Wireless Security

The adoption of wireless devices continues to grow as they become more affordable. The rapid spread of wireless technologies among both business and personal systems has improved interoperability and accessibility. However, this very ubiquity has also led to an increase in the number of threats to computer networks. Wireless technologies have given attackers new ways to steal sensitive information, tamper with business processes, and subvert network security enforcement mechanisms. As new threats and attacks are found against wireless networks, they are addressed with changes and additions to the protocols and standards. This book will introduce the basic concepts underlying the evolution of wireless security-the threats, the exploits, and the remediation strategies.

Read the rest of this entry »

If your neighbours are stealing your wireless connection, you may be able to notify from the logs on your router or  modem.

You might look for logs such as LAN users, connection or status log, or connected MAC addresses. And you can also use a tool to check the IP/MAC on your wireless network IP range.

Verify the MAC addresses

To find out who is on your network, you have to make a list of all the devices that are meant to be connected. Find out their MAC adresses and their IP addresses if they are static.

To find out the MAC and IP address on Windows OS, click the Start menu and choose Run. Type cmd and click OK. In the screen that opens, type ipconfig/all and hit Enter. The MAC address will be shown as the physical address.

Once you know the MAC addresses of each of the computers on your wireless network, you will recognise any addresses that don’t belong under the window that shows the MAC addresses of current clients.

Read the rest of this entry »

WEP (Wired Equivalent Privacy) is a deprecated algorithm to secure IEEE 802.11 wireless networks. Wireless networks broadcast messages using radio and are thus more susceptible to eavesdropping than wired networks. WEP was proposed to give confidentiality comparable to that of a classic wired network.

To address the confidentiality issues of trade wireless networks, the 802.11 standard includes a simple mechanism for encryption of data, it is Wired Equivalent Privacy.

Read the rest of this entry »

Many people setting up WiFi home networks rush through the job to get their Internet connectivity working as fast as possible. This is quite risky as many security problems can result.

Today’s wireless networking products don’t always help the situation as configuring their security features can be time-consuming and non-intuitive. The tips below go over the steps you should take to improve the security of your home wireless network.

• Change the default wireless  settings
  

You can read about changing default setting (username, password ans SSID) here :
http://www.security4wireless.com/always-change-your-wireless-default-settings/

• Enable WPA / WEP encryption

All wireless equipment supports some form of encryption. Encryption technology scrambles messages sent over wireless networks so that they cannot be easily read by humans.

Many encryption technologies exist for Wifi. Of course you will want to pick the strongest encryption that works with your network. However, the way these technologies work, all Wifi devices on your network must share the the same encryption settings. Consequently you may need to find a “lowest common demoninator” setting.

Read the rest of this entry »

Change your default username and password :

Most of wireless access points & routers permit an admin to manage their WiFi network through a special admini account. This root account provides complete superuser access to the device’s configuration settings with a special username and password.

Manufacturers set both the account user/pass at the factory. The username is often basically the word admin or administrator. The password is typically empty (blank), the words “admin,” “1234,” or “password,” or some other simple password.

To improve the security of a wireless network, you ought to change the administrative password on your wireless access point or router immediately when installing the unit.

The default passwords for popular models of wireless network gear are well-known to hackers & often posted on the Net. Most devices do not permit the administrative username to be changed, but if yours does, you have to change this name too.

Finally, to maintain home network security in the future, continue changing this root password regularly, not three times. Lots of experts recommend changing passwords every 30 days. Use words that would be impossible for others to guess.

Read the rest of this entry »

We can classify the attacks into two main groups: passive attacks and active attacks, which are obviously more dangerous.

• Passive attacks:

In a wireless network passive listening is even easier than the media air is hardly controllable.

Often, the radio coverage of one access point goes beyond the private domain of a company or an individual. The passive attack the most common is the search for access point.

This attack (called Wardriving) became the “game” the favorite of many hackers, the access points are easily detected by a scanner (equipped with a laptop WiFi card and special software to search for PA.) These cards are equipped with wifi directional antennas (Yagi type) to listen to the radio traffic at a distance outside the coverage area of access point.

There are two types of scanners, liabilities (Kismet, WifiScanner, prismstumbler …) without leaving traces, virtually undetectable and assets (Netstumbler, dstumbler) detectable when listening, they send out “probe request” . Netstumbler only works on Windows, others work with Linux.

Read the rest of this entry »

This is a list of default usernames and passwords used in wireless routers.

You will know it now.. so don’t forget to change your default user/pass

This list is sorted by vendor and model  of the router.

Let’s start :

Read the rest of this entry »