In this article, we will list out some of the known vulnerabilities to WLANs.
How can anything that broadcasts everything sent or received through the air be secure? This is perhaps a question that each and everyone of us has thought at some point or another. And the truth is, Wireless LANs (WLANs) are a lot less secure than their wired counterparts. Perhaps WLANs are not the best solution for the paranoid, but then again, neither is the Internet. The mother of all networks, the Internet, has become the single biggest threat to the security and privacy of the millions that use it, yet the number of people using it is increasing by millions every year. The only safe computer is one that isn’t networked at all, and has no Internet connection, but who wants that?
It’s obvious that every good thing comes with its price, and WLANs are no different. Yes your data is more at risk than those on a regular wired LAN; yes your computer
can be hacked into using your wireless card; however , bypassing the security that you can set up for your WLAN is something only a professional hacker could do, and chances are, if a professional hacker wants to get into your computer that badly, he probably already has access-WLAN or not.
Threats To WLANs
WLANs are vulnerable in various ways, and all the vulnerabilities can be classified into two types:
1. Unauthorised Access Threats
2. Denial of Authorised Access
The first is perhaps the most deadly, as this involves threats from hackers and viruses, in an attempt to get into your network and access your data. The second type is more or less like a Denial of Service (DoS) attack, where functionality of your network may be affected by some other device, either intentionally or unintentionally.
Here we will focus more on threats of the first type, as they are more of a security risk and are perpetrated by malicious users or software.
Every wireless access point manufacturer has known and well publicised Service Set Identifiers (SSIDs). All access points ship with their default SSIDs, which a user is expected to change when they set up their WLAN. Quite often, home users set up their WLAN by powering up everything, setting the type of connection to ad-hoc, which is default, and then are overjoyed by the fact that a connection is established immediately. There are no more checks done, and the network is left the way it is, for fear of changing a setting and finding that clients cannot connect. This is perhaps the most common mistake that people make, and leave their WLAN open for absolutely anyone to access. The very first thing you need to do when configuring your access point is to change the SSID to something only authorised users of your WLAN will know.
Don’t Broadcast SSIDs
Wireless access points can be configured to stop broadcasting SSIDs, as is usually the case. This will help ensure that unauthorised users in the vicinity do not detect your SSID by default. Of course, there are tools available that will still hack your SSID from the signals that are transmitted in your network, but turning off the broadcast of your SSID will stop novice hackers or rogue wireless devices from accessing your network.
Use IP/MAC Access Control
If your network consists of only a few devices, make sure to set your access point to limit access to only those devices. You can do this when configuring the access point. Either set it to acknowledge only a given IP, or range of IPs, or set it to allow access to only the specified MAC addresses. Each wireless device will have a card that has a unique MAC address. Find this address from your device and enter it into the access point’s list of allowed devices. Though even these can be spoofed by the most ingenious of hackers, you are probably never going to encounter one-unless you happen to work for the government, or are an employee of a huge multinational company. The safest option is to set restricted access only to the specified MAC addresses, as these are much harder to spoof.
Access Point Placement
It’s amazing how many people take what is printed on boxes literally. Just because your access point says that it covers a radius of 200 feet doesn’t mean that the signal abruptly ceases to exist at that point! For a home, you most likely aren’t going to need an access point in the first place, but in a small office that could be considerably bigger than your home, you might add one in just to keep the signal strength healthy for all your users. However, placing an access point near a window, door or outer boundary wall is not advisable. Since most access points are omni-directional, their signal extends beyond the physical perimeter of your home or office. This means that someone sitting outside your house or office in a car, or a neighbouring building could potentially access your WLAN. The best way to prevent this is to make sure access points are located towards the centre of your home or office, and you should use a laptop or mobile device to investigate how far out, in all directions your signal extends. A good warning sign that your network extends a little too far out of your perimeter is strangers repeatedly sitting in cars or at neighbouring bus stops, with laptops, chuckling to themselves.
Wired Equivalent Protocol (WEP) is an encryption standard for 802.11b networks. It was introduced a long ago, and even though it was found to contain severe security flaws, continues to be in use today by somewhat outdated equipment. When buying Wi-Fi equipment and peripherals, make sure that all of them support more robust security and encryption techniques than WEP such as WPA.
The very reason you install a Wi-Fi network may be its downfall, mobility. The problem with a WLAN is that its clients are mobile. Laptops, especially, can cause much damage to your LAN as they are carried about to locations across the city, country or even the world. These laptops are used by executives and management personnel to connect to other WLANs, in airports, coffee bars, hotels, etc., and can easily pick up viruses and worms. When they return to your network, they can spread these worms through the network and infect other machines, which in turn will breach any security practices you may have in place. The only way to combat this is to impress upon your users the importance of keeping their client PCs updated with the latest antivirus definitions and security patches. Even in your home network, you need to be careful to update all computers with the latest security fixes, or else you could end up transmitting a virus from home to computers on your office network.
War Driving is a term used to describe a hacker that literally drives up outside a building that has a WLAN and attempts to access the network using his or her hacking tools.
If a hacker gained access to your Wi-Fi-enabled computer, or your WLAN, there could be a multitude of outcomes, depending on what the attacker wants.
Internet Usage: More often than not, people who gain unauthorised entry to a WLAN will use your Internet connection. This gives them free Internet access, and shields them from being traced on the Net-much like what an anonymiser service does.
Though this may not sound as bad, it is in fact worse than you can imagine. Most people’s activities online are governed by whether or not they feel secure about their identity being hidden. A user who gains unauthorised access to your network knows that all his activities can only be traced back to you, and thus may use your network to download warez, surf illegal pornography Web sites, or send spam and worms out on to the Internet. Depending on which laws he breaks, you find yourself getting into serious trouble for things that you did not do.
Information: Most of us are paranoid about our personal information. Most of us don’t even like giving out our real e-mail addresses, so someone gaining access to files that you think are private and secure is somewhat of a nightmare come true.
File Damage: Some attackers are just malevolent, and have no interest in anything but damaging your computer. These are generally one-off attacks and result with most of your files going missing or being changed. For example, you may find all your word documents deleted, or all text replaced with something along the lines of “MUHAHAHAHAHAHA! You were hacked by Da Hax-Master.”
Your Internet connection may be used to launch Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks on the Internet. Hackers use the Wardriving technique to find vulnerable WLANs and then infect the computers with worms or Trojans that they can control via the Internet. These worms or Trojans lie dormant waiting for a signal from the hacker.
When a hacker wants to target another computer, he may use your computer to hack into another, or just launch a huge DDoS attack against his victim, using your computer and thousands of others similar to yours which are online at that moment.
In this article, we will list out some of the known vulnerabilities to WLANs.