Why are there so many unprotected WIFI networks?

You've gotta laugh

I've found one in my street that at a push I can connect to with my laptop and I went around to a mates house yesterday for a trustees meeting and my laptop picked up another one with a good signal quality.

I've found another here at work (not ours but another tenant in this shared tenancy building).

Are people completly ignorant about these things inspite of the widespread media coverage of this issue out there?

I think I'm gonna start an IT Security consultancy. I've got my WIFI network here at work bulletproof with 802.1x certificate security, EAP-TLS and RADIUS ;)

T
 
Actually, last time when some people came to my workplace, they find a wireless AP to connect to Internet. They thought it belongs to us, but it's not (we don't have wireless AP). :)

I have a wireless AP at home, which is old and supports only WEP. Although WEP is weak and easy to break, but it still can be used to prevent simple intrusion. Maybe many people think since WEP is useless, there's no need to enable it at all. Of course, users of newer AP with new encryption standard have no excuse at all.
 
PVR_Extremist said:
You've gotta laugh

I've found one in my street that at a push I can connect to with my laptop and I went around to a mates house yesterday for a trustees meeting and my laptop picked up another one with a good signal quality.

I've found another here at work (not ours but another tenant in this shared tenancy building).

Are people completly ignorant about these things inspite of the widespread media coverage of this issue out there?

I think I'm gonna start an IT Security consultancy. I've got my WIFI network here at work bulletproof with 802.1x certificate security, EAP-TLS and RADIUS ;)

T

Well i know u'll think i'm stoopeed, but i'm not sure how to secure my wi-fi network either. It asks me for keys to input and well... i don't know what to do...? :oops:
So, my wi-fi is open to the public. although i think i have reserved the network to the 2 MAC addresses in my house, so i don't think anyone else can access my internet connection. ?
 
Locking MAC address prevents others to use your network, but it won't prevent anyone from eavedropping your network traffic. An eavedropper can see everything, including files transferring over the network, and plaintext passwords. Furthermore, in a big network with many MAC addresses, an eavedropper can monitor the traffic and build a list of all usable MAC addresses. Then she can set her MAC address to an unused address to access the network.

WEP provides very weak protection. On a heavy traffic network, you need only hours of eavedropping to crack the key. However, many old APs support only WEP. WEP uses shared key (64 bits or 128 bits), and you need to set the same key to every computer for access.

WPA is the new standard but since I don't have a WPA enabled AP, I don't know much about it.
 
london-boy said:
Well i know u'll think i'm stoopeed, but i'm not sure how to secure my wi-fi network either. It asks me for keys to input and well... i don't know what to do...? :oops:
So, my wi-fi is open to the public. although i think i have reserved the network to the 2 MAC addresses in my house, so i don't think anyone else can access my internet connection. ?

Ha! Do you know how easy it is to sniff a wireless network and find the Mac adresses you are connecting with? And then for someone to change their machine to use those MAC adresses and hook into your network? You should find out how to use all the security options, WEP, passwords, the works, and enable them. After all, what do you think your ISP will do if someone hooks into your LAN and starts hacking/spamming from your IP address?

There's a basic security rule that says if a hacker has physical access to your hardware, it makes everything a lot, lot easier for the person trying to break in or steal bandwidth/data. A wireless network effectively gives that person access from the street or a few houses along. They can read your data, and they can hook in relatively easily.

Restricting to specific MACs makes it slightly harder, but not much. WEP makes it a bit harder again. Both together is much more worthwhile than just MAC restriction. If you really want to be secure, a bit of CAT5 running under the floorboards is a heck of a lot better.
 
pcchen said:
[...]Then she can set her MAC address to an unused address to access the network. [...]

:oops: :oops: SHE!!?!? God, you can't even trust girls anymore...

BZB said:
Ha! Do you know how easy it is to sniff a wireless network and find the Mac adresses you are connecting with? And then for someone to change their machine to use those MAC adresses and hook into your network? You should find out how to use all the security options, WEP, passwords, the works, and enable them. After all, what do you think your ISP will do if someone hooks into your LAN and starts hacking/spamming from your IP address?

There's a basic security rule that says if a hacker has physical access to your hardware, it makes everything a lot, lot easier for the person trying to break in or steal bandwidth/data. A wireless network effectively gives that person access from the street or a few houses along. They can read your data, and they can hook in relatively easily.

Restricting to specific MACs makes it slightly harder, but not much. WEP makes it a bit harder again. Both together is much more worthwhile than just MAC restriction. If you really want to be secure, a bit of CAT5 running under the floorboards is a heck of a lot better.

I know, but when i get to the WEP options it asks me to input codes and stuff....?
 
london-boy said:
pcchen said:
[...]Then she can set her MAC address to an unused address to access the network. [...]

:oops: :oops: SHE!!?!? God, you can't even trust girls anymore...

In cryptography talks, eavesdroppers are generally designated as Eve, and Eve is a she. :)
 
London-Boy

A 128bit WEP "passphrase" is simply 13 ASCII characters long.

On your Access point, put in a 13 character word or group of words (no spaces!!!) and put the same one into each of your PC's wireless network connections.

If you are using Windows XP Wireless Zero Config (not another manufacturers utility) its very easy. If you are broadcasting your SSID (the name of your wireless network which the router can "beacon" to machines) then Windows will pick it up in available Wireless connections and when you click on Connect it will provide a passphrase box (like a password dialog box). Simply enter your 13 character password there and it will connect and keep that information for the next time you connect etc etc.

128Bit is better than nothing at all.

WPA-PSK encryption is better still and operates on the same prinicipal of a passphrase. In WPA though its called a Shared Secret or a pre shared key (PSK) ;)

refer to your manual for your router for further info.

DO turn it on though, as you are running a very public network without it!!
 
128 bit WEP is actually not a bad security. Sure, it can be broken when you sniff hours of packets and hire a specialized firm to break it, but do you really think anyone would actually go to all that trouble to find out what you do?

The main problem is, that WEP is a bitch to use. I set it up often, and I still have problems every time getting it to work. Every combination of hard / software needs something a bit different then all the others to be able to connect. And because of that, the default setting is without any encription, so it actually works.
 
PVR_Extremist said:
London-Boy

A 128bit WEP "passphrase" is simply 13 ASCII characters long.

On your Access point, put in a 13 character word or group of words (no spaces!!!) and put the same one into each of your PC's wireless network connections.

If you are using Windows XP Wireless Zero Config (not another manufacturers utility) its very easy. If you are broadcasting your SSID (the name of your wireless network which the router can "beacon" to machines) then Windows will pick it up in available Wireless connections and when you click on Connect it will provide a passphrase box (like a password dialog box). Simply enter your 13 character password there and it will connect and keep that information for the next time you connect etc etc.

128Bit is better than nothing at all.

WPA-PSK encryption is better still and operates on the same prinicipal of a passphrase. In WPA though its called a Shared Secret or a pre shared key (PSK) ;)

refer to your manual for your router for further info.

DO turn it on though, as you are running a very public network without it!!

I'm a very generous person!! :LOL:

Ok, so i choose a code and go for it.

The WPA-PSK gives me like a table, 4 by 4, of "stuff to put in".... how's that work? manual doesn't say much...
 
what's your AP? Belkin, Netgear etc etc. Give us the make and model number.

I'll see If I can download a manual and provide assistance.
 
Can I make a suggestion? Use a 26 hex digit key. Just think of something like 69A69A69A69A69A69A69A69A69, and use that.
 
Right then:

Firstly make sure you are running the lastest firmware:

Follow the instructions here for that:

http://kbserver.netgear.com/release_notes/D102381.asp


Regarding WPA-PSK:

This is what it says in the manual, seems fairly self explanatory to me!!

How to Configure WPA-PSK
Note: Not all wireless adapters support WPA. Furthermore, client software is required on the client. Windows XP and Windows 2000 with Service Pack 3 do include the client software that supports WPA. Nevertheless, the wireless adapter hardware and driver must also support WPA. Consult the product document for your wireless adapter and WPA client software for instructions on configuring WPA settings.

To configure WPA-PSK, follow these steps:
1. Log in at the default LAN address of http://192.168.0.1, with the default user name of admin and default password of password, or using whatever LAN address and password you have set up.

2. Click Wireless Settings in the Setup section of the main menu of the DG834G.

3. Choose the WPA-PSK radio button. The WPA-PSK menu will open.

4. Enter the pre-shared key in the Passphrase field.

Click Apply to save your settings.


Now on the client device, you should now see it detect your WPA secured wireless LAN and if you click CONNECT, it should ask you for the passphrase you entered in step 4 above. Do it and it should connect ;)

HTH
 
For WEP, simply enter that 13 character phrase in the Passphrase box and click "generate". Then copy the 26 digit hexadecimal code its produced to the remaining 3 "Key" fields and "Apply"

Connect to the wireless network through windows and put in that same 13 character passphrase into the passphrase dialog box that appears in Win XP.

HTH too ;)

Don't be afraid, do it now !! :D
 
PVR_Extremist said:
For WEP, simply enter that 13 character phrase in the Passphrase box and click "generate". Then copy the 26 digit hexadecimal code its produced to the remaining 3 "Key" fields and "Apply"

Connect to the wireless network through windows and put in that same 13 character passphrase into the passphrase dialog box that appears in Win XP.

HTH too ;)

Don't be afraid, do it now !! :D

Well i'll do it when i get home!! ;)
Besides, my network has been open for the last... 7 months and i never had problems. Apart from getting disconnected every 3 hours but that's a prob with the line.
 
To me, not enabling WEP/WPA or whatever is not so much a question of security for home users, but much more a large annoyance if your neighbour has an unprotected one. Windows is at times really stubborn and will only connect to the unprotected network. And if you check the box that says it shouldn't connect to unprotected networks, it goes into a loop: connect to unprotected (most visible) network -> drop connection because it is unprotected -> repeat. Often, the only solution to that, is go to the neighbour and enable WEP on his/her network...
 
london-boy said:
PVR_Extremist said:
For WEP, simply enter that 13 character phrase in the Passphrase box and click "generate". Then copy the 26 digit hexadecimal code its produced to the remaining 3 "Key" fields and "Apply"

Connect to the wireless network through windows and put in that same 13 character passphrase into the passphrase dialog box that appears in Win XP.

HTH too ;)

Don't be afraid, do it now !! :D

Well i'll do it when i get home!! ;)
Besides, my network has been open for the last... 7 months and i never had problems. Apart from getting disconnected every 3 hours but that's a prob with the line.

7 months of free broadband access for your neighbours !!! Woot

London-Boy ISP (TM)

Let us know how you get on

Good luck
 
Back
Top