Captain’s Log 3 [Insert SSID Here]
College campuses are exciting, fun, and also a wonderful place for a would be identity thief to setup shop. I live in an apartment on our college campus and at any given time there are 28 something live wireless networks operating within connecting range of my apartment.
One would assume that this “new” generation of young adults are tech savvy enough to realize the implications of having an unsecured wireless network. However this is only an assumption. In order to prove my point I connected to a few of these unsecured wireless networks to see what I could turn up. Default SSIDs (Service Set IDentifier, what most people refer to as the “name” of the wireless network) such as “Linksys,” “Netgear,” and “Default” broadcasting their little processors out, draw would-be identity thieves to their networks. So, like I was saying, I connected to “Linksys” and opened up the default management web screen by connecting to 192.168.1.1. Go figure, no wireless encryption OR admin password change. I logged in with the default credentials of user-name: admin, password: admin and went to the “Administration” tab. I opened up the list of issued DHCP IP (Dynamic Host Configuration Protocol, Internet Protocol) addresses. I counted around 30 computers connected to this one wireless network.
Hmm, I wondered if the owner realized that half of the apartment building was using their network.
Anywho, the above has absolutely nothing to do with where I was going. So, using common applications found on the Internet such as Nmap and Ethereal, I was able to view, in real-time, network traffic. Somebody connected to their bank, another sent their user information to Gmail, and another was in a chat room. Because of the owner’s oversight in encrypting their wireless network I was able to potentially steal 1) E-mail user account information and 2) bank account credentials. The former, you might say, has absolutely no value whatsoever. Before you jump to that conclusion let me chime in that most, not all, people are likely to use their bank user-name/password for their e-mail user-name/password. At the very least I could use their e-mail address on the “popular” bank websites to see if I could get a password reset sent to the newly captured e-mail account.
After poking around I did something that most people would consider “rude” at the very least. I shut down their wireless network. Why? Well if the owner wanted every person in a 200 foot radius to connect to their network they would just turn it back on. If they didn’t then they would suspect something was up with their network and I would hope that they would research the problem and fix it with at least a little insight on how to secure their network in the process.
To sum things up, lock your network. Don’t be the person left without the chair when the music stops… or the police knock on your door because of the 3 terabytes of music “you” downloaded or the account information of 4000 bank customers “you” stole.
BBR has a great FAQ on securing your wireless network. FAQ 8698 Below are some excerpts:
1. Use a wired connection to change the security settings on your Access Point (AP or “wireless router”).
2. If you can, use WPA2. Otherwise use WPA. WEP is no longer adequate.
2.4 Use a hard-to-guess key.
3. Change the default Service Set Identifier (SSID or network name) in your AP. Use a hard-to-guess SSID.
5. Change the administrator password on your AP. Use a hard-to-guess password.
6. Turn on the highest level of encryption your hardware supports.
13. If you can, use static IP addresses on the computers and disable DHCP on the router. Limit the number of IP addresses your router recognizes to the ones in use, if you can. Consider starting the IP addresses at a non-standard point, such as 192.168.3.113, instead of 192.168.1.1 or 192.168.254.0.
Leave a Reply