Wireless Networking - What others can see
You have now been introduced to John Hancock. He is among the millions of people each year who now use the comforts and benefits of wireless networking to ease his life. You may already know him, or someone like him. He has a high speed internet connection at home, purchases a new laptop, and decides to take advantage of the wireless technology. Along with being able to use his new laptop wirelessly at home in any room or outside, he can also take it to places such as airports, restaurants, and "wifi hotspots" and use wireless to search the internet and read email.
Although with the comforts, there are also insecurities. The insecurities are in the local wireless network itself.
In the first article - Wireless Networking - At What Cost? - John took his wireless router out of the box, and was able to plug it in and then use it with a minimal number of steps. The quick and basic configurations were used to get it up and going so he could use the connection fast and easy. He did not need to know anything about security, MAC address filters, WEP, WPA, channels, signal strength or SSID’s (Other than to give a name to his wireless network). It was fast and easy. Within 10 minutes, he had the wireless part of his network working.
What John doesn’t realize is those security features are there to help make his connection more secure from eavesdroppers. As we saw in the story, he made sure that he had firewall protection on the wireless router, so he ignored the Norton Firewall
when it displayed an alert. He was also very particular when giving his credit card information to GoDaddy and the other websites where he paid for a service and created an account. He checked to make sure that the URL went to "HTTPS" instead of "HTTP". As mentioned in the second article Wireless Networking - Where the Insecurity Lies John did not realize that as many precautions he has taken, the one thing he has failed to see was that his own wireless network was the part that was insecure and could leave him vulnerable.
Every time he created an account, used his credit card, searched the internet, sent a password and a username to a website, or even searched on the internet, John put himself at risk. Take a closer look at this picture by clicking on it to see a larger picture.
You can very easily see (by the blue highlight) where I am searching at on Google. Now, keep in mind I was typing things in Google just for the purpose of having them display - such as "this is a demonstration". This picture is a screenshot of a program that can be used to open packets. It took the data going out of my computer and "viewed" it in a raw format before it went to the WAP (Wireless Access Point). Without any kind of security settings between my laptop and the WAP, you can plainly see what I am doing.
Now, imagine John Hancock in the story from the first article (Wireless Networking - At What Cost?). As previously mentioned, he took concern to see that the website itself was secure, but he never though about the information being sent from his computer to the WAP before it even got onto the Internet. If someone had been using a program like I was when I took the above picture, they could have easily gathered some information from him. Not just where he was surfing on the internet, but the MAC address of his wireless card, network information such as the IP address scheme used on the network, the IP address of his laptop (and the association between his laptop and the MAC address), and even possibly credit card information, birthdates information, username and password information for the accounts he set up and the email he checked, as well as what he read in the email. And, that is just the start of what insecurities can be found between the laptop itself and the WAP.
All of the firewalls, anti-virus programs, and security features - such as the HTTPS - have not done John any good at all because he left his wireless connection unsecure between the laptop and the WAP before it even went on the internet. Someone next door, across the street, or even a seat over in a restaurant could have easily gathered John’s information as he used his computer.
Top of the Page Article Series
Wireless Networking Series
- Wireless Networking - At What Cost?
- Wireless Networking - Where the Insecurity Lies
- Wireless Networking - What others can see
- Wireless Networking - Borrowing An Internet Connection
- Wireless Networking - All the Wars
- Wireless Networking - Warchalking
- Wireless Networking - The Wifi Movie
Next: Wireless Networking - Borrowing An Internet Connection
Previous: Wireless Networking - Where the Insecurity Lies
Related Articles on Aleeya.net:
- Wireless Networking - The Wifi Movie
- Wireless Networking - Warchalking
- Wireless Networking - All the Wars
- Wireless Networking - Borrowing An Internet Connection
- Wireless Networking - Where the Insecurity Lies
Recent Entries:
- 07/05/2008: Windows Does not Report All Memory
- 01/01/2008: Firefox 3 beta - Minefield
- 01/01/2008: Happy New Year!
- 01/01/2008: Photoshop Thumbnails (.psd)
- 01/01/2008: Adobe Photoshop CS3 error
Search: Cosmos | BlogPulse
Bookmark: Del.icio.us | Furl It | Spurl | Tag!RawSugar | Simpy This! | Shadows Tag! | Blink It | My Web
Aleeya dotNet Tags: wireless networking, network, opening packets, ethereal, dell, computer, pc, john hancock, mac address filtering, wap, wpa, wep, insecure, firewall
Technorati Tags: wifi, wireless, networking, network, opening, packets, ethereal, dell, computer, pc, mac, wap, wpa, wep, insecure, firewall, norton
Filed under: Internet (Technorati) , Networking (Technorati) , Security (Technorati) , Wireless (Technorati) .
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
This entry was posted on Friday, September 2nd, 2005 at 8:58 am
You can also choose to read Wireless Networking - Where the Insecurity Lies, which is the previous entry, or Wireless Networking - Borrowing An Internet Connection, the next entry.
Top of the Page
December 13th, 2005 at 1:08 am
“All of the firewalls, anti-virus programs, and security features - such as the HTTPS - have not done John any good at all because he left his wireless connection unsecure between the laptop and the WAP before it even went on the internet.”
You would think that someone writting an article about wireless security would know that the HTTPS crt for a major website is going to be signed with a root cert. This makes it impossible for anyone to alter that data connection between the HTTPS server and the computer from which the HTTPS connection originated without changing the cert in the key exchange, and even if you did that the browser would tlel you that the cert was selfsigned and could be compromised (but then again who the hell reads those?). And they would need to do ARP spoofing to modify the traffic which is stopped by many firewalls (see zonealarm for example).
Basically you could use HTTPS from the most insecure network ever (proxy anyone?) and you would still be guaranteed a secure connection so long as the computer you are operating from does nto become compromised and the root cert doesnt get in the wrong hands.
December 13th, 2005 at 2:30 am
Yup, that’s scary. At least have a mac filter on your router!
December 13th, 2005 at 7:36 am
mac filters still dont stop someone from being in adhoc scanning mode… you can still manage to ‘pick up’ the information even if it is wep encrypted…. similar to mobile phones… hell there are police scanners which can listen in to your conversation - look how widespread both items are. there has always been insufficient security to guard all forms of communication. but it is not all about obtaining the information. most times it is harder to plan when you have to be within range and at what time and place you have to be in to get the information that you want. everyone has stumbled across information of some kind that they werent meant to see. but what good is information in the end if you dont know how to use it!
December 13th, 2005 at 8:35 am
good sh*t dude