How's this topic for an introductory subject? There are often times when I'm explaining something about computer technology to another person where I have to stop and do a reality check. Let's face it, we're not all computer experts/engineers/techs. I've spent many years involved in PCs and security-minded when it comes to configuring things, and I still cannot honestly tell you I know everything about anything. One thing I imagine that gets a ton of blank stares is explaining home wireless network security.
Say you are a regular computer user. All you want is something you can plug in and have it work right off the bat. I don't blame you. How much time during the day does a person have to sit down and fiddle with settings, learn tech terms, and just overall want to deal with a part of their life that would otherwise be spent doing something like surfing porn or entertainment weekly? The problem is that pulling your wireless router out of the box and plugging it in without giving any thought to security is akin to inviting a crack-head homeless man into your home to help you unwrap your expensive wedding gifts. I'm for free love and trust amongst neighbors and all that jazz, but would you really let anyone fumble around in your underwear drawer from off the street? I didn't think so.
WEP, WPA, WAP, SSID, Remote Access, 802.11 a/b/g, bluetooth, wifi, Broadcast range, channels, Authentication, default password, firewall, NAT, MAC address filtering, Wardriving, Net Stumbler, aircrack. What the hell is all that mumbo jumbo? You'd figure that something a person could just pull out of a box and plug into their home network would be far more understandable than this geek speak garbage. You would figure that there would be much easier to understand instructions, or a seperate manual in the box that describes proper security practices for home wireless network connections.
Often wireless manufacturers include a small flyer reminding you to change the default log-in password. Although sound advice, they really don't go into details as to how exactly to accomplish that goal. Not to mention there is no explanation as to the reason why you should change this password. If I found one of those pieces of paper in the box as a typical user. I would probably discard it thinking that it was just like all the other similar spam that comes inside electronic packaging these days. As a computer geek/nerd/fool, I open quite a few boxes of electronic goodies. I remember one time I discovered an insert marked ATTENTION!! in bold red words. Thinking that it was a security advisory, I continued to read about how the purchase of this product entitled me to $5.00 off some crummy software. Oh joy! Marketing people are brilliant. Desensitize the consumers even more towards reading the important inserts.
The reason I'm making this a multi-part blog, is that wireless technology is quite complex and confusing. In this first post, I'll define all those words above (hopefully in an easy to understand way). The second part to this blog will go over exact settings that you should put in place to make your wireless connections as safe as it can be. I have to insert a frustrating disclaimer here, and that is to keep in mind that "safe as it can be" has been inserted for a very specific reason. You can never be 100% secure when it comes to this stuff. Bad guys are constantly looking for ways to bypass/break/utterly destroy the system. What are secure best practices today, can easily become laughable the next day. I apologize for that, but that is the way it is and there's nothing you or I can do about it. Save throwing all your electronic devices away and living with the Bushmen. But at that point you have to worry about malaria, polluted water, being exposed to the elements, and never having an iron around when you need it.
So without any further pomp and circumstance, I present you the definitions.
WAP, Hotspot, Wireless Router: These terms are generally interchangeable as long as you keep it non-technical. WAP stands for Wireless Access Point. The term hot spot is generally used when you are connected to someone else's wireless connection .i.e Stabucks, Hotels, Colleges. Wireless Router is what you purchase and install in your own home to provide wireless access. These are all terms for points of entry where wireless networking is concerned. It is the brains and hardware behind allowing you to watch youtube videos while you are outside spying on your neighbors. Some familiar names in the industry are Linksys, Belkin and Dlink, if you are especially loaded and are running some type of MMOG gold farming sweatshop in your basement, you may even have a Cisco WAP. Some brands of wireless routers are so popular, setting up your router can lead to some confusion. The reason for this confusion is that routers come to your home set to factory defaults. Factory defaults is just a fancy way of saying that they are all configured the same way. That's right! Every single Linksys WRT54G model router has the exact same Username and Password. There are lists out there of these passwords. Which means that some schmuck off the street can drive up near your house, log into the router and lock you out of using it. More on this later.
SSID: Simply Seductive Indoor Diaper? Store Supper In Disposal? Good guesses, but not quite. SSID stands for Service Set Identifier. SSID Is the Marco Polo of the wireless world. It continually shouts out "Marco!" and your laptop climbs out of the water and heads over to the lounge chair and giggles as the poor access point struggles to find it. Okay, not quite. The SSID is the signal sent out into the open air that broadcasts its existence. There are also lists for default SSID broadcasts. If you have a laptop with wireless enabled, sometimes you might see a little pop-up bubble in the lower right-hand corner of your screen that says "Wireless connection found." This is because your laptop discovered a WAP with SSID enabled. The SSID forms part of what us geeks like to call extending a handshake. And it is just like it sounds.
"Hi there, I'm Wireless Access Point!"
"Pleased to meet you WAP, I'm a wireless enabled laptop."
802.11 a/b/g/n, wifi, bluetooth, Airport Extreme/Express: These are wireless standards, and wifi is actually the same as 802.11 a/b/g/n, and Airport Extreme is actually 802.11n. Confused yet? Yeah me too. I once failed miserably a job interview when I couldn't name the different speeds and ranges for 802.11a, 802.11b, 802.11g, 802.11n. That's the sort of thing you can easily reference online if you really want to know about it. But if you're being chased down by a lion, spouting off useless terminology is not really going to save your life now is it? What is a standard? If you think all that crap listed above is confusing, if there were no standards; trying to figure out wireless communication would be like row-boating backwards up a cattle ramp, while figuring out every palindrome in the English language. I don't want to get into too much detail about what each term means. But the idea is that a, b, g, or n all refer to various ranges and speeds of connection. Bluetooth is not the same thing as 802.11 a/b/g/n, it is shorter range and is only currently useful as communication devices. Wireless headphones, ear pieces, keyboards, mice that sort of thing. wifi and 802.11 a/b/g/n are the same thing. Airport (n) is Apple's naming convention for their own wifi, and is generally interchangeable with any of the letters listed after 802.11. I apologize, it's all very confusing and there is no real way to simplify it. 802.11 g is the most popular WAP out there, with 802.11 n being the latest and greatest out to the consumer. If you've purchased a WAP or are thinking about purchasing one soon, these will be the two standards you see the most.
WEP: Stands for Wired Equivalent Privacy. In older wireless devices security was kind of a thing thrown in as a second thought. Sort of like the way a man has no problem throwing a red shirt in the wash with socks until after the damage has been done. In the security world WEP is the red shirt (If you think about it, this could have Star Trek connotations as well). Unfortunately it is also the most highly recommended way to "secure" your wireless network. Usually in most wireless interfaces it asks for you to put in a word or two, and it then outputs three seemingly random codes. When you connect a wifi device into a WEP secured WAP, it will ask you to input one of these codes in. The problem is that it ends up being about as secure as a chain lock on a door.
WPA: Wi-Fi Protected Access. This is WEP's big brother. More secure, but unfortunately not built in to many network appliances. (Nintendo's DS and Wii both can only authenticate using WEP, forcing users to downgrade their WAP to WEP). One of the advantages of WPA is it allows for far more digits in the authentication key. We will get into this later.
Broadcast range: Remember earlier where I failed to simplify the wireless standards? Broadcast range is one of the variables between different standards. It merely means the range at which a WAP can send out a signal. Imagine a cloud around the access point. As you increase the broadcast range, the cloud grows out larger. A large broadcast range is helpful for large houses, or people who want to use their computers in the front or back yards (why anyone would want to use a computer outside instead of enjoy the weather is beyond me). Having a large broadcast range isn't always the best thing, if you live in California with their small, overpriced, lots you could be potentially sharing your Internet access with 40 families. Of course those 40 families live in one house, as that's the only way you can afford to live here these days.
Channels: Wireless Access Points share many of the same frequencies with other appliances in the home. Your Microwave, cordless phone, and mother-in-law all give off radio waves that interfere with your wireless connection. Although you can send the mother-in-law away to a care home, tossing out your cordless phone or microwave is probably too much for you modern suburban trailblazers. When you get crummy reception on your cordless phone, you probably have noticed that you can switch channels within your gHZ band. This same concept applies to your WAP. Some of the newer technology will actually switch channels on the fly once it detects a drop in quality.
Wardriving, Net Stumbler, aircrack: These are terms in the bad guy realm, although they are also legitimate tools and techniques to assess your own security at home. Wardriving is based off of the old school term Wardialing. There is where a computer would dial sequential telephone numbers until it came across a computer that would answer the telephone. In wardriving, a person will drive around with their laptop and discover WAPs that broadcast through SSID. With a bit of common sense and a few tools such as Net Stumbler a wardriver can determine how secure your wireless network is and possibly access your router and change settings. Net Stumbler is a tool that identifies WAP signals and attempts to give as much information about them as possible. Aircrack is software that is designed to break WEP encryption after a certain amount of data has been captured.
Firewall, NAT, MAC Filtering: Once again I put these all together. These are some of the good guy technologies. Firewalls and NAT really don't apply much to WAP security. But I'm all about balance, and wanted three good technologies to balance out the bad. MAC stands for Media Access Control. Without getting too technical this is the fingerprint of a computer. Every network device has a MAC address. If you want to see your particular computer's address (Windows users) Click Start/Run next to Open: type in cmd. This will open a black window on your screen that us geeks call the command prompt. If you type in ipconfig /all and press enter a bunch of stuff will flash on the screen. One of the categories will be "Physical address" you'll see six groups of numbers/letters separated by hyphens. This is your computer's unique fingerprint. MAC filtering basically works as an access control list (we'll talk about these at a later date) that is MAC address specific. You can select to allow only certain numbers (like the one you see in the command prompt) and access to the WAP will only allow those specific devices. I probably lost some readers with that last sentence. So I'll say that MAC Filtering allows only computers with certain fingerprints to gain access.
Well there you have it. Not too painful I hope. For my next posting, I'll show you what to enable and disable in order to keep your wireless safer than average.
2/3/08
Welcome
Greetings everyone. Are you tired of geek speak when trying to secure your computer? Don't know virus definitions from a hole in the ground? Do you think WEP is something you do when you're sad at weddings? You're in luck! With this blog, I will start to outline the basics of computing security. I will address issues such as social engineering, computer hardening, common scams, and what to look out for on your web browsers to avoid being phished. And if you have no idea what any of these words mean, I will also define them in easy to understand terms.
My goal is to make the computing world safer for everyone. I don't do this for fame, fortune, or the babes. I'm just a guy who works in network security that wants to share as much as possible with anyone lucky enough to come across this blog.
My goal is to make the computing world safer for everyone. I don't do this for fame, fortune, or the babes. I'm just a guy who works in network security that wants to share as much as possible with anyone lucky enough to come across this blog.
Subscribe to:
Posts (Atom)