WiFi – How Secure are you?
By Parrish Reinoehl, Pathfinder Networks
June, 2005
In previous articles I have discussed various measures each computer user should take to safeguard their personal data and online experience. This month I will discuss another aspect of computer security that many users do not consider and one that is growing in severity almost daily.
Just as the availability of Broadband Internet products such as DSL and cable has grown tremendously over the last few years so too has the use of wireless networking to share these high speed connections. Commonly known as WiFi, wireless home and business networks are springing up in nearly every community. Simply by purchasing a few affordable pieces of equipment from your local computer or electronics store most Broadband Internet users are able to setup their own wireless home network that allows each PC in that household or business to share the Broadband connection.
However, because of the need for manufacturers to make their equipment as easy as possible to implement and use, most wireless equipment is factory configured with no security features enabled. Simply put, any security features available for these products are turned off unless you enable and configure them correctly. This is where most WiFi users fall short. Many do not realize there are security features that need to be turned on and used. What’s more many users, even if they are aware of the need for wireless security, simply do not understand how to configure and use these security features.
According to an article published by Newsfactor Technology News the results of an annual survey carried out by RSA Security show that over a third of Wi-Fi networks used by companies are not secure, leaving the company exposed to attack from hackers on the street or in nearby buildings. Home users are an even larger number.
What does this lack of WiFi security mean? It means that anyone within range of your wireless network can gain access to your network remotely. I have met many Broadband Internet users that say they do not care if someone hops on their network and uses their Internet connection. After all, what’s the harm in sharing your Internet connection with your neighbor?
Besides legal issues dealing with the Terms of Service of your Broadband Internet provider there are other, much more serious concerns. For one, if another user is able to gain access to your WiFi network they are not only gaining access to your Internet connection- they are also likely gaining access to each PC on your network! That’s right- any files, documents, photos, etc. that you have on your PC can be open for someone outside your home to view, use, or delete. Not only this, it’s also very easy for a network savvy individual to steal your usernames and passwords used for your online banking, credit cards, Ebay accounts, etc.
Even still there are other very serious problems you can run in to. Imagine, if you will, someone taking control of your PC while you are away from home or asleep. This person could then use your PC to send viruses, junk email, or do other illegal activities- all without actually being in front of your PC. Why would they do this, you may ask? In the event authorities are able to trace these illegal activities back to a source- who do you think that source will appear to be? That’s right- it will appear as though you were the one engaged in these illegal activities, after all- they did come from your PC.
Now that you are too frightened to ever turn on your PC again, you are probably wondering what you can do to prevent this and what these WiFi security features are.
The primary wireless security feature is called WEP. WEP stands for Wired Equivalent Privacy. WEP is a standard security protocol that uses shared keys to encrypt data communications. WEP is standard in all WiFi equipment and, at a minimum, should always be implemented. To use WEP you must create a “shared key” that is entered in both the wireless access point or router and in each wireless PC. Think of the shared key as a password. Enabling WEP on your WiFi network will keep most outside users out of your network- but not all. WEP can be hacked by knowledgeable and patient computer criminals. To combat this, many wireless vendors are now using a protocol called WPA or WiFi Protected Access. WPA is much more difficult to hack and is implemented in much the same methods as WEP.
Another feature that should be implemented (or disabled) in your wireless router or access point is to force the equipment to not broadcast your SSID. The SSID or Service Set Identifier is simply the name of your wireless network. By default this name is broadcast by your equipment for everyone to see. If this broadcast feature is disabled it means that most outside users will never know you have a wireless network to begin with. Also, you need to change the SSID of your equipment to something other than the default factory name. Still another is to change the default password of your wireless router. You’d be amazed at how many users do not bother to do this one simple step.
To graphically show the extent of this problem I recently performed a wireless site survey of my neighborhood. To do this I used a freely available (and legal) software package that is able to scan for open and unsecured wireless networks. Using a laptop PC with a wireless network card and GPS (global positioning system) I am able to create a map that places an icon near each location where it finds an open and unsecured WiFi network. You’ll see in the picture below there are numerous open networks in my neighborhood. Each of these networks would be extremely easy for anyone to connect to. All they need is a PC with a wireless card and to be within range of the signal. The users that have properly secured their WiFi network are invisible to this software and are safe from outside users.
I won’t name which town or area this survey was performed- but the same results will appear in every area that has Broadband Internet available. If you would like one of our technicians to perform a survey of your WiFi network and, if necessary, implement proper security measures for your network please give us a call! You’ll likely be very glad you did.
About the Author:
Parrish Reinoehl is President of Pathfinder Networks; a Niles based technology consulting firm specializing in providing affordable computer services to small businesses and home users including networks, PC support, sales, and service. Pathfinder Networks can be reached at 269-684-7696 or via email at parrish@pathfindernetworks.us
Pathfinder Networks website is http://www.PathfinderNetworks.us
Visit our retail location at 1920 S. 11th St., Niles, MI (in Belle Plaza). We now sell Dish Network Satellite television and Sirius Satellite Radio!
© Pathfinder Networks, LLC