| Airport Menace: The Wireless Peeping Tom
| |
| | the seat next to mine and we
|
| ----------------------------------------
| |
| | spent the next hour or so configuring
|
| As a network security consultant, I
| |
| | his laptop securely,
|
| travel quite frequently.
| |
| | starting with securing his computers
|
| At times, it seems like the airport is
| |
| | local administrator
|
| my second home. I
| |
| | account. At one point during the
|
| actually like to fly, it's a moment in
| |
| | configuration, he made the
|
| time where no one can
| |
| | statement that I got real lucky because
|
| reach me by e-mail, or mobile phone.It
| |
| | his local admin
|
| never fails that something interesting
| |
| | account did not have a password. My
|
| happens to me at
| |
| | response to him was, I
|
| the airport. I've even met some famous
| |
| | get lucky quite often.Who Else Has Your
|
| people during my
| |
| | Client List
|
| travels. A few months ago, I ran into
| |
| | -----------------------------
|
| Frank Bielec, from the
| |
| | Just think of the possibilities. What do
|
| TLC show, Trading Spaces. But one of my
| |
| | you have to lose if
|
| favorite things to
| |
| | someone is able to just peruse the files
|
| do at the airport is browse the wireless
| |
| | and data on your
|
| Ethernet waves. I'm
| |
| | laptop? Do you maintain your customer
|
| never really surprised at what I find.
| |
| | list on your laptop
|
| I'm just glad I know
| |
| | (Do you want this in the hands of a
|
| more about wireless Ethernet than the
| |
| | competitor)? How about
|
| average road warrior.The Dangers Of
| |
| | your personal finances (Identity theft
|
| Ad-Hoc Wireless Networking
| |
| | ring a bell)? So many
|
|
| |
| | people I talk to initially say, "I
|
| -----------------------------------------
| |
| | really don't have
|
| Most people who have wireless Ethernet
| |
| | anything of great importance on this
|
| at home, or the
| |
| | system". Then they
|
| office, connect to the wireless network
| |
| | think a little bit and start rattling of
|
| by attaching to a
| |
| | things they never
|
| wireless Access Point, or AP. This
| |
| | really thought about before. All of a
|
| method of wireless
| |
| | sudden, they get
|
| networking is called "Infrastructure
| |
| | concerned.The fact is, whether it be
|
| Mode". If you have a
| |
| | "Infrastructure Mode", or
|
| secure wireless network configured in
| |
| | "Ad-Hoc" wireless Ethernet
|
| "Infrastructure Mode"
| |
| | communications, if not properly
|
| you are using MAC address filtering,
| |
| | configured and secured, can pose a
|
| some level of
| |
| | significant risk. There
|
| encryption, and have made some
| |
| | are thousands of articles on the
|
| additional changes to your AP
| |
| | Internet about the dangers
|
| in order to prevent just anyone from
| |
| | of improperly configured wireless
|
| using it or capturing
| |
| | networks, yet the number
|
| data. For more information on
| |
| | of unsecured networks seems to be
|
| configuring your
| |
| | getting greater, not less.Strength And
|
| "Infrastructure Mode" wireless network
| |
| | Posture Does Reduce Your Risks
|
| take a look at the
| |
| |
|
| "Wireless Network Security" page at
| |
| | -----------------------------------------
|
| Defending The Net.Links
| |
| | --
|
| -----
| |
| | Keep in mind that your objective should
|
| for those who are not using
| |
| | be to reduce the
|
| "Infrastructure Mode",
| |
| | chances that you will become a target
|
| and are configured to communicate from
| |
| | for computer
|
| machine to machine,
| |
| | compromise. When I was growing up in
|
| or "Ad-Hoc", there are a few things you
| |
| | South Philadelphia, I
|
| should be aware of.A wireless Ad-Hoc
| |
| | remember my father telling me that when
|
| network allows you to communicate with
| |
| | you walk down the
|
| other wireless Ethernet systems without
| |
| | street, especially in the evening, to
|
| using a wireless
| |
| | walk tall, and project
|
| access point. It's kind of a peer to
| |
| | a position of strength and authority.
|
| peer configuration and
| |
| | Why, because thugs
|
| it works rather well. The problem is,
| |
| | typically pick out those who look like
|
| most people just set
| |
| | an easy target. The
|
| it up, and forget about it. At home,
| |
| | same thing goes for computer security.
|
| it's not a huge
| |
| | Reduce the risks of
|
| problem, but when your on the road, it
| |
| | becoming a target buy configuring your
|
| could cause you a
| |
| | system with a strong
|
| great deal of grief. The airport is
| |
| | security policy.When I perform security
|
| probably the best place
| |
| | assessments, I create a list of
|
| to find Ad-Hoc networks. Business men
| |
| | potential targets, and potential methods
|
| and women, delayed
| |
| | of compromise. I
|
| once again, power up their laptops and
| |
| | then prioritize that list by which
|
| get to work
| |
| | system, with a particular
|
| completing the days tasks, or planning
| |
| | vulnerability, may be easiest to
|
| tomorrows agendas.I can't tell you how
| |
| | compromise. Those at the
|
| many systems I find in the airport
| |
| | bottom of the list typically never come
|
| configured this way. Not just in the
| |
| | on my radar screen;
|
| terminal, but on the
| |
| | the best scenario it to keep of the
|
| plane. About three months ago, just
| |
| | radar altogether.Conclusion
|
| after we reached
| |
| | ----------
|
| cruising altitude and were allowed to
| |
| | If your are using wireless Ethernet, no
|
| use our "approved
| |
| | matter what
|
| electronic devices", I found that the
| |
| | configuration, follow a few rules and
|
| gentleman two seats up
| |
| | keep yourself secure
|
| from me had a laptop configured as
| |
| | against most common types of
|
| Ad-Hoc. He walked by me
| |
| | compromise.1. Above all, make sure all
|
| about ten minutes later and commented on
| |
| | your user accounts have strong
|
| how much he liked
| |
| | passwords, especially those that have
|
| my laptop. I thanked him, and asked if
| |
| | administrative control
|
| his laptop was on,
| |
| | over your system;2. Configure your
|
| and configured to use wireless Ethernet,
| |
| | wireless network to use some sort of
|
| he said yes.To make a long story short, I
| |
| | encryption. I know there is a lot of
|
| showed him that I could see
| |
| | concern about the
|
| his laptops wireless Ethernet and
| |
| | "crackability" of WEP, but if this is
|
| informed him of the
| |
| | all you have to work
|
| danger. He asked me if I could access
| |
| | with, and then use it. It is still
|
| his hard drive, and I
| |
| | helpful;3. If possible, use MAC addresses
|
| told him that it might be possible. He
| |
| | filtering to restrict
|
| asked me to see if I
| |
| | unwanted systems from attaching to your
|
| could, so I obliged. After configuring
| |
| | wireless network;4. Make sure the
|
| my laptop to use the
| |
| | firmware for your AP's and wireless
|
| same IP address class as his, and typing
| |
| | Ethernet cards are up to date. These
|
| "net use *
| |
| | updates can be found on
|
| hiscomputersIPAddressc$ ""
| |
| | your card or AP's support site.Remember,
|
| USER:administrator", I
| |
| | if you are compromised over your wireless
|
| received a notice that the connection
| |
| | network
|
| was successful and
| |
| | it can be near impossible to track down
|
| drive Z: was now mapped to his computer.
| |
| | where the attack
|
| I performed a
| |
| | came from. Worse yet, think about how
|
| directory listing of his hard drive and
| |
| | many systems become
|
| the guy almost had a
| |
| | compromised, and no one ever knows it?
|
| heart attack!After this, he moved up to
| |
| |
|
