you at all) and if they do find you it's a hassle to break in, so it's hard to imagine someone bothering. It's not an impregnable fortress, but it's usually more trouble than it's worth.

Remember that security is a balance: You have to weigh the risks against the value of your assets. If what you're protecting is your quicken files and a DSL internet connection, you won't have highly-funded government intelligence organizations or international cartels trying to break in. And if someone like the NSA really wants in, you're NOT going to keep them out, even if you don't have wireless at all.



Very true. I use all the recommendations you make on my own wireless LAN at my home.

It's also worth noting that, from my personal perspective, the "risk" of someone attacking your WAP and breaking into your network via that route is much less than through conventional channels (i.e. vanilla network connectivity).

I have performed over 100 penetration tests in the last 4 or 5 years and I have broken into over 80% of those companies. In only a few cases did I find that a company had *only* a wireless weakness, i.e. there was always another easier way to access their network.

The threat of someone sitting in a car outside your building is overplayed by the media because it is a populist idea.

My 2 cents.

Share this post

Link to post
Share on other sites

mcrocker    0

mcrocker
  Quote

If you're paranoid (I am), you can 1) use MAC filtering, 2) Turn on WPA (which is just WEP with rotating keys) (and even just WEP is good enough for most people), and 3) Disable SSID broadcasts. This makes you hard to find (without SSID broadcast most wireless 'sniffers' won't find you at all) and if they do find you it's a hassle to break in, so it's hard to imagine someone bothering. It's not an impregnable fortress, but it's usually more trouble than it's worth.



1) MAC addresses can be spoofed very easily
2) WEP/WPA is garbage
3) Sniffing the air (even with WEP/WPA turned on) with a stumbler will give you the SSID in a matter of seconds, even with the broadcast turned off. I stumbled the wireless net in Eloy while I was there and found all the info I needed to break in. I paid the $$ for a weeks worth of access because it was cheap enough and I'm an honest guy.

Doing 1,2 & 3 above is like locking your screen door to your house. It won't stop someone from coming in, but it will guarantee they did it deliberately which might be good if you have to go to court.

If you want true wireless security by a SonicWall WAP. It setups a VPN over the wireless network, you'll need to IPSEC VPN into your LAN. Anyone can get one the wireless but all of the traffic on it will be IPSEC encrypted and they won't be able to get through the WAP/Firewall.

Share this post

Link to post
Share on other sites

ChasingBlueSky    0

ChasingBlueSky
  Quote

  Quote

If you're paranoid (I am), you can 1) use MAC filtering, 2) Turn on WPA (which is just WEP with rotating keys) (and even just WEP is good enough for most people), and 3) Disable SSID broadcasts. This makes you hard to find (without SSID broadcast most wireless 'sniffers' won't find you at all) and if they do find you it's a hassle to break in, so it's hard to imagine someone bothering. It's not an impregnable fortress, but it's usually more trouble than it's worth.



1) MAC addresses can be spoofed very easily
2) WEP/WPA is garbage
3) Sniffing the air (even with WEP/WPA turned on) with a stumbler will give you the SSID in a matter of seconds, even with the broadcast turned off. I stumbled the wireless net in Eloy while I was there and found all the info I needed to break in. I paid the $$ for a weeks worth of access because it was cheap enough and I'm an honest guy.

Doing 1,2 & 3 above is like locking your screen door to your house. It won't stop someone from coming in, but it will guarantee they did it deliberately which might be good if you have to go to court.

If you want true wireless security by a SonicWall WAP. It setups a VPN over the wireless network, you'll need to IPSEC VPN into your LAN. Anyone can get one the wireless but all of the traffic on it will be IPSEC encrypted and they won't be able to get through the WAP/Firewall.



Interesting approach. I've played around with IPSEC for secure connections while I was training for my MCSE - never used it in on a real LAN. Will all the PCs in the net need IPSEC or just the Wireless accounts?

I'm guessing that setup is just to protect your data, but not to prevent anyone from snagging some free bandwidth.
_________________________________________
you can burn the land and boil the sea, but you can't take the sky from me....
I WILL fly again.....

Share this post

Link to post
Share on other sites

mcrocker    0

mcrocker
  Quote

Interesting approach. I've played around with IPSEC for secure connections while I was training for my MCSE - never used it in on a real LAN. Will all the PCs in the net need IPSEC or just the Wireless accounts?

I'm guessing that setup is just to protect your data, but not to prevent anyone from snagging some free bandwidth.



Yes, all machines would need an IPSEC client to establish the VPN with the WAP. the WAP has a built in firewall which won't allow non-IPSEC traffic through it. With this setup, people could still hack into the wireless and eat up wireless bandwidth but they wouldn't be able to pass traffic through the WAP so they wouldn't be able to steal any Internet bandwidth.

Wireless is insecure, there is really no way to make it secure so treat it like you would the Internet. Firewall it from your secure LAN and VPN over it. The SonicWall is just a WAP with integrated firewall. I think Cisco makes a similar product.

Share this post

Link to post
Share on other sites

SkyDekker    1,465

SkyDekker
I ahve my wireless network at home set up with MAC filtering and supposedly it will only recognize my lappie. I understand MAC can be pretty easily spoophed. If someone wants to sit outside my house and do that, go for it. I really don't have much to hide. If I did it would be encrypted on my hard drive anyways.

Share this post

Link to post
Share on other sites

ChasingBlueSky    0

ChasingBlueSky
I use the Linksys WRT54G - it is a 4-port router with a WAP. It does have a firewall built in, and some basic VPN as well.

For now, I will do with MAC filtering and WPA. I will look into IPSEC and VPN a little later. Need to brush up on those skills
_________________________________________
you can burn the land and boil the sea, but you can't take the sky from me....
I WILL fly again.....

Share this post

Link to post
Share on other sites

Clownburner    0

Clownburner
Like I said, the trick is not to be invincible, it's just to be create an environment that's more trouble to break in than it's worth.

IPSEC is also full of holes, and is (IMHO) a terrible protocol, inefficient and difficult to set up, and full of 'design by committee' compromises (the most common configurations have more holes than swiss cheese). WEP and WPA suffer from the same problems (and a few others besides), but any of those is better than no encryption at all.

It's a common technical reaction to want to create 'unbreakable' security, but that's impractical in most environments. You need to match your level of security to the assets you're protecting and the probable threat severity. If you've actually got high-value assets you need to protect, you don't use wireless at all. In fact, you're better off not connecting to the Internet. :)
7CP#1 | BTR#2 | Payaso en fuego Rodriguez
"I want hot chicks in my boobies!"- McBeth

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
0
Go To Topic Listing