Wireless Internet security - are YOU the weak link ?
Whilst driving into work the other morning, a journey of just 25 miles from Abergavenny to Abercynon, using my WiFi equiped Windows Smartphone, an inexpensive Bluetooth GPS receiver and some free software I found and geo-located over 200 wireless access points. Of these, around 20 were unsecured. If I was one of these 20 people, I’d be worried, very worried. Let me tell you why.
There’s no doubt that the widespread availability of broadband Internet connections combined with a push by the Internet Service Providers (ISP’s) to get people to upgrade to wireless networking products has resulted in a massive increase in the number of Wireless Access Points around us everyday.
Should their owners be worried ? After all, if the computers that are connected to the wireless router are protected by anti-virus software and a decent software firewall then they are protected aren’t they ?No !
When you switch on your computer and search for a Wireless Access Point at your local coffee shop you’re looking at access points that advertise their SSID - this is the name that the person setting up the router gives to their router so that they can pick it from a list.
Shear laziness means that many peoples chose their make of router e.g. Netgear or Linksys, their family name e.g. the Jones or even their house name or number. Apart from telling people exactly where they live, using such an obvious SSID can tell a hacker what make of router is being used to connect to the Internet.
Why does this matter ? Because, again, sheer laziness means that many people will not have changed the default administrator user name and password for the router. You see, these days, hackers are not so interested in attacking computes but the infrastructure.
If I sat outside your house connected to your unencrypted Wireless connection which was advertising itself as a Netgear router and you hadn’t changed your default administrator password then it would take literally seconds to connect to your connection, log in to your router and change the DNS settings.
For those that don’t know, the DNS settings point to the name servers used to translate human readable Web addresses such as http://www.opportunitywales.co.uk to the machine readable version: 208.97.157.151.
By replacing your DNS settings with mine I could intercept all of your requests to Web sites and if I saw anything particular interesting, such a request to access any of the UK’s online banks then I could theoretically intercept your login details.
I bet you’re worried now ! So how can you protect yourself ?
Well if you must have an unencrypted connection at least restrict access only the devices that you want to allow by specifying their MAC addresses and denying access to all other devices. (On Windows, to find your MAC address open up a Command Prompt and type ‘ipconfig /all’ and hit return. You’re looking for the ‘Physical address’ e.g. 00:13:CE:10:C7:67).
Change the SSID of your wireless router to something obscure like your favourite football team or your favourite holiday destination. Better still, hide it completely.
Don’t forget to change the administrator password for your router from the default one to one containing some punctuation, upper and lower case and some numbers. These will make it much harder to break than simply using a word that is contained with a dictionary.
And if you can, switch on encryption. WEP (Wired Equivalent Privacy) is better than nothing but can be fairly easily broken. A better option would be to go for one of the flavours of WPA (WiFi Protected Access).
Take these simply steps and you’ll find that your Internet connection will be as safe as it is realistically possible to make it. If you don’t then you run the risk, however slight, of being compromised at some point in the future.
Tags: Security, war driving, wep, wifi