Open wireless network hazards
This is a topic I have talked about in other places before but it bears repeating since there still seems to be so much misunderstanding of the facts surrounding it.
As the price point for wireless network hardware has gotten low many people have purchased these items so that they can create wireless networks at home or in small offices to share high speed internet connetions. Which is great, except that for a combination of reasons many of these networks are unsecured.
What are these reasons? The first and most basic one is simply that the users aren't aware that the network is unsecured or if they do know they don't know how to secure it. The second reason is that people think it really isn't a problem. And often it's a combination of both of these reasons so that the user is aware the network is unsecured but isn't motivated to fix it under the assumption that it isn't a problem.
So what are the problems? The one reason that most people can think of is what happens when someone else hijacks your bandwidth. You simply wouldn't be getting the bandwidth you have paid for and now as many ISPs put transfer caps on previously unlimited access plans you could end up paying more because someone hijacked your bandwidth to download a number of large files.
Now certainly bandwidth highjacking and extra out of expenses are not good but they aren't enough to motivate some people to secure their networks. The problem is that when it comes to the risks that you run having your bandwidth hijacked is really the least of your worries. The bigger problems are the following.
Access to Your Resources
Simply put if your wireless network is unsecured then all the computers you have on the network are also open to attack. Now some might consider this not a big deal as they have passwords etc set up on their computers and yes that's probably a good idea, however, security in depth is always a good idea.
What does this mean? Well if a hacker can't get into your network at all then they can't be launching brute force attacks or try exploiting known issues and bugs in the software you may be running. Having things secured inside your network is also a good idea just in case a hacker was able to crack into your network but it's not a replacement for the security of having your network secured in the first place.
A perhaps more alarming problem that doesn't seem to be discussed enough is the ability of a hacker once inside an unsecured network to attack the wireless router itself. There are lots of insidious methods that an attacker could use that could easily remain undetected but present grave risks to the security of your personal and financial information.
For example it is possible to configure a wireless router to redirect domain name lookups (DNS) to one or more malicious DNS servers. Under this scenario if you typed http://www.mybank.com instead of going to http://www.mybank.com you would be directed to a phishing site (that looks exactly like http://www.mybank.com) and worst of all in your browser it would look as if you are at the right website. Why? Because the malicious DNS servers told your computer that to find www.mybank.com that it should go to the IP address with the fake site rather then the real site.
The final risk you take on with an unsecured wireless network is possible liabilities for content someone downloads through or makes available through your network. For example what if someone uses your network to download child pornography? What if someone uses your network to share child pornography? What if someone uses your network as a basis for attacks on another network? If this activity was caught then the legal trail of responsibility would end with your public IP address and at your door.
So if you have a wireless network make sure it is secured. And if you don't know how to tell or you don't know how to make it secure then hire someone who can help you. Spending a few dollars for an hour of an experts time can make you secure and free you from worry about these risks.
|© 2008 Max Stocker|