Skip to main content

Debunking myths in wireless security

You're likely to get some bad wireless security advice from the guy at your local electronics superstore who sold you your router, because many of the commonly recommended wireless security tips floating around out there aren't actually all that useful and may even do more harm than good by lulling the end-user into a false sense of security.

Hiding the SSID
The SSID (Service Set Identifier) is an identification code (typically a simple name) broadcast by a wireless router. If a wireless device detects multiple SSIDs from multiple access points (APs), it will typically ask the end-user which one it should connect to. Telling a router not to broadcast its SSID may prevent basic wireless access software from displaying the network in question as a connection option, but it does nothing to actually secure the network. Any time a user connects to a router, the SSID is broadcast in plaintext, regardless of whether or not encryption is enabled. SSID information can also be picked up by anyone listening to the network in passive mode.

Changing the SSID
This is sometimes touted as a security measure. It isn't. Changing your access point's SSID will change the identification code the router is broadcasting, but it won't change anything else. It doesn't prevent the router from being detected, snooped, or hacked in any way.

Disable DHCP
Switching DHCP off and using static IP addressing is no defense against hacking. Anyone snooping the network can usually figure out the pattern that has been used to assign the IP addresses in question and then make a specific request accordingly.

Filtering MAC addresses
In theory, this sounds great. Every NIC has its own unique MAC address, and wireless access points can be configured to block all but a handful of specified NICs. The problem with filtering by MAC address, however, is that these addresses are easily faked and readily detected by anyone using appropriate monitoring software. In addition, this approach requires a great deal of overhead in corporate environments, and even for a large home network with multiple machines and gadgets (consoles, phones, and consumer electronics) it quickly becomes untenable.

Of the above bogus "security" measures, filtering MAC addresses is the only one with even a minimal level of value. MAC address filtering can keep obnoxious and non-tech-savvy neighbors from easily freeloading on your wireless network, but it won't do much else. To keep more determined intruders off of your network, you'll have to use encryption.

Comments

Popular posts from this blog

Test New ALFA-AWUS036H v.2 (1.000mW) VS ALFA-AWUS036H v.1 (500mW)

- Recently emerged the New ALFA-AWUS036H v.2 (1.000mW), and these are the tests. TEST WITH NETSTUMBLER 1) usb da 100mW chipset railink 2) usb da 200mW chipset railink rt73 3) intel 2200 b/g con connettore esterno rp-sma 4) Alfa-AWUS036H 500mW 5) New Alfa-AWUS036H V2 da 1.000mW

Creating A Cheap Bluetooth Sniffer

Many papers and posts on internet forums have commented on the success of turning normal everyday bluetooth USB dongles ($10), into their more powerful counterparts that allow the capturing of packets from the airwaves. These more powerful USB dongles are usually sold at a much higher price ($10,000) together with the software to drive and control these devices. The problems associated with BlueTooth sniffing You cant simply just purchase the dongle with the alternate firmware. There is next to no real opensource packet capture program for the bluetooth protocol. Hardware & Limitations Chipsets: Whats the difference? The chipset of the Bluetooth USB Dongles are very important. Broadcom chipsets are cheap hardware and are deemed unsuitable devices for this paper. But unfortunalty nowadays, every manufacturer seems to prefer putting these chips in their products compared to the more reliable Cambridge Silicon Radio (CSR) chipset. If your lucky enough to find a dongle with a CSR chips...

ALFA-­AWUS036H & ALFA-­AWUS050NH INSTALLING/UPDATING DRIVERS RTL8187, r8187, RT2800usb on UBUNTU

NOTE: For surfing Internet with ALFA-AWUS050NH on Ubuntu Jaunty with rt2870sta driver, you must use the Kernel "2.6.28-11-generic #42-Ubuntu", without change or updates the drivers modules. NOTE: The tutorial is not related to Ubuntu karmic. Driver RTL8187/Stacks-­mac80211 (ref. ALFA-­AWUS036h) ­- These drivers, for surfing Internet, are more stable than r8187, and fully compatible with Network-Manager 0.7 installed by default on Ubuntu 9.04. Network-Manager 0.7 installed by default on Ubuntu 9.04. ­- Supports all encryption without problems. (OPEN, WEP and WPA/WPA2) ­- With Compat-Wireless, the "injection" working, but for support “Fragmentation attack” (opt. -5) you need to install one patch. - The RX sensitivity and packets injection is less, related to drivers r8187. Driver r8187/Stacks-ieee80211 (ref. ALFA-AWUS036h) - This driver is recommended for use with the Suite of Aircrack-ng, but not particularly suitable for Internet connections, as less stable and disc...