Trophy WiFi

(719)648-1891
info@trophywifi.com

What Hackers Know

Hackers have learned how to get around various security measures and they love to share their knowledge (see side bar "Hacker's Arsenal").

Unfortunately, wireless computing (WiFi) provides many capabilities that appear to add security to networks, but that are easily circumvented. Incomplete understanding of the technology leaves many network administrators feeling safe while their networks are vulnerable. Below are some of the security "myths" that add to this phenomenon:

SSID Hiding

  • Concept
    By selecting "No" to the "Broadcast SSID" option on most wireless routers, the wireless network name must be known in advance by anyone trying to connect to the network.
  • Why it's not a good idea
    The SSID is easily discovered. The most straight-forward approach is to find a connected client in the vicinity and use hacking software to send it a phony "DISASSOCIATE" message. The client then tries to reconnect, sending the SSID over the RF band. The use of hidden SSID serves as a means to discourage casual hackers, but must not be used in lieu of actual WiFi security. Note, too, that hiding the SSID results in longer connect times for legitimate clients.

MAC Filtering

  • Concept
    MAC filtering consists of configuring the router to allow connections from only specific wireless devices. The "MAC" is a unique identifier that each wireless device has, so in theory, if your network is configured this way, unwanted devices cannot connect.
  • Why it's not a good idea
    This has two primary drawbacks. First, it is easily defeated by examining the MAC address of devices sending data packets near the Access Point. Although MAC addresses are hardware-specific, they can be spoofed easily. Therefore, finding and mimicking an allowed MAC is relatively simple. Second, MAC filtering creates a maintenance problem on the network itself, making it more difficult to allow wanted devices. In our experience, MAC filtering keeps out legitimate clients more often than hackers.

WEP Encryption

  • Concept
    WEP encryption is the most basic form of real network security in the WiFi arena.  The idea is to keep unwanted computers off your network because they don't know the secret WEP key, so can't operate in the encrypted environment.
  • Why it's not enough
    Whether using 64-bit or 128-bit encryption, WEP presents little more than a fun challenge to amateur hackers. With permission of the network administrator, we have deciphered the "secret" 128-bit WEP key on a network in as little as 10 minutes. This requires no special hardware, basic Linux skills, and the ability to use Google. While Trophy WiFi would never do this without the permission of the network administrator (we are the good guys), hackers are not known for exhibiting this courtesy.

WPA/WPA2 Encryption

  • Concept
    The newer WPA and WPA2 standards are a big improvement over WEP encryption, so using one of these makes the WiFi network secure.
  • Why it's not enough
    While better than WEP, WPA and WPA2 are also hackable. The primary weakness of WPA and WPA2 lies in the manner in which they are commonly set up, leaving them susceptible to pre-created hashtable dictionary attacks.

Going "Open" Just Like the Cafe

  • Concept
    A lot of people have the idea that if the cafe on the corner can have an open WiFi, it must be safe for a small business or home WiFi to go "Open", too.
  • Why it's not a good idea
    The cafe has a dedicated access point connected directly to the internet. They don't have their payroll computer sitting on that network. Furthermore, they employ a concept of client isolation in order to keep the various connected customer laptops from seeing each other. Your computers, on the other hand, are on your network, and if your network is "Open", then hackers can gain access to your computers and their files via a peer-to-peer attack.  Private, but "Open" networks also make ideal hosts for criminals who want to engage in illegal activities on the internet.  The police/FBI can trace this activity back to your network.

About Hacking

Hacker's Arsenal