Sign in with
Sign up | Sign in
Your question

question

Tags:
Last response: in CPUs
Share
March 29, 2004 3:40:14 PM

I know this post isn't about a cpu but if i posted in any of the other boards i wouldn't get an answer. I'm building a computer for a bedroom in my house and i wanted to know if there is reliability in going wireless lan or should i just wire cat5 wire to my room?

More about : question

March 29, 2004 4:24:45 PM

"if there is reliability in going wireless lan "

Hu ? what do you mean ? if its reliable ? It is, if you're not too far away from your AP (say <10-15m with a few walls/ceilings). Best way to make sure is test with a friends AP/laptop (its what I did). Is it secure ? Not really, if that is your concern, I'll explain further.

= The views stated herein are my personal views, and not necessarily the views of my wife. =
March 29, 2004 4:44:38 PM

I mean reliable as in does it have times where it losses frequency and times out?
Related resources
March 29, 2004 8:42:37 PM

No not really. You can set different channels (11 where I live, may be different where you live) if you have to (like when you notice interference with other devices or nearby WiFi setups operating in the same 2.4 GHz band for 802.11b and g.

Chances are slim one of those channels would be unavailable or unreliable, they are nearly zero all of them would be polluted by microwaves, bluetooth devices or other radio equipment. If you want to be really, really certain, pick up a 802.11a device, if I'm not mistaken these operate in the 5 GHz band, which is used by nearly nothing else.

Security might be a bigger concern though, especially if you live in an appartment block. Currenlty writing an article on the issue, below a draft which might help you:

--------------------------------------

Wireless LAN Security
 
Disclaimer:
While I have made every effort to make this article as correct as possible, I am no security expert, so it is quite possible there either factual errors in this article, or I may have overlooked important issues. Therefore, feel free to mail me, if you have any valuable contribution or corrections.

Introduction 

Wireless LAN (WLAN) isn’t a new technology. In 1971 the University of Hawaii conducted a research project called ALOHNET which connected 7 computers across different islands using packet switched radio communication. In 1997 the 802.11 standard was released by the IEEE allowing for 2 Mbps. This standard was quickly updated to the 802.11b standard which is probably the most popular standard today. 802.11b works in the 2.4 GHz frequency band and allows transmission speeds of up to 11 Mbps which is comparable to 10 Mb Ethernet. 802.11a and 802.11g take this even further, allowing for speeds beyond 50 Mbps.  WLANs have initially been made popular by Apple with its “Airport” wireless network devices. Intel recently joined in and started a major push to commercialise wireless technology with its Centrino marketing campaign. 

General WLAN vulnerability concerns 

While many of the security threats posed by WLAN are similar to wired LANs, there are a few noteworthy differences inherent to WLAN, regardless of its implementation. The most obvious risk is the very feature that makes WLAN’s so desirable: accessibility

1. Bypassing the firewall 

With WLANs it is not necessary to gain physical access to a network node to be able to interact with the network. Since radio transmissions are not directional, it is hard to control the range of a WLAN. With a range of 100m and more, this may result in network connectivity in places where it was not intended (outside your company building/floor, your house, etc). This may seem trivial, but it isn’t.   Consider corporate LANs. Most LANs are well protected from external attacks (most notably from the internet), but IT security within the LAN/building is usually a lot less stringent because of usability concerns and because its internal employers are more trusted. One of the most difficult obstacles for an outside attacker to overcome, is usually a well configured firewall.

With a WLAN however, all the hacker has to do to circumvent the firewall, is moving his PC within range of the WLAN and connect to the WLAN (as we will see later this is usually very easy) to launch attacks on the clients or servers within the organization. Given the range of WLANs, this is trivial in most cases; parking your car outside the corporate building, sitting in the reception or launching your attack from a neighbouring building will do. With traditional LANs this would require gaining physical access to the infrastructure, and connect a PC to a LAN cable, which is a lot more challenging as access to the building will likely be well secured, and other employees would probably notice an outsider walking in, and attaching an Ethernet cable to the company LAN .

This same issue threatens home users; even though many broadband users may have a firewall, they will usually have one on their broadband modem (or access point), but this only protects you from the internet, not from a malicious “neighbour” attacking your PC or abusing  your broadband connection with relative ease. Installing a firewall on the PC as well is therefore a good idea, even this won’t help preventing bandwidth theft or packet snooping (see further on).

2. Losing your anonymity

Further more, with a traditional internet connection, a private user is more or less anonymous, as most internet providers will assign dynamic IP addresses, so targeting a specific person through the internet is rather hard. If a hacker hacks into your computer, it will likely be a coincidence you are the victim, instead of a deliberate attempt to hack your personal data. You will, in most cases, just be a “number” to the hacker, not a person he knows.  With WLANs, your neighbour or colleague could much more easily target you personally by moving within range of your WLAN. One may not be too concerned about IT privacy when one is “anonymous”, but when people that know you, like neighbours, colleagues, even your kids could sniff your traffic, intercept your emails, read your MSN Messenger chats, or attack your data, this becomes much more worrying.

  3. Bandwidth theft 

A potential threat faced by wireless home and companies alike, is bandwidth theft. Imagine your neighbour has a 16 year old wiz-kid; he may very well be interested in abusing your internet connection to download more than his provider’s quota allows him, or worse, to share illegal software or even hack into other systems through your connection and IP address. Especially if you live in an apartment block, these odds are not that small. Something to consider before the FBI raids your house/office and accuses you of hacking, spreading illegal music, videos or teen porn. 

4. Rogue AP’s

Public hotspots are becoming more and more popular, and wireless internet can be obtained in public places like hotels, airports, railway stations, etc. This is very convenient for the mobile user, but it also imposes some risks. Not only is a hotspot customer vulnerable to the other attacks mentioned in this document, there is an additional risk; most hotspots are not free, and require either a subscription or credit card entry to gain access.
Rogue access points can be set up, to lure the unwary traveller into connecting to it, instead of the actual AP, serving a web page that looks just like BT’s hotspot pages, you log in (and/or enter your credit card details), and then the rogue AP connects you to the real WLAN. Its nearly impossible to determine whether a hotspot is “real” from a trusted provider, or if you are logging into a WLAN set up by a hacker trying to steal your login/password or credit card details.

Rogue AP’s can also be set up elsewhere, for instance by a hacker trying to break into a corporate WLAN. I’m not aware of any current certificate system that enables you to positively identify a hotspot as genuine.

Ironically, fake AP’s can also be used to protect WLANs. Using a”honey pot strategy”, corporations can setup fake AP’s to lure hackers, and using intrusion detection, they can quickly be made aware of someone trying to hack into their system. This is a simple but effective security measure. Hide your real WLAN as good as you can, and setup “open” fake WLANs that trigger a silent alert whenever someone tries to gain access. Hackers, be adviced :) 

5. D.O.S. 

Besides the increased danger of hacking, another (though mostly minor) threat results from denial of service attacks. With the right equipment it is not hard to jam a wireless network to the point where it doesn’t work anymore. With the “wrong” equipment, this may even happen unintentionally as there are increasingly many devices that work in same frequency range as 802.11b devices (cordless phones, bluetooth devices, CB’s, even microwave ovens transmit radio waves in this frequency and could easily knock your WLAN of the air).  For a corporation that depends on WLAN for its network, this is a potentially serious problem. A simple transmitter can render your LAN useless, and therefore cost you tons of money in lost productivity.

Specific vulnerabilities and exploits

1. WEP 

Of course, when the 802.11 standard was conceived, the issues described above where taken into consideration, and a security protocol called WEP (Wireless Equivalent Privacy) was embedded in 802.11. WEP was intended to provide the same level of security as wired LAN’s by authenticating clients and allowing only approved clients to connect to the wireless LAN. To achieve this, both the client and access point (AP) share an encryption key (40 or 128 bits long), a so called “shared secret”. When the client tries to connect to the AP, the AP will send a random challenge to the client, which will encrypt this challenge using the encryption key and return the encrypted message the AP. If the AP can decrypt this message and it if matches the original challenge, it will authenticate the client. 

The problem with WEP is that it is fundamentally flawed. For starters, a constant encryption key is a bad idea; to make things worse, the key is not 40 or 128 bit, but part of these bits (24) are used for the so called initialisation vector (IV) which is meant to randomise part of the key. However, whenever 2 packets with the same IV are obtained, one can recalculate the encryption key. Consecutive tests performed by Berkeley University and AT&T have shown that in practice WEP can be cracked in 15 minutes or less.

These algorithms and attacks are well documented, and there are plenty of programs available on the internet that will make use of them allowing anyone to crack WEP security. You really don’t need to be an expert, everyone can download Knoppix (http://www.knoppix.com/), create the CD, boot from the CD, and you’ll have pretty much all the tools you’ll ever need to hack any WLAN. Therefore, although enabling WEP is better than not enabling it, WEP is hardly a credible security solution.

What’s even worse, is that empirical data shows that the majority of WLAN’s do not even have WEP enabled. 

2. Beyond WEP 

The IEE 802.11i task group is currently working on better security implementations as WEP. 802.11i is not ratified as yet, but some of the proposed technologies are already available in current WLAN hardware, most notably WPA (Wi-Fi Protected Access).

WPA is based on WEP, but overcomes many of its most fatal shortcomings. Specifically, it uses a shared network password, that is used to create a cryptographic outcome that is much more random than the (ASCII to HEX converted) passphrase  employed in WEP. Most (all ?) 802.11g hardware (54 Mbps) supports WPA today.  

WPA however, still has some issues; first of all, if  even a single device on the network does not support WPA, the AP will resort to WEP instead. This may not be an issue for home users with a single AP and maybe 2 clients, but it is real problem for corporations, and even more for public access points that are not likely to take advantage of WPA’s improved security.  More over, even WPA is not completely resistant to (offline) brute force and dictionary attacks, especially if the password is shorter than 20 (!) characters.

More details on this can be found here:

 Wireless security will not likely be completely achievable until 802.11i with full support for AES (Advanced Encryption Standard) becomes ratified and implemented. 

3. eavesdropping and identity theft

 Once WEP/WPA protection has been broken, an attacker will be able to snoop all WLAN traffic. This would enable him to intercept emails, data filled in on websites (not using SSL), etc pretty much like one can do when connected to the same wired LAN. 

Another use for snooping, is obtaining MAC addresses of authorized clients. Many WLANs are secured by configuring the AP to only allow clients with specific MAC addresses to connect to the AP. In theory, this seems like a waterproof concept, the only problem is that MAC addresses can be cloned easily. Its probably not even necessary to break the WEP encryption to obtain a valid MAC addresss from any member of the WLAN, clone it, and gain access to the WLAN. The only downside to this approach is that the original owner of the MAC address will be disconnected, and therefore, the intrusion might be noticed (unless of course the attacker is smart enough to launch the attack when the original client is inactive).  

Finally, using network monitors its very easy to detect hidden WLANs. A common (and useful) way to add protection to a non public WLAN is by disabling SSID broadcast. SSID is the identification of the AP, and by default, it is broadcast by the access point. By disabling this broadcast, in theory the client must know of the existence and even the exact name of this WLAN in order to be able to connect.

In reality however, its rather easy to obtain a list of SSIDs of active WLAN’s, even the hidden one’s using monitoring tools, such as built into the bootable Knoppix linux distro. 

Conclusion

 Newer wireless security protocols are being worked on, some proprietary systems are even being shipped, and more advanced authentication mechanisms such as Radius servers exist to help bullet proof WLANs, but none of these offer a holy grail of WiFi security. Below I wrote some general guidelines that may help using wireless in a more secure way: 

-disable SSID broadcast on your AP if possible. Its a good idea not to let your neighbouring script kiddie know you have a WLAN.
-Enable WPA if you can, WEP if you must. Even though its use is limited, its better than not enabling it.
-When purchasing new hardware, make sure you buy WiFi devices at least capable of WPA.
-Enable MAC address filtering on the access point. Especially home users will find this beneficial, as at least it serves as a poor mans intrusion detection, since you will be disconnected from the AP when someone clones your MAC address.
-change the default password on the AP ! There are plenty of lists on the internet with default passwords for all existing access points.
-Enable logging on the AP, and check the logs regularly for anomalies.
-Enable firewall on the AP, as well as on your computer.
-Use additional encryption software when sending/transmitting sensitive data. Consider using PGP to secure your email, and regardless of WLANs, don’t ever enter credit card details on a website you do not trust and that doesn’t use SSL encryption.
-If possible, use VPN to access your corporate network from home, and if possible, use the same VPN and company gateway to gain access to the internet. This won’t help securing your AP, but it will at least secure your traffic.
-Be careful when using public hotspots, especially the ones where you need to enter CC data.

 For corporations (though I’m sure a good sysadmin should know more about this than I do), some additional hints:  -Treat wlan users as outside users of your network (ie, put them behind the firewall, if possible, only allow them to connect through a VPN and use Radius or similar AAA authentication software).
-setup honey pot traps and actively monitor them to see if someone is trying to gain access to your WLAN.

P4man

= The views stated herein are my personal views, and not necessarily the views of my wife. =
March 30, 2004 1:56:25 AM

so basically some 16 year old punk is stealing your bandwidth? i say you hack into his machine through the wireless network and give him a virus. lol
March 30, 2004 8:14:04 AM

>So basically some 16 year old punk is stealing your
>bandwidth?

That is only one of many possibilities. He could also intercept your MSN chats with your mistress and blackmail you or inform your wife, intercept/change your emails to your boss and have you fired, perhaps install a keylogger/screengrabber and rob your backaccount if you do homebanking, or abuse your credit card, or setup an FTP server sharing under age porn and then call the FBI to get you jailed. Basically, he could seperate you from your wife, your money, your work and your life. IF the kid has any skills, you wouldnt even know he existed, let alone you could infect his computer with a virus, or that would bother him.

Am I exagerrating ? slightly, its not likely, but its definately possible.

= The views stated herein are my personal views, and not necessarily the views of my wife. =
March 30, 2004 11:54:59 PM

I've had a Linksys 54G for about 6 months. It's fast and flawless. The kid's laptop and the back-up PC are on it. The new Dlink 108G's are out and my best buddy set one up at his place with two laptops and his wife's PC. Says it will kill mine. So what? Set-up your WEP and MAC's and go to town! Watch out for War-drivers tho! PS. The farther away from the router the slower your data transfer. If I'm in the back yard at the picnic table with the laptop it is noticeably slower.

"I am become death, the destroyer of worlds. Now, let's eat!
!