Imagine a car equipped with nothing more than a laptop, a handheld GPS receiver, and a wireless network card slowly strolls through your neighborhood. Unknown to any onlookers, this is not an ordinary vehicle; rather, it is a wardriving machine. As the car strolls homes and businesses of the past, a wireless network card (available at any electronics store as low as $ 25) scans for any wireless access points. Anyone with a wireless network (and there are many out there) is vulnerable. The computer is looking for what is called an SSID. An SSID is the name of the wireless network and is continuously transmitted from the access point, letting computers know of its presence. The wardriver uses software like Netstumbler (for Windows) or Cismet (for Linux) to scan the airwaves for SSIDs. The program can monitor various access points immediately and check the signal strength. These programs can also check to see if the network is encrypted. The wardriver generally configure your software to record any clear strong signal. Using the GPS receiver, the coordinates of the strong signal will be recorded. After this preliminary unit, wardriver can return to the positions that have been filed, and the connection to the access point. Once connected to an unencrypted network, the wardriver can use the Internet connection of the victim, and can also explore computers on the network. If the files are shared within someone's private network, all that information is susceptible of a wardriver. In addition, once in the network, a wardriver can intercept network traffic and can display all the information such as passwords and credit card numbers sent to the Internet - even SSL protected data. Wireless network vulnerability is a major problem, and as more and more households buy wireless technology, the problem of insecure networks increases. Sound scary? Well this happens every day, and it does not take an expert to pull out. It does not take an expert to protect against both, though.
steps you can take to protect against wardrivers:
There are a number of very simple steps you can take to protect your wireless network. For many of these, you will have to access the router's configuration utility (check your manual on how to do this, you usually have to type an IP address in the browser such as 192.168.0.1 or 192.168.1.1).
did not broadcast their SSID. If it is broadcasting the SSID, this is the first thing that a program will pickup and recognize. If you configure the router to not broadcast your SSID, it will be difficult to detect (but not impossible, for some software that can intercept wireless communications, so if you are using the wireless network, the SSID can be revealed). If you are not broadcasting the SSID, but it can be guessed (eg if you use a default SSID), cloaking it is pointless. Because of this, it changes your SSID from the factory default. This is not a 100 percent effective method to protect the network, but it is a good first line of defense.
Change the default password. When you buy a router, a default password is stored. People with experience in working with routers know the default passwords for different routers (and the brand of the router can be seen by a wardriver software like NetStumbler). It 'important that you secure your router with a good password.
encrypt wireless communication. I can not stress enough the importance of your wireless communication encryption. Enable encryption and enter a key. Most routers are only capable of WEP encryption, but if they permit, use EAP encryption, is more secure than WEP. How cloaking your SSID, encryption is not 100 percent. Given enough time and determination, if someone wants to hit you and access your network, WEP encryption can be circumvented by using software like AirSnort.
Filter the MAC addresses that are allowed to connect to the router. This would require that you enter the router configuration and enter the MAC address of each wireless card. This way restrict access so that only computers can connect to the router. You will need to obtain the MAC address (which is the individual identification address of a network card in the form of a 12-digit hexadecimal number). If someone sniffs traffic and detects the MAC address of a computer wirelessly using the network, the wardriver could emulate that address and connect to the router, but this takes time.
If you set up file sharing on your computer, make sure it is password protected. It is advisable not to share files on network computers unless they require an authenticated user access. Set the same user account on your machines so that your computers can share files.
With these relatively simple steps, users of the wireless network can protect their networks from wardrivers. Wireless networks are inherently insecure, and these tips will help you protect your network only increased. If someone is really determined to gain access to the network, given enough time, a good hacker can gain access. These tips will deter the wardriver media to access the network, though. Although these methods are not security measures defined, that will change your network from being something that can be hacked in a matter of seconds, something that will have a determined hacker days if not weeks of work, each of which will have to be made while in close proximity to the network.
0 Komentar