Crack down on unsecured wireless networks

In Australia

The Queensland Police plans to conduct a ‘wardriving’ mission around select Queensland towns in an effort to educate its citizens to secure their wireless networks.

Once found…

When unsecured networks are found, the Queensland Police will pay a friendly visit to the household or small business, informing them of the risks they are exposing themselves to.

Read more

WPA Wi-Fi Encryption Is Cracked

Well it had to happen one day!

According to a report from PCWorld Magazine WPA has been broken.

Security researchers say they’ve developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks.

Read more.

Now here’s a good reason for securing your wireless network…

I have mentioned wireless security on the blog before and I am talking about real security not “feel good” security; at the very least you should be using WPA and preferably WPA2.

The Register reports on the consequences that have happened to a poor American expatriate living in India who just so happened to run an open unsecured wireless network.

Indian police raided the Mumbai home of an American expatriate after someone used his open wireless network to send an email that took responsibility for a bomb blast that killed at least 42 people.

Kenneth Haywood, whose internet-protocol address was included on an email sent just prior to the blasts, spent much of Thursday answering questions by the Maharashtra Anti-Terrorism Squad officials. Police seized his three computers, as well as the machines of several neighbors, and are examining them as part of an investigation.

This story demonstrates a rare but real risk of running an open wireless network.

Should I be running a hidden or closed wireless network?

So should you be hiding your wireless network? Should you be closing your Airport network? Should you be not broadcasting your SSID (service set identifier)?

Some people do this to make their network invisible.

Should I be running a hidden or closed wireless network?

Most people are not aware that hiding your SSID or “closing” your network, does not in fact make your network invisible.

All it does is stop broadcasting your SSID (network name).

Your network is still broadcasting and therefore detectable.

I have a (modern) Sony VAIO which can pick up closed networks without any extra software – the ability is built into the latest intel chipsets.

As well as your network still broadcasting your network will also “broadcast” your SSID everytime a client joins your network.

Why?

Well you want to join the network, so you tell the router that you want to join.

You tell it the SSID, it says okay and lets you join.

When you told it the SSID, this was broadcast in the clear and can be easily picked out by “sniffer” programmes.

Exactly the same process can be used to sniff out the the authorised MAC address if you use MAC address access control.

Unfortunately “Closed” networks, MAC access control lists, and reduction in transmission power are all more “feel good” security rather than real security. All these various approaches are dated and mistakenly lead to overconfidence.

They’re like putting a brown paper bag over your wireless router to “secure it”, it may make you feel better, but adds no security whatsoever.

WPA is your friend if you value wireless security.

Photo source.

Use WPA to protect your wireless network.

This video from the BBC’s Real Hustle gives you an idea why you should be using WPA to protect your wireless network.

A gang using easily available software break into a WEP protected wireless network and find out what a surfer has been up to as well as having access to his computer and his internet connection.

Though they have used a fair amount of dramatic licence, what they do (rather than how) is possible.

MacBook Pro Airport Issues Continue…

Since I upgraded my Airport Extreme network to a pure WPA2 802.11n 5GHz wireless network, my MacBook Pro has consistently failed to re-connect to the network after waking from sleep.

It does this in both 10.4.10 and 11.5.1 and when connected to an Airport Express running 802.11g WPA/WPA2 no problems, will re-connect every time.

My iMac which is connected to the 802.11n network does not have this issue.

If I move back to 802.11n/b/g on the 2.4GHz radio mode the problem disppears.

I have followed the advice given by Apple here and another piece of advice which  said ensure the Airport is at the top of the network configurations, but alas no luck.

Once or twice the MacBook Pro has reconnected, but 99% of the time no re-connection and the only solution is to either join the 802.11g network or re-boot.

Annoying.

Problems with WEP

Some people have quite a few problems connecting devices to a WEP encrypted wireless network.

One of the problems with WEP is that the actual standard relies on a 10 character HEX key for 40bit WEP and a 26 character HEX key for 128bit WEP.

In order to make things easier for people, vendors use certain algorithms to convert simple alphanumeric passwords (or passphrases) into HEX keys, thus enabling people to use simple memorable WEP password rather than lengthy HEX keys.

The problem is that different vendors use different algorithms to generate the HEX key and therefore a ASCII password on an AEBS will be hashed differently on a Netgear client and vice versa.

One thing is a 13 character 128 bit WEP password will be hashed by all vendors in the same way (if you use 40bit WEP then a 5 character password is required).

Though sometimes not even that works and the  HEX key must be used regardless.

Having said all that WEP is considered today to be insecure and not recommended (it can be broken quite easily by a determined hacker) if you can use WPA. However if you have legacy devices which don’t support WPA then WEP is sometimes all you can use.

TC1100 Wireless Problems, Sorted!

I have finally sorted out my HP TC1100 wireless problem. I was having issues getting the TC1100 to connect to my 802.11g Airport wireless network.

I had confirmed that the Intel 2200 BG card in the Tablet supports WPA and I have updated Windows XP to support WPA as well.

The Intel 2200 BG card also supports 802.11g.

I say that as the solution was to switch the Airport Extreme from 802.11g only radio mode to 802.11b/g mode.

In this mode the TC1100 has no problem connecting to my WPA/WPA2 network!

It’s not as even though the TC1100 is connecting at 802.11b 11 Mbps speeds, as the speed shown in the connection window though fluctuating is greater than 11 Mbps!

So if you are having issues connecting to an 802.11g network with a laptop with the Intel 2200BG card, revert to b/g compatability and see if that makes a difference.

HP TC1100 Tablet PC Wireless Problems

Since I sorted out my new wireless networks, my HP TC1100 Tablet PC has been having issues connecting to the 802.11g wireless network.

TC1100

The 802.11g wireless network is using WPA/WPA2 encryption.

I have confirmed that the Intel 2200 BG card in the Tablet supports WPA and I have updated Windows XP to support WPA as well.

However the TC1100 fails to connect to the network. Initially I thought it was a channel 13 issue, but since changing to channel 6, I still can’t connect.

I have been through my settings and my own troubleshooting guide but still no joy.

Changing my Network Topology

Over the last week or so, I have been messing about experimenting with my network topology.

Previously I had a relatively simple network, a sole Airport Express with a lot of wireless clients. After having quite a few connectivity issues with the Airport Express, I knew I had to replace it with my newer Airport Extreme.

Once I did this, I left it in place for a few days to iron out any wrinkles or problems. I am running it in 802.11n b/g mode so that all my wireless clients can connect to it.

Yesterday I started to rearrange things, so that I could have wired clients, a pure 802.11n network and a separate 802.11g network.

My Airport Extreme now sits under my television, connected to it is my EyeHome, this should mean it can communicate to my iMac (which I use to record television via an Elgato EyeTV device) and stream video, audio and pictures without stuttering. I also intend to hardware a Mac mini as well and this will be my media centre for the moment – longer term I will replace this either with an Apple TV or another Intel based Mac mini. This Mac mini will have an Elgato USB EyeTV device attached.

I will also connect to the Airport Extreme (the third device to the third LAN port) an older 802.11g Airport Extreme which will be running a pure 802.11g wireless network for the older wireless clients. I will very likely stop using 802.11b devices, but as these are only PDAs I am not too worried and if I do need to test them I can always use the airport Express and plug that into the AirportExtreme as and when necessary.

Both wireless networks will use WPA as this is secure compared to WEP, however I will not be closing my networks, nor will I be using MAC address access control.

I am hoping that this will improve the network and make it much faster for internal file transfers and as I replace older Macs with newer ones which support 802.11n it should also be future proof as well.

The only downside I guess is the location of the 802.11n Airport Extreme does make it difficult to test USB hard drives and printers.