Get web hosting at Hostgator

Security versus the Open Wireless Network

 
 

After a recent email newsletter article on securing your wireless network, Clif (of the Clif Notes Newsletter that I enjoy) wrote to yank my leg a little and to ask:

Hi Terry,

I appreciate your tips on securing the router. Most of the wifis in my neighborhood are wide open. That's nice when my cable goes out and my neighbor's dsl is still running ... I just hop on the neighbor's wifi for a quick ride. Do you think I should tell them? <grinning smiley face>

I use a different method to secure my wifi. I use a "trusted stations" list in my router that only allows PCs with a MAC address that I've entered there. My network looks wide open, but they can't log onto it.

How does that sound?

Clif

Clif already knows my thoughts about open networks and why they should be closed — that's why he included the grinningg smiley face. While an open wireless network can be handy for use by others, there are security risks for both the network operator and the person connecting through the open network.

For the person with the open wireless network, allowing others to use your wireless connection may seem a friendly thing to do. Consider, though, that everything they do through your wireless network will show up as your IP address. If the visitor sends spam, it tracks back to your ISP connection. If he uses your connection to attack other computers, same thing happens. And, if he uses your wireless connection to upload music files, guess who the RIAA is going to sue...

For the person using someone else's wireless network, are you really sure you can trust it? How secure is the data you transfer? When you check your email account, your user ID and password are almost always unencrypted when sent — very few ISP's allow encrypted connections for checking email. What's the impact? The unscrupulous network operator now has a user ID and password that can be used for spamming.

What about web surfing? If the network is using a poisoned domain name server cache, you can end up going to the wrong web sites...

Regarding Clif's second question (using only the MAC Address filter, but no encryption), yes, it is an approach, but as with all of the pseudo-secure systems for wireless, it's not really secure.

The MAC address is broadcast in the clear. Someone would have to be sniffing your broadcasts while you had our wireless turned on from your notebook. Store a few hours of data and let the analytics run - and they've found the MAC addresses.

It's a valuable feature, but just not the only one that you should be using. I use that feature plus encryption at the maximum level supported by the hardware I use. Of course, If I had a wireless printer that only did WEP, my best move would be to throw it away rather than degrade my network's security to WEP.

To see just what data is easily available from wireless networks, you can download Ethereal (free). THen, monitor your own wireless traffic (so you know what you're typing and can see what it finds and identifies. You'll be amazed — and shocked at how much of the analysis is automated.

 

Copyright © 2008 Terry A. Stockdale. All rights reserved.


 

Thank you for visiting my site — I hope you found the site and articles helpful. If you did, please consider supporting my efforts by making a purchase (if you have one to make) via one of the links in my articles, one of my recommendations, or in my "Ads by Terry" to purchase the item. You can also shop via these links to major Internet retailers
Amazon.com, Buy.com and NewEgg.com or this Shopping page...

TerrysComputerTips.com
Contact | Join Mailing List
Hosted at HostGator Copyright © 2005-2010 Terry A. Stockdale. All rights reserved.
Terms & Conditions Disclaimer Privacy Sitemap





Terry's Computer Tips - computer tips articles and newsletters
Subscribe to my free
Terry's Computer Tips
email newsletter.
 Your Name: E-mail Address: