Wireless Security w/New Router

I finally was able to watch the video, but had problems seeing the screen. As a rundown, just what did the hacking tool do? What kind of a threat would it be to my notebook and would it pose any sort of security threat to my desktops?

Thanks.


John

The supplied security is only going to stop the ones that don't want to connect and use your WAP.

The threat is only there if you did something like share a folder.

Bob

While no wireless security is yet unbreakable, WPA offers you significant advantages over WEP:

IV Length is twice as long and IV values are not replayed
WPA does not directly use Master Keys
Message Integrity Checking is far improved
WPA includes secure key management

So if your router and network card offer it, I would strongly suggest enabling WPA-PSK (pre-shared key) over WEP. It's at least more secure than WEP (which as you saw in the video, isn't saying (too) much. But it is the precursor to 802.11i, which will be even better than WPA.

As you all correctly indicated, WEP/WPA, much like locked doors, are only designed to keep honest people out. Anyone who truly intends to break in to your wireless network will indeed do so. What you should aim to do is make it hard enough to do that the casual hacker won't be able to do it in 10 minutes like the guy in the video. WPA will provide that level of security.

You also talked about being afraid to do secure transactions over your wireless connection. If the site you are working with is secure (i.e. you see https:// in the address bar, or you see the lock icon on the bottom of the browser window), the data is encrypted end to end from your browser, over your network, to the host computer. This includes the transit between your computer and the wireless router. In short, as long as you're on a secure site, there is not an issue regarding someone seeing your secure-type traffic over the wireless.

"Two NetworkWorldFusion writers pointed out last month KisMAC?s ability in a great overview of WPA?s weakness and the justification for adopting 802.1X plus WPA."

There is a lot of marketing going on in the wireless world. Don't fall for it.

It's broken. Not secure as they want you to believe.

Bob

For most run-of-the-mill routers these days, if they support it, choose WPA/AES. Better yet, if you can, choose WPA2/AES (although WPA/AES is about the same).

The links proclaiming WPA is cracked all seem to say the WPA machines which were WPA/PSK, and were cracked by using a dictionary-type of crack on passcodes that were short words from the dictionary. So if you use a long password full of gobblety-**** characters, you are still very safe. Something like: a3k58f8wey53di238skd3i2201w1 or whatever number of characters you can put in for a max.

Links about it:
http://blogs.zdnet.com/Apple/?p=65
http://www.maisonbisson.com/blog/post/10283/

But I see WPA/AES is not an option in my wifi card and driver.

How to fix that?

Bob

Then I'd say you might want to consider an upgrade, if you're truly concerned about security.

I think with WPA/PSK and a long, jumbled-up code, you're more than fine until we hear different.

In my experiance, most people can't use search engines to their maximum efficency. If you are looking for a 'how-to-hack' guide you need to look past simple blog sites.

First, I am no expert in the matter but the fact is that with wireless networks may be.

A) Encrypted, meaning that to gain access to the data in the stream you need a decryption code and/or algorithm

B) Protected, to procure your own stream you need to meet certain requirements and send it to the router.


Encryptions is just a matter of procuring or generating an algorithm, and protected is just a matter of sniffing out the key.

There IS no 'safe' wireless network protocol because they all involve the transpher of infromation in the open. Getting an encyption algorithm probally is much harder then simply breaking a protection seal, but it is not impossible.

PGP is so good that the US Gov keep dragging its author to court and other places but thankfully it survives to this day.

Research PGP and how it works to see there is hope.

Bob

Hi Bob,
I am confused by your response. To be absolutely sure, is this statement correct:

You also talked about being afraid to do secure transactions over your wireless connection. If the site you are working with is secure (i.e. you see https:// in the address bar, or you see the lock icon on the bottom of the browser window), the data is encrypted end to end from your browser, over your network, to the host computer. This includes the transit between your computer and the wireless router. In short, as long as you're on a secure site, there is not an issue regarding someone seeing your secure-type traffic over the wireless.

Is it a sure thing. This is VERY important. If not, please explain.

Thanks,
Bob

How to exploit wifi. You may be the "show me" type and I'd have to offer exploit with proof for every setup.

If one did post all the exploits in one place then that's the cookbook page.

You are right that https is great but how to get around the evil twin issue?

That one is a stumper.

In closing, I hope you understand that wifi needs a rock solid security solution but various governments don't want it to be that secure. I know this because I was on a team doing 2 way wireless paging.

Bob

Hi Bob,
Actually, all I really needed was a yes or no answer. I'm not a ''show me'' person. I've always found your answers, to my posts, to be correct and insightful. I'm assuming it's a no. I know of but not about the Evil Twin. Time for some in-depth research. Thanks for pointing me in the right direction! The original statement gave me a false sense of security. I apprecite the background material though.

Thanks
Bob

Yes. For most the provided security is good enough.

No. The current wifi security is not good enough for me to do business over any other than my wifi router.

Bob

Hi Bob,

Thanks,
Bob

One Word, Hacking.

Wireless networks increase the chances you will be hacked. Internal Networks are not accessable from the outside, wireless networks are accessable within 'the zone'.

I have wanted to use this link for quite a while

http://www.cs.umd.edu/~waa/wireless.pdf#search=%22Wireless%20Network%20No%20Cloths%22

Now what you should ask is WHY someone would want to hack your net. The answer is simple, simply obserbing over the air transmissions can allow a person to gain access to sensitive infromation (such as your name, credit card, and possibly your SSN).

This, of course, would be infromation gathered though your daily use of the net. Most people have their names associated with their accounts, many people shop online, and some people use online bill paying.

Now before you go proclaiming that it is https remember that this guy is not hacking the WEBSERVER but just listining in to what you are broadcasting.


Now the real issue is the chances that a person would be skilled enough or care enough to try hacking YOUR network WOULD try hacking your network. I guess that it would better depend on where you live...

Personally, I say that the chances are negligable, Identity theft may be common, but getting a wireless network sniffer working and learning how to filter the infromation out takes time. Lots of time...

Eventually people may start making a practice of it, but when can not be said for certain.

Yes HTTPS will encrypt data, but even if your browser encrypts the data it is by far less then what the server encryption is.

Basically, if your browser DOES encrypt the data that means it must recieve a encryption key or generate one. Both of these can be caught durring the transmission.

If the encryption key is generated via algorithm and you are sent the algorithm then all you need is to procure the algorithm and inplement the propper variables.

Let's remind ourselves that in public key encryption, the encryption keys are never exchanged directly between the parties. The keys are generated with a combination of information that is indeed exchanged plus information that is generated locally and kept secret by each party. So even if a "man in the middle" attack sniffs out the info that is traded between the two parties, the keys still cannot be guessed because the eavesdropper cannot determine what info is being held back in secret. That's the miraculous part of the whole affair: that locally-held secret info, together with the info exchanged, can still generate identical keys.

Of course if someone hacks your machine and installs a keystroke sniffer, then you're in trouble. But let's not forget how public-key encryption works: that's the standard for secure browsing.

Yes, made perfect sense. I understand about generating the WEP key, but then it gets foggy. I assume when I try to connect via my notebook that it lets me input the WEP key.

How secure is a D-Link DI-624 High-Speed Wireless Router?

Thanks.

Basically, if you want security it depends on the features, and that is only minimal security at that.

A) WEP or WPA protection is the primary defense
B) Limiting MAC address's. Takes very little time to bypass but it is a 'little more' protection
C) Some routers will allow you to set IP Ranges. (Basically the amount of 'ports' allowed) I am not certain of the weakness' here except that if an additinal person needs to access your network you need to add an extra port.
D) Disabling SSID Broadcast

Note, D can cause issues with older hardware.

Thank for Note D.

In addition, wireless extenders, game wifi adapters (zero config ones especially), wifi cameras and more fail spectacularly without SSID broadcasts.

It's not much of a security leak issue so I only disable it when asked to do so. Also some drivers (even new ones) on some wifi cards fail without it.

This advice in my view has made money for my tech friends as they roll out to fix it.

Bob

Don't know much about MAC addresses. I've determined not to do any secure browsing on my notebook, but I don't know how to determine its address. I see the numerical entry spaces to enter them, but how does one determine a notebook's MAC address?

Again, thanks all. Seems like WAP security is a bit of a oxymoron.

If you want to see the MAC address of any NIC device, wireless or PCI, go to start>run> type cmd click ok, at the command prompt, type without quotes "ipconfig /all" you'll see an entry that says Physical address and a hex address following that. That's your MAC address. It is also on the NIC's themselves unless it's integrated with the motherboard.

Only if a person does not attempt to hack it. I can not say for certain what protocol LinkSys employs but the sad fact is that Wireless protocols are flawed. It can be beat even if it is automatically set up.