Page II: Can a Pringles can be used as an antenna by hackers? Answers to this and more in our special wireless guide.
How does public key security work?
The basic idea behind public key security is that every user has two mathematical encryption keys, a public key and a private key. A user's public key is accessible to anyone, but the private key is accessible only to the user. When someone needs to encrypt traffic before sending it to a specific user, the encryption process begins by downloading the user's public key. The public key is used to encrypt the packets, but is useless for decrypting it. The packets can only be decrypted by the corresponding private key, which is only held by the recipient. .
Is it possible for a hacker to attack an access point?
Absolutely. Almost all access points ship from the factory set to use either 192.168.0.0 or 192.168.1.1 as their IP address. Furthermore, the default login credentials are usually Administrator or Admin and -PASSWORD" or a blank password. Of course, the credentials vary among brands of access points, but it is very easy to perform a simple query against an access point to find out its make and model. From there, it's simply a matter of looking up the default login credentials on the manufacturer's Web site. Unless the default password has been changed, the attacker will be able to gain full control over the access point.
Is SSID broadcasting a security threat?
Have you ever tried to connect to your wireless network only to have a neighbor's network show up on the list of available wireless networks? The reason your neighbor's network displayed as an available choice is because SSID broadcasting was enabled. SSID broadcasting causes the wireless access point to tell all available clients the name of the network. If SSID broadcasting is disabled, hackers can still hack the network, but they will have to figure out what the SSID is rather than having it handed to them.
Does MAC filtering work as a security measure?
Many access points allow you to enable MAC filtering so that only clients with specific MAC addresses can connect to the wireless network. MAC filtering works to an extent as a security measure, however, it is fairly easy to spoof a MAC address. You can make it a bit harder by enabling MAC filtering. That way, before a hacker can spoof a MAC address, he must first figure out which MAC addresses are authorized to use the wireless network, which can be done by sniffing packets. So, while MAC filtering will protect you against less skilled hackers, it won't stop a really determined one. It will only slow him down.
Is DHCP a security threat?
Almost all access points have DHCP (Dynamic Host Configuration Protocol) enabled by default so that they will automatically hand out IP addresses to any workstation that connects to them. In a way, DHCP is an indirect security issue because you are simply handing a hacker an IP address related to your network. On the other hand though, most access points will not issue an IP address until a station's WEP (Wired Equivalent Privacy) pass phrase has been verified.
Is signal jamming a security issue?
While there have been a few reports of signal jamming being used as a denial of service attack, signal jamming often comes from other sources. 802.11B networks operate in the 2.4-GHz frequency range. This is the same frequency range used by many cordless phones. It is possible for a wireless network signal to be disrupted by a cordless phone, a microwave oven, or another wireless network. In the past, one solution was to upgrade to a wireless network that used the 5.8-GHz frequency range. However, cordless phones now exist that operate on the 5.8-GHz frequency. Further, the signal from a 5.8-GHz network has a tougher time penetrating walls than the signal from a 2.4-GHz network.
Can adjusting signal strength help secure a wireless network?
When you install a wireless network, it's tempting to use a big antenna and the highest available transmitting power so that everyone gets a great signal. However, it's often better to turn down the power in an effort to prevent the signal from leaving the premises. After all, you don't want people in the parking lot snooping on you.
If I have implemented all of the standard security mechanisms, can I guarantee network security?
Although it's relatively safe to assume that the network will be secure, it's important to put your security to the test through penetration testing. Penetration testing is basically hacking your own network to see if vulnerabilities exist.
Should I use SNMP to manage my wireless network?
SNMP is a double-edged sword. If an access point supports SNMP, then you will be able to manage it in the same way that you would manage any other SNMP-enabled device. At the same time though, if your access point were to be hacked, then the hacker could use SNMP to gain all sorts of information about your network. I recommend disabling SNMP on your access point unless you really need it.
I can't adjust the power level on my access point and the antenna is not removable. Is there any way to help to prevent the signal from leaving the building?
Place the access point near the middle of the facility. Avoid having it near a window at all costs and try not to place it near an exterior wall.
How can I audit a wireless network?
You would audit a wireless network in the same way that you audit any other network. The exception is that many access points also compile logs of which stations have connected to them and when. If your access point offers such a feature, then I recommend taking a quick look at the logs at least once a day.
How can I detect rogue access points on my wireless network?
There are a number of free utilities available, such as Net Stumbler and Wave Runner, that will scan for wireless devices for you. You can also use commercial products such as Rogue Watch that offer more features.
TechRepublic is the online community and information resource for all IT professionals, from support staff to executives. We offer in-depth technical articles written for IT professionals by IT professionals. In addition to articles on everything from Windows to e-mail to firewalls, we offer IT industry analysis, downloads, management tips, discussion forums, and e-newsletters.
©2004 TechRepublic, Inc.
13%
1%
