MaxStocker.com   MaxStocker.com    
   
Home About Blog Stuff Contact
 
   
 

May 2008

Facebook busted?
Posted : Sat May 31st

Applet Code Tip
Posted : Thu May 29th

The hidden costs of bad data
Posted : Wed May 28th

Deciphering TCO
Posted : Tue May 27th

Buffers are better
Posted : Thu May 22nd

Feelings nothing more than feelings
Posted : Mon May 19th

A Sense of Scale
Posted : Thu May 15th

More Fun...
Posted : Tue May 13th

No push please
Posted : Sun May 11th

Open wireless network hazards
Posted : Thu May 8th

Caveat emptor
Posted : Wed May 7th

Have Fun
Posted : Tue May 6th

Font Preview Tool
Posted : Fri May 2nd

XML is not a database
Posted : Thu May 1st

Recent Comments

Max in Whose blog is it anyway?
on Mon May 10th

Rob in Whose blog is it anyway?
on Fri May 7th

Anonymous in SEO and the magic beans
on Thu April 8th

Max in SEO and the magic beans
on Thu April 8th

n.o. in SEO and the magic beans
on Thu April 8th

silky in Right way, wrong way
on Fri February 19th

Categories

Technical
69 Entries

Security
18 Entries

Java
23 Entries

Privacy
6 Entries

Database
11 Entries

Internet
58 Entries

Business
31 Entries

Site Updates
19 Entries

Personal
86 Entries

RSS Feed RSS Feed

Tag Cloud

Open wireless network hazards
Posted : Thursday May 8th, 2008

This is a topic I have talked about in other places before but it bears repeating since there still seems to be so much misunderstanding of the facts surrounding it.

As the price point for wireless network hardware has gotten low many people have purchased these items so that they can create wireless networks at home or in small offices to share high speed internet connetions. Which is great, except that for a combination of reasons many of these networks are unsecured.

What are these reasons? The first and most basic one is simply that the users aren't aware that the network is unsecured or if they do know they don't know how to secure it. The second reason is that people think it really isn't a problem. And often it's a combination of both of these reasons so that the user is aware the network is unsecured but isn't motivated to fix it under the assumption that it isn't a problem.

So what are the problems? The one reason that most people can think of is what happens when someone else hijacks your bandwidth. You simply wouldn't be getting the bandwidth you have paid for and now as many ISPs put transfer caps on previously unlimited access plans you could end up paying more because someone hijacked your bandwidth to download a number of large files.

Now certainly bandwidth highjacking and extra out of expenses are not good but they aren't enough to motivate some people to secure their networks. The problem is that when it comes to the risks that you run having your bandwidth hijacked is really the least of your worries. The bigger problems are the following.

Access to Your Resources

Simply put if your wireless network is unsecured then all the computers you have on the network are also open to attack. Now some might consider this not a big deal as they have passwords etc set up on their computers and yes that's probably a good idea, however, security in depth is always a good idea.

What does this mean? Well if a hacker can't get into your network at all then they can't be launching brute force attacks or try exploiting known issues and bugs in the software you may be running. Having things secured inside your network is also a good idea just in case a hacker was able to crack into your network but it's not a replacement for the security of having your network secured in the first place.

DNS attacks

A perhaps more alarming problem that doesn't seem to be discussed enough is the ability of a hacker once inside an unsecured network to attack the wireless router itself. There are lots of insidious methods that an attacker could use that could easily remain undetected but present grave risks to the security of your personal and financial information.

For example it is possible to configure a wireless router to redirect domain name lookups (DNS) to one or more malicious DNS servers. Under this scenario if you typed http://www.mybank.com instead of going to http://www.mybank.com you would be directed to a phishing site (that looks exactly like http://www.mybank.com) and worst of all in your browser it would look as if you are at the right website. Why? Because the malicious DNS servers told your computer that to find www.mybank.com that it should go to the IP address with the fake site rather then the real site.

Liability

The final risk you take on with an unsecured wireless network is possible liabilities for content someone downloads through or makes available through your network. For example what if someone uses your network to download child pornography? What if someone uses your network to share child pornography? What if someone uses your network as a basis for attacks on another network? If this activity was caught then the legal trail of responsibility would end with your public IP address and at your door.

So if you have a wireless network make sure it is secured. And if you don't know how to tell or you don't know how to make it secure then hire someone who can help you. Spending a few dollars for an hour of an experts time can make you secure and free you from worry about these risks.

Tags

attack  DNS  network  safety  wireless 

Categories

Technical  Security  Internet 

Comments

  
   
  Follow me on Twitter   My Facebook Profile   My LinkedIn Profile   RSS feed of my blog Home   |   About   |   Blog   |   Stuff   |   Contact   |   Privacy Policy  
   
  © 2008 Max Stocker