|
Security Information |
 |
Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking
Airport Menace: The Wireless Peeping Tom
It never fails that something interesting happens to me at the airport. I've even met some famous people during my travels. A few months ago, I ran into Frank Bielec, from the TLC show, Trading Spaces. But one of my favorite things to do at the airport is browse the wireless Ethernet waves. I'm never really surprised at what I find. I'm just glad I know more about wireless Ethernet than the average road warrior. The Dangers Of Ad-Hoc Wireless Networking
Links
However, for those who are not using "Infrastructure Mode", and are configured to communicate from machine to machine, or "Ad-Hoc", there are a few things you should be aware of. A wireless Ad-Hoc network allows you to communicate with other wireless Ethernet systems without using a wireless access point. It's kind of a peer to peer configuration and it works rather well. The problem is, most people just set it up, and forget about it. At home, it's not a huge problem, but when your on the road, it could cause you a great deal of grief. The airport is probably the best place to find Ad-Hoc networks. Business men and women, delayed once again, power up their laptops and get to work completing the days tasks, or planning tomorrows agendas. I can't tell you how many systems I find in the airport configured this way. Not just in the terminal, but on the plane. About three months ago, just after we reached cruising altitude and were allowed to use our "approved electronic devices", I found that the gentleman two seats up from me had a laptop configured as Ad-Hoc. He walked by me about ten minutes later and commented on how much he liked my laptop. I thanked him, and asked if his laptop was on, and configured to use wireless Ethernet, he said yes. To make a long story short, I showed him that I could see his laptops wireless Ethernet and informed him of the danger. He asked me if I could access his hard drive, and I told him that it might be possible. He asked me to see if I could, so I obliged. After configuring my laptop to use the same IP address class as his, and typing "net use * hiscomputersIPAddressc$ "" /USER:administrator", I received a notice that the connection was successful and drive Z: was now mapped to his computer. I performed a directory listing of his hard drive and the guy almost had a heart attack! After this, he moved up to the seat next to mine and we spent the next hour or so configuring his laptop securely, starting with securing his computers local administrator account. At one point during the configuration, he made the statement that I got real lucky because his local admin account did not have a password. My response to him was, I get lucky quite often. Who Else Has Your Client List
The fact is, whether it be "Infrastructure Mode", or "Ad-Hoc" wireless Ethernet communications, if not properly configured and secured, can pose a significant risk. There are thousands of articles on the Internet about the dangers of improperly configured wireless networks, yet the number of unsecured networks seems to be getting greater, not less. Strength And Posture Does Reduce Your Risks
When I perform security assessments, I create a list of potential targets, and potential methods of compromise. I then prioritize that list by which system, with a particular vulnerability, may be easiest to compromise. Those at the bottom of the list typically never come on my radar screen; the best scenario it to keep of the radar altogether. Conclusion
1. Above all, make sure all your user accounts have strong passwords, especially those that have administrative control over your system; 2. Configure your wireless network to use some sort of encryption. I know there is a lot of concern about the "crackability" of WEP, but if this is all you have to work with, and then use it. It is still helpful; 3. If possible, use MAC addresses filtering to restrict unwanted systems from attaching to your wireless network; 4. Make sure the firmware for your AP's and wireless Ethernet cards are up to date. These updates can be found on your card or AP's support site. Remember, if you are compromised over your wireless network it can be near impossible to track down where the attack came from. Worse yet, think about how many systems become compromised, and no one ever knows it? About The Author
MORE RESOURCES: |
|
|
|
RELATED ARTICLES
Money Mule Email Scam Hits U.S. Imagine this - you open up your email box and an international company is offering you a dream job - you can be an agent for them - a financial intermediary - receiving payments for them and transferring money to them, and, naturally, keeping a commission on each transaction.There's no investment, no money required. Top Five Online Scams The top five online scams on the Internet hit nearly ten million people last year according to an FBI report in December 2004. That figure doubled from 2003 to 2004 and people are continuing to fall for these email and identity theft scams. DOS Attacks: Instigation and Mitigation During the release of a new software product specialized to track spam, ACME Software Inc notice that there was not as much traffic as they hoped to receive. During further investigation, they found that they could not view their own website. Delete Cookies: New-Age Diet or Common Sense Internet Security? No, this article isn't about some new, lose-20-pounds-in-a-week, certified-by-some-tan-Southern-California-doctor diet. It's about cookies on your computer - what they are, why they are there, and what to do about them. Preventing Online Identity Theft Identity theft is one of the most common criminal acts in society today. Criminals will use your personal information such as banking accounts and passwords, to pretend that they are you. Wells Fargo Report Phishing Scam First off I should explain what phishing is. Phishing is basically the act of tricking a victim into divulging information. Make Money Online - Latest Scam Disclosed Before we start, I want to make it clear that this article is about scammers that affect people who make money online by selling digital products, like e-books, software, etc. and have a refund policy, because we have a rather long way until the end and, if you are selling physical product or you money online through affiliate programs that don't involve a refund policy it's probably just a waste of time. Phishing - Learn To Identify It Phishing: (fish'ing) (n.)This is when someone sends you an email falsely claiming to be a legitimate business - like your bank or credit card company - in an attempt to scam you into giving them your personal, private information that they can use to access your accounts. Can I Guess Your Password? We all know that it's dangerous to use the same password for more than one program. If you sign up for a program run by someone of low moral fibre, what is to stop them running through various programs with your username and password to see what they can access? But of course remembering all the different passwords can be a headache. Top Spyware Removers Considerations Only the top spyware removers are successful at detecting and removing spyware and adware from your computer. You should look for complete protection against these threats: spyware, adware, keyloggers browser hijackers and Remote Access Trojans. How to Know Whether an Email is a Fake or Not A few nights ago I received an email from "2CO" asking me to update my personal data. The sender did not forget to insert a link to log in, too. If You Sell Anything Online Your ePockets Are Being Picked You and I are a lot alike. We are both software publishers and eBook authors getting hosed on a regular basis. The Risk Of Electronic Fraud & Identity Theft Electronic Fraud and Identity Theft ----------------------------------- Human beings are pretty sensible when presented with an imminent threat or risk. That is, if it's staring us directly in the face. Phishing, Fraudulent, and Malicious Websites Whether we like it or not, we are all living in the Information Age. We have nothing left but adapt to rapidly developing information technology, no matter who we are and what we do for living. New Mass Mailing Spamming Internet Trojan for the Windows Platform May. 16th 2005 - MicroWorld has reported the discovery of Troj/Sober-Q, which is a mass mailing spamming internet Trojan for the Windows platform. Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking Airport Menace: The Wireless Peeping Tom ---------------------------------------- As a network security consultant, I travel quite frequently. At times, it seems like the airport is my second home. 5 Tips For An Unbreakable Password Despite the current wave of identity theft and corporate security breaches it's amazing how very few people treat their passwords with any level of seriousness. Most computers users, both at home and in the office, see passwords as a nuisance and therefore make them as easy to remember as possible. Spyware Symptoms Spyware symptoms happen when your computer gets bogged down with spyware programs running in the background without your knowledge. Spyware, adware, malware and even spamware can cause your computer to behave very strange. Spyware is Not Like a Nosy Neighbor Remember the television show about the nosy neighbor Mrs. Kravitz always peeking out her window or over the fence, sometimes even knocking on the door just to find out what was going on in her neighborhood? If you don't wait a month or so and the DVD or the movie will be out. Viruses and Worms: The Problems and Their Solutions History and BackgroundThe virus was one of the first ever threats to computer security. It brought a whole new fear upon computer users.
|
| Copyright © The House of Pradha · Wisdom for Everyone. |