At the IET Secure Mobile conference last week, Dr Philip Nobles from Cranfield University in the UK spoke about the subject of wireless LAN security.Â He showed the output of a tool running on his laptop on a 40 mile train ride into London.Â He had captured a large number of WLANs on the way, of which perhaps 60% were completely unsecured.Â In addition, you could see that many were using factory default settings, for example SSIDs (LAN identifier) of ‘netgear’.Â So all these sites can be compromised in terms of network sniffing, router hijhacking and theft of bandwidth.
Dr Nobles also spoke about WEP (Wired Equivalent Privacy), the first attempt to introduce encryption to WiFi networks.Â I had known that WEP was compromised at least in an academic sense, but I was surprised that practical tools exist for breaking WEP in a very short time. “My router gave up its key in 3 minutes”, Nobles said of his own home router.
In view of this, here are a few ideas for securing your WLAN in the home or the office:
1. Use WPA encryption (WiFi Protected Access) if this is available on your router/client setup.Â If not, use WEP in preference to leaving the router ‘open’.Â Use keys (passphrases) that will not be easy to guess.
2. Most routers have an option to hide the SSID, i.e. not broadcast the name.Â This means that the clients have to know the name explicitly.Â This is is good idea to switch on, and makes you look much less interesting on the Netstumbler display.
3. Don’t use the default SSID, and it is better to use a name that will not be vulnerable to dictionary attack, and one that doesn’t hint at your physical location.
4. Similarly, set an admin password on your router, again one difficult to guess or get by dictionary attack.Â For example, at one time I used “astro0cosmo0.”
5.Â Often you can block admin logon to the router from the Internet side, which is a good idea if you don’t need to remote manage it.
6. Some routers have the facility to “lock down” access to the router by only accepting connections from specific MAC addresses.Â In my experience this can be inconvenient to manage (for example if a WiFi card is replaced, or if a friend comes to visit with his machine), but it does limit the options for attackers.
7. Similarly, with some routers you can assign IP addresses to specific MAC addresses, and use the firewall to block unknown IP clients.Â As above, this can be inconvenient to manage, but it does limit access.