While sitting at Panera bread checking email today I developed a need to change my mac address because Panera has a 30 minute connection limit between 12 and 1pm. A quick google search by Jay revealed this: http://www.nthelp.com/NT6/change_mac_w2k.htm. It takes about 3 seconds to change it and presto, I was back online. Obviously I don’t recommend doing this anywhere where it might matter, but a simple coffee shop probably isn’t going to sue you for getting 60 minutes vice 30 minutes to check your mail.
Thursday afternoon I ended up going into the hospital again for more post-tonsillectomy bleeding. It wasn’t as bad as it was on Monday but I still had to go under and they put another stitch in, along with the cauterization. I went from having 0 surgeries in my life to 3, all in the last 2 weeks. Hopefully this last one actually fixed the problem, but from what I am told the bleeding is purely random.
I picked up a couple more flash drives to replace the cheap ones I lost. A Patriot 8GB and a Sandisk 4GB (with U3). I was playing around with the U3 apps on Thursday before I had to abruptly head into the emergency room. I’ll be doing more of that today, and also fooling around with the Windows Server 2008 installation I did on a partition on my T61p. I used the guide at http://www.win2008workstation.com/wordpress/ to convert the install into a workstation with the full Aero experience along with wireless network connectivity. I haven’t created a virtual machine using the Hyper-V beta yet, but I did enable it, and will be doing that today.
Yes, I haven’t forgotten, I’m still sticking to the minimum of one post per week.
This week has been mostly work, although I did get my favors in this past Sunday so I can call in some karma later on when I need it. Helping friends move can get pretty interesting sometimes.
Day Two was more about DC than it was Shmoocon. We managed to hit up some of the presentations while also making sure to visit with the various vendors and talk with some real security gurus at the same time.
Unlike the first day, this was more about one presentation for me than any of the others.
Some black hats have discovered a vulnerability in the device driver for certain types of wireless network cards. The article is over at Infoworld and is pretty interesting. Apparently the card even being powered on is enough for it to receive this attack. The premise is flooding it with large numbers of packets, basically like a buffer overflow, causing it to fail and/or allow unauthorized code to execute.
I bought one of these over the weekend, and it arrived yesterday. Setup was a breeze, didn’t bother using the CD. I now have WPA2-PSK securing my wireless network. Definitely worth the upgrade over my old Gateway router that came with my laptop back in 2004.
I’m going to upgrade the firmware on it that was discussed in this lifehacker article. Hopefully I don’t brick the router.
So you’ve just gotten home from buying whatever wireless router your friends told you to get, well that or whatever the salesman suckered you into. (Subliminal message: Linksys WRT54G)
You want to setup a handfull of computers in your house to partake in the new wireless party, except for one little problem: you don’t know what you’re doing.
This is where we come in. This is a generalized article on how to setup a basic wireless network. I’m going to try to write it in a way that regardless of what router you have, you’ll be able to use this to figure yours out and get the job done. This is a pretty basic article, so i’m not trying to totally cover everything here. The best way to learn about things is to read and do them yourself. There is no better teacher than experience.
Routers:
A router, routes things. It’s pretty simple. You plug it in, and plug your computers into it via ethernet, or you let the wireless part take care of that, and from there it’s just a little configuration and boom, you can share files, browse the net, whatever you want. Enough on those.
Each brand of wireless router usually has a different method of configuration. This is everything from the IP you connect to it through, to the way the interface is laid out. They all usually use a 192.168.x.x IP, and all the interfaces have roughly the same kind of buttons, though.
The parts we’re concerned with deal with IP assignment, MAC filtering, and the type of encryption that’s active.
Hopefully all of you have a router that lets you use WPA. If not, please at least use WEP. It’s not much protection, but it’s something to slow a lazy wardriver down.
Quick Note on Wardriving:
Wardriving is basically the practice of driving around looking for wireless networks. Mapping them out, and even hacking into them if one is so inclined. You care about wardrivers because if you don’t secure your router, and they leech off of you, anything they do while they’re connected to your router is your responsibility in a court of law, not theirs. So if they like to download kiddy porn, you can get into trouble for them doing it.
DHCP vs Static IP:
Going to make this one quick. DHCP is automatic assignment of IP addresses. In this part of your control panel you can view who is currently assigned an IP on your network. You can control how long they get to use that IP before they have to renew it, as well as how many IP addresses the router will assign before it stops giving them out. This is important for securing the router, as it’s one step in the process. Always limit the number of available IP addresses to the number of machines you will be using. You can always add to this if a buddy comes over or what not, so don’t worry.
Static IP is even better, but a little more work in setting up. This allows you total control over the assignment of IP addresses, but still isn’t perfectly safe. Regardless, the additional setup requires you to use the router’s IP as your Gateway and DNS servers, so don’t forget that.
MAC Filtering
There is more information here than I can even think to type up. The concept however is simple. You can either deny certian MAC addresses from connecting to your router, or allow only certain ones and deny the rest. Obviously the second option is better and easier for us.
Encryption:
I’ve touched on this with my WEP vs WPA article, but configuration is actually pretty self-explanatory, and Firewalling.com has an excellent resource for virtually every router out there. You figure out whether you have WPA or if you’re stuck with WEP (NEVER use WEP if you have WPA or better available). It all works the same though, you generate a key, and you use that key in your wireless configuration in Windows or Linux to connect to the router. Use this key generator to generate your keys.
Using the last 3 things separately is good, but using them together is outstanding diligence. You want to deter possible hackers as much as possible, so they move onto your neighbor’s unsecured network rather than yours.
Things to Note:
- Don’t try to connect 20 computers to the same 3mbps Cox connection. It just isn’t good.
- Weather can influence the quality of your wireless signal. So can living next to a whole bunch of transformers and power lines.
- Throughput on wireless isn’t quite the same as with a regular LAN. If you’re copying lots of files between computers, use a physical connection. It’ll save you time and grief.
Port Forwarding:
Gamers, this is your section. Port Forwarding is used instead of enabling the DMZ, because it still provides you with a good level of security. If you need certain ports available for certain applications, you can do that here. All you do is specify the port number, the protocol being used, and the IP address it’s going to forward to. Be sure you know which IP is what on your network, you might end up giving the wrong person the info.
Thoughts:
Most people don’t secure their networks. In my experience about 6 out of every 10 routers is totally wide open, just plugged in and never touched. Secure your networks!!
For those of you familiar with the the specification (and for those of you who aren’t) (which is estimated to become official in April of 2008) it appears that the Task Group charged with creating the specification does not seem to have intentions to implement protection for control frames on the wireless network.
This means it will still be vulnerable to DoS (Denial-of-Service) type attacks that exploit control techniques over the wireless spectrum.
Given that the specification is still about 2 years off there is still plenty of time to add some mitigation to this, although the process is likely as bureaucratic as any so this might not be feasible.
Related:
Just wanted to add to what Chris had mentioned about wireless security in his previous post.
Wi-Fi security is not my cup of tea; however I had my wireless card lying around and decided to see what’s out there in the neighborhood. It was unbelievable to see how many people are oblivious to wireless security and how important it is to configure your router and change your default passwords. With all the recent identity theft cases popping up minute by minute, it would be very naive to run such an open and careless network.
To secure your router, at the very least try to assign static IP’s and limit the amount of IP’s that are assignable through the default dynamic settings. Also try to incorporate an encryption protocol such as WEP or WPA, which Chris wrote a complete article on the pros and cons. Hopefully with the tools and information gained from this site, it will in turn make you realize the potential threats and how vulnerable you are when surfing the world wide web.
For any questions pertaining to this post or anything else, please don’t hesitate to ask.
Have any of you ever been wardriving?
I recently did a bit of it while I was on leave up in Western NY at the end of April. Now, I come from basically the middle nowhere in the southern tier of Erie county, not too far from Amish country, so you can imagine how surprised I was to find well over 100 wireless networks in a town with an approximate population of 8,000.
I didn’t keep any detailed notes, but I know over half were unsecured, totally wide open. Now, I did not try to connect to any of them of course. I was just driving around with Netstumbler on and when I got home I just looked at the network list it generated.
The lesson here is configure your wireless routers people! I will be doing a writeup this week regarding basic implementation and setup of a wireless network.
