You’ve set up your wireless network. You’ve been good, too – you gave your router a unique ID that won’t be easily mixed up with other wireless routers and you have secured the network with a password so not just any passer-by can piggyback off your network as a means of downloading South Park episodes. You don’t have to worry about hackers now, right?
Well, not so fast. Although you’ve taken the basic steps required you still need to be aware of some hacking methods that can be used to gain access to your network despite the safeguards you have in place. You also need to be very wary whenever you are using a wireless network that is not your own.
Let’s take a look at the techniques hackers use when hacking wireless networks and what you can do about it.
Sniffing
The simplest of all attacks, sniffing is the simple process of intercepting wireless data that is being broadcasted on an unsecured network. If you are at home, and your network is secured, you don’t have to worry too much about sniffing attacks. However, most networks that are in the wild are not secured, including many of them at hotels and coffee shops.
It is easy to take a “It won’t happen to me” attitude, particularly when you’re using the free WiFi at a favorite coffee haunt. Here’s the thing – the sniffer may not be one of your coffee sipping cohorts. Sniffers can just as easily be somewhere outside of the shop, merrily picking information off the airwaves. There is even an activity known as Wardriving that involves driving around a city picking up wireless data.
Google was recently busted for this activity when it was revealed that some of their Google Maps vehicles had also been picking up data from unsecured wireless networks as passed by. Google claimed it was accidental and that they meant no harm. Most Wardrivers also claim to be benevolent, often stating that they’re only trying to map out wireless networks. Still, it is easy to see how a malicious person could use this technique to try and steal sensitive data.
Full protection can only come from not using unsecured wireless networks. That may not be practical however, so your second best defense is to be careful about what information you send on an unsecured network. Before entering any information, be it a password or a comment on a blog, ask yourself – would I care if a stranger obtained this information?
Spoofing
If you’ve set up a wireless network you’ve probably noticed that your computers no longer need to be told to access your network. Instead they access it automatically as soon as they move within signal range.
This is a very convenient feature, but it is also prone to exploitation. Hackers often attack a wireless network by simply creating a new network with a stronger wireless signal and a copied SSID in the same area as a legitimate network. This causes unsuspecting computers to automatically connect to the spoofed network instead of the real one.
Setting up your computer’s security settings so that it does not automatically connect to networks is the best way to counter-act this threat. You can also try to protect your home network by using a free network mapping tool like Spiceworks. A sudden change in your network map is a sign your wireless network may is being hit by a spoofing attack.
Encryption Cracking
In a perfect world, you could set up your wireless network with an encryption key and be protected for life, but the real world simply doesn’t work that way. As encryption keys become more advanced hackers also increase their skills and develop new tools for penetrating even well protected wireless networks.
There are numerous ways to crack a wireless network’s encryption, but even simplistic methods can work. The website WPA Cracker, for example, can be used to hit a network with a brute force dictionary attack that simply throws random words at a secured wireless network to try and crack it. This method can take a long time, and sometimes requires luck on the hacker’s part, but it is often effective.
The first step in protecting yourself people hacking wireless networks is to use WPA encryption. WEP, the older encryption technology, has been completely de-constructed by hackers and is now considered quite easy to crack. The second step is the use of a long, highly randomized encryption key. Long, random encryption keys are a pain in the butt to remember, but they’re much harder to crack.
0 comments:
Post a Comment