Subscribe

0

Advertisment
Features

Attention all Wi-Fi Users!

author-image
DQI Bureau
New Update

The term War driving has recently made entry guard into public usage and
popular parlance thanks to newspapers reporting on the subject of Wi-Fi security
in a big way. War driving is the act of searching for Wi-Fi wireless networks by
a person in a moving vehicle using a portable computer. The serial blasts that
occurred in several parts of the country further highlighted the importance of
security for Wi-Fi networks when it became clear that terrorists had hacked into
a Wi-Fi network to send terror emails much before the actual blasts.

Advertisment

Also, recently there was a case involving theft of over 2,000 patient records
containing everything from social security numbers and credit data to highly
sensitive medical information at a clinic in Raleigh, North Carolina as
hospitals often use wireless networks to transmit data from the bedside to
central servers.

Thus Wi-Fi can easily be misused not only in sending and/or receiving illegal
information, such as spam, music files or even pornography on the one hand but
also comes handy for terrorists lurking on a wireless local area network with
sinister motives of executing subversion without leaving a trail of their
actions on the network.

Advertisment

The Risk Scenarios

While Wi-Fi makes information much more accessible and does away with the
complexities of wiring and cabling, it brings along with it a plethora of
security issues that need attention. Whereas wired networks send electrical
signals or pulses of light through cable, wireless radio signals use radio waves
to access the Internet by everyone within range and are naturally easier to
intercept. So, special precautions need to be taken to ensure that those signals
cannot be intercepted through the air.

Home Wi-Fi Networks
Home Wi-Fi networks can have ranges of about 300 feet in normal conditions,
which can give easy access to several neighbors in the network. For home
users precaution must be taken to keep their Wi-Fi off limits to intruders.

Precautions

Use of encryption: All access point equipment comes with some form of
encryption technology that limits access to the Wi-Fi. Care should be taken
to use latest encryption technologies like Wi-Fi Protected Access (WPA).

Home users need to use at least the Pre Shared Keys (PSK) to protect
access to their Wi-Fi access point.

Change the default network name or SSID: There is a name assigned
for each WLAN most commonly called Service Set Identifier SSID or Network
Name. War drivers look for SSIDs being broadcast by wireless LANs, then
set that SSID on their client to attempt to join that WLAN. Pre-defined or
default SSIDs again use simple words which are very easy to hack into. To
improve the WLAN security, especially for a home user, it will help to
change the default SSID to a different name when configuring wireless
security on the network.

Stopping SSID broadcast for home: In Wi-Fi networking, the
wireless access point or router broadcasts the network name (SSID) over the
air periodically. This feature was designed for businesses and mobile
hotspots where Wi-Fi clients may roam in and out of range. For home users,
this roaming feature is not needed as it increases the chances of someone
trying to log in to the network.

Enable firewall features of the access point: Modern network
routers contain built-in firewall capability, but the option also exists to
disable them. This should be enabled and updated as it forms the first line
of defense.

Enabling MAC address filtering: Most Wi-Fi access points and
devices come with a feature called MAC address filtering. This feature in
most cases is not configured as it involves effort on the part of the user.
It is strongly recommended to enable and use MAC address filtering to
improve the security of home users. The access point or router performs an
additional check on a different parameter that reduces the likelihood of
network break-ins.

Turning off access points when not in use: Though it will not be
practical to switch off the devices often but is always advisable to do it
during travel or extended periods and curtail exposure.

Safe positioning of access points: Although of limited help, one
should always try to position Access point devices near the center of the
home rather than near windows to minimize Wi-Fi signals leakage.
Corporate Wi-Fi Network
Corporates not only risk losing their information assets but also expose
themselves to legal risks on not complying with adequate security on account
of their employees accessing unsecured Wi-Fi networks.

Regular change
of administrator passwords & usernames: For all access points in WLAN,
there is an administrative account for access to the configuration utilities
with a username and password. Mostly the access points/routers/devices come
preset with the manufacturing company having set the username and password.
Therefore there is need to change password and username immediately after
installing the unit.

Enabling MAC-address filtering: In case of WLANs in corporate
networks, administrators must configure a list of clients that will be
allowed to join the network by MAC addresses of each client. Once enabled,
whenever the wireless access point or router receives a request to join with
the WLAN, it cross checks the MAC address of that client against the list.

User identification as a critical security measure: Many
corporates fail to identify the internal users within their security
framework. They function on the basis of the IP addresses of the user PCs.
In the absence of user identification, if the corporate Wi-Fi has been
accessed by an intruder, the security devices in place would allow the
intruder to access the Internet through the corporate network.

Hotspot Wi-Fi security: The major concern of users at Wi-Fi
hotspots is security. WEP and WPA used in protecting private wireless
networks, arent implemented.

Precautions:

Avoid connecting to open Wi-Fi networks: Connecting to an open Wi-Fi
network such as a free wireless hotspot or a neighbors router exposes the
computer to security risks.

Use caution while at public hotspots: When using an unsecured
wireless network, such as a hotspot in a hotel, cafe, airport or any other
public location, one should avoid working with sensitive information
regarding financial transactions, identification detail and other important
information.

Cyberoam is a key player in the network security area and has expertise
and experience in providing network security to businesses across the globe.
The security issues related to WLAN are of special concern to Cyberoam.
Cyberoam believes that emphasizing on user education and awareness, goes a
long way for a safe surfing experience in a Wi-Fi setting.
Advertisment

In unsecured WLAN environments, any hacker can gain access to the internal
network leading to data loss and theft through eavesdropping, interception and
modification of data in transit, spoofed e-mail messages for social engineering
and malware insertion attacks, service disruption and bandwidth loss etc.

With Wi-Fi being increasingly deployed in homes, corporations and in public
locations, security needs to be geared up to ensure safe Internet access. Some
of the methods mentioned below are geared towards augmenting Wi-Fi security in
different settings of Home, businesses and Hotspots.

Hemal Patel

maildqindia@cybermedia.co.in

The author is CEO, Cyberoom (Elitecore Technologies)

Advertisment