Skip to main content

Securizarea retelor wireless

Securizarea retelelor wireless este probabil ceva nou pentru majoritatea utilizatorilor casnici. In mod obisnuit cele mai folosite metode sunt ascunderea identifcatorilor SSID, filtrarea dupa adresa MAC, dezactivarea serverului DHCP si folosirea cheilor WEP.
Aceste solutii sunt total inadecvate. SSID-urile pot fi inregistrate, adresele MAC pot fi copiate si adresele IP valide pot fi observate pentru a determina adresele de retea disponibile dintr-o retea. Aceste mijloace de protejare sunt doar niste impedimente minore pentru un atacator. Nici folosirea WEP-ului nu este mai sigura. Este sufucienta transmiterea unui singur cadru mai lung criptat folosind WEP pentru ca sa poata fi determinate suficiente informatii pentru a construi pachete care sa fie injectate in retea. Traficul generat va fi utilizat apoi pentru a determina cheia de criptare. Toate aceste actiuni pot fi intreprinse in cateva minute.
Singurele alternative care exista pentru securizarea retelelor wireless sunt WPA si WPA2. Atat Windows XP cat si Mac OS X suporta aceste tehnologii si orice access-point produs in ultimii ani ar trebui sa le poata utiliza. Cele doua mecanisme au un modul denumit PSK (Pre-Shared Key)care permite folosirea unei parole in locul unei intregi sesiuni de autentificare 802.1X, fiind suficient pentru uzul casnic.
Daca hardware-ul suporta WPA2, atunci acesta ar trebui folosit. Daca nu trebuie utilizat WPA. Impreuna cu o parola greu de determinat, sansele de reusita ale unui atac pe baza de dictionar vor fi foarte mici. De asemenea trebuie schimbata si valoarea implicita a SSID si parola de configurare a punctului de access.
Pentru angajatii care foloesc laptopurile in interes de serviciu acasa este recomandata si folosirea VPN-urilor, pentru a reduce posibilitatile de pierdere de date importante sau de a deschide brese de securitate in retelele companiilor.

Sursa: IDG

Popular posts from this blog

Test New ALFA-AWUS036H v.2 (1.000mW) VS ALFA-AWUS036H v.1 (500mW)

- Recently emerged the New ALFA-AWUS036H v.2 (1.000mW), and these are the tests. TEST WITH NETSTUMBLER 1) usb da 100mW chipset railink 2) usb da 200mW chipset railink rt73 3) intel 2200 b/g con connettore esterno rp-sma 4) Alfa-AWUS036H 500mW 5) New Alfa-AWUS036H V2 da 1.000mW

Creating A Cheap Bluetooth Sniffer

Many papers and posts on internet forums have commented on the success of turning normal everyday bluetooth USB dongles ($10), into their more powerful counterparts that allow the capturing of packets from the airwaves. These more powerful USB dongles are usually sold at a much higher price ($10,000) together with the software to drive and control these devices. The problems associated with BlueTooth sniffing You cant simply just purchase the dongle with the alternate firmware. There is next to no real opensource packet capture program for the bluetooth protocol. Hardware & Limitations Chipsets: Whats the difference? The chipset of the Bluetooth USB Dongles are very important. Broadcom chipsets are cheap hardware and are deemed unsuitable devices for this paper. But unfortunalty nowadays, every manufacturer seems to prefer putting these chips in their products compared to the more reliable Cambridge Silicon Radio (CSR) chipset. If your lucky enough to find a dongle with a CSR chips...

ALFA-­AWUS036H & ALFA-­AWUS050NH INSTALLING/UPDATING DRIVERS RTL8187, r8187, RT2800usb on UBUNTU

NOTE: For surfing Internet with ALFA-AWUS050NH on Ubuntu Jaunty with rt2870sta driver, you must use the Kernel "2.6.28-11-generic #42-Ubuntu", without change or updates the drivers modules. NOTE: The tutorial is not related to Ubuntu karmic. Driver RTL8187/Stacks-­mac80211 (ref. ALFA-­AWUS036h) ­- These drivers, for surfing Internet, are more stable than r8187, and fully compatible with Network-Manager 0.7 installed by default on Ubuntu 9.04. Network-Manager 0.7 installed by default on Ubuntu 9.04. ­- Supports all encryption without problems. (OPEN, WEP and WPA/WPA2) ­- With Compat-Wireless, the "injection" working, but for support “Fragmentation attack” (opt. -5) you need to install one patch. - The RX sensitivity and packets injection is less, related to drivers r8187. Driver r8187/Stacks-ieee80211 (ref. ALFA-AWUS036h) - This driver is recommended for use with the Suite of Aircrack-ng, but not particularly suitable for Internet connections, as less stable and disc...