A few days ago, I found a great article on Techdirt
that I really loved. "You’re Not As Secure As You Think… Except Maybe On Wireless Networks " does a great job of showing an example of how most people believe that wireless networks are insecure by nature, therefore, if the general population believes that, then they are in essence as secure as they believe they are. From all the work with wireless that I have done, I can fully agree with the way this article is presented.
Out of the box, wireless networks are extremely vulnerable and insecure. Through recent studies I have done, I can conclude that over 50% of Wireless Access Points (WAPs) are left with no security enabled - not even MAC address filtering or any type of encryption - WEP or WPA. WEP has been crackable now for a few years using programs like WEPcrack. MAC address spoofing is also easily done by using ifconfig in *nix and a simple registry change in Windows XP. Even WPA PSK has been cracked (WPA itself has not been cracked, but the PSK - private shared keys - is susceptible to brute force and has been cracked). So, when I read the article on Techdirt, I had to completely agree.
But, when I read the original article on Information Week that the Techdirt article referred to, I had to really stop and shake my head. In it, Matthew Friedman reports that Justin Peltier - a senior security consultant with Peltier Associates and leader of Web hacking seminars for the Computer Security Institute - goes on to say that "Properly configures, wireless is actually much more secure than wired networking" and that proper configuration using the WPA PSK has to be turned on to achieve this.
Search: Cosmos | BlogPulse
Submit: Digg This | Shout this! | Slashdot
Bookmark: Del.icio.us | Furl It | Spurl | Tag!RawSugar | Simpy This! | Shadows Tag! | Blink It | My Web
GirlGeekteete dotNet Tags: wireless, security, insecurity, WPA, SSID, WEP, MAC address, WAP
Technorati Tags: wireless, security, insecurity, techdirt, WPA, SSID, PSK, WEP, MAC, WEPCrack
No Comments »
You have now been introduced to John Hancock. He is among the millions of people each year who now use the comforts and benefits of wireless networking to ease his life. You may already know him, or someone like him. He has a high speed internet connection at home, purchases a new laptop, and decides to take advantage of the wireless technology. Along with being able to use his new laptop wirelessly at home in any room or outside, he can also take it to places such as airports, restaurants, and "wifi hotspots" and use wireless to search the internet and read email.
Although with the comforts, there are also insecurities. The insecurities are in the local wireless network itself.
In the first article - Wireless Networking - At What Cost? - John took his wireless router out of the box, and was able to plug it in and then use it with a minimal number of steps. The quick and basic configurations were used to get it up and going so he could use the connection fast and easy. He did not need to know anything about security, MAC address filters, WEP, WPA, channels, signal strength or SSID’s (Other than to give a name to his wireless network). It was fast and easy. Within 10 minutes, he had the wireless part of his network working.
Search: Cosmos | BlogPulse
Submit: Digg This | Shout this! | Slashdot
Bookmark: Del.icio.us | Furl It | Spurl | Tag!RawSugar | Simpy This! | Shadows Tag! | Blink It | My Web
GirlGeekteete dotNet Tags: wireless networking, network, opening packets, ethereal, dell, computer, pc, john hancock, mac address filtering, wap, wpa, wep, insecure, firewall
Technorati Tags: wifi, wireless, networking, network, opening, packets, ethereal, dell, computer, pc, mac, wap, wpa, wep, insecure, firewall, norton
4 Comments »