Why are there so many unprotected WIFI networks?

[PVR_Extremist]

To me, not enabling WEP/WPA or whatever is not so much a question of security for home users, but much more a large annoyance if your neighbour has an unprotected one. Windows is at times really stubborn and will only connect to the unprotected network. And if you check the box that says it shouldn't connect to unprotected networks, it goes into a loop: connect to unprotected (most visible) network -> drop connection because it is unprotected -> repeat. Often, the only solution to that, is go to the neighbour and enable WEP on his/her network...

It is an annoyance and chances are your neighbours are not pro hackers. But it's surprisingly easy to break in to an unencrypted network with a packet sniffer.

Yesterday the wireless network I found didn't even have a password on the router I could have locked out that user from his own network, taken over his machine and generally caused havoc.

Now I'm not a malicious guy so I left it well alone and told my friend to find out who runs that network so I can fix it for them !! There are too many networks like this though

 

[Frank]

It is an annoyance and chances are your neighbours are not pro hackers. But it's surprisingly easy to break in to an unencrypted network with a packet sniffer.

Yesterday the wireless network I found didn't even have a password on the router I could have locked out that user from his own network, taken over his machine and generally caused havoc.

Now I'm not a malicious guy so I left it well alone and told my friend to find out who runs that network so I can fix it for them !! There are too many networks like this though

Agreed. I've been tempted a few times to do something nasty like change the password on the router and drop some message with my phone number on their desktop, so I can fix it. Never did, though.

 

[London Geezer]

For WEP, simply enter that 13 character phrase in the Passphrase box and click "generate". Then copy the 26 digit hexadecimal code its produced to the remaining 3 "Key" fields and "Apply"

Connect to the wireless network through windows and put in that same 13 character passphrase into the passphrase dialog box that appears in Win XP.

HTH too

Don't be afraid, do it now !!

Well i'll do it when i get home!!
Besides, my network has been open for the last... 7 months and i never had problems. Apart from getting disconnected every 3 hours but that's a prob with the line.

7 months of free broadband access for your neighbours !!! Woot

London-Boy ISP (TM)

Let us know how you get on

Good luck

HAhaha and it's a 4Mb connection too. enough for everyone!!
No really, i get maximum speeds at any one time, so no one else is using it.

 

[London Geezer]

It is an annoyance and chances are your neighbours are not pro hackers. But it's surprisingly easy to break in to an unencrypted network with a packet sniffer.

Yesterday the wireless network I found didn't even have a password on the router I could have locked out that user from his own network, taken over his machine and generally caused havoc.

Now I'm not a malicious guy so I left it well alone and told my friend to find out who runs that network so I can fix it for them !! There are too many networks like this though

Agreed. I've been tempted a few times to do something nasty like change the password on the router and drop some message with my phone number on their desktop, so I can fix it. Never did, though.

That's just EVIL. Conveniently slip a few "Need PC Fixing" junk mail leaflets here and there, so u can go and get paid to fix the havok you've created!!! It's quite genius actually

 

[London Geezer]

DONE! Setup a 128bit WEP key thing.

No one ever tried to access my connection anyway (that i'm aware of err...), but after the paranoia you guys put into my head, i feel better now.

 

[hoom]

So what is it that makes WPA much better than WEP? Just a better encryption algorithym?

I think I shall prod my flatmate since our network supports that.
We already have 128bit WEP & MAC table.

 

[Frank]

So what is it that makes WPA much better than WEP? Just a better encryption algorithym?

I think I shall prod my flatmate since our network supports that.
We already have 128bit WEP & MAC table.

While you do want encryption, it does cost bandwidth and time to process. 64 bit WEP encryption takes about 10% bandwidth and not much processor capacity, 128 bit takes about 25% and a noticable bit of CPU capacity. Anything higher than that is definitely more secure, but starts to eat into your capacity and bandwith quite a lot.

So, for home use, 128 bit WEP is the best. For businesses, WPA and a Radius server is preferrable. And they have the money to pay for a better / faster computer and connection as well.

Edit: for a home network, the main bottleneck is your internet connection, so a bit of encryption isn't noticeable.

 

[PVR_Extremist]

From Netgear manual:

WEP is a data encryption method and is not intended as a user authentication mechanism. WPA user authentication is implemented using 802.1x and the Extensible Authentication Protocol (EAP). Support for 802.1x authentication is required in WPA. In the 802.11 standard, 802.1x
authentication was optional. For details on EAP specifically, refer to IETF's RFC 2284. With 802.11 WEP, all access points and client wireless adapters on a particular wireless LAN must use the same encryption key. A major problem with the 802.11 standard is that the keys are cumbersome to change. If you do not update the WEP keys often, an unauthorized person with a sniffing tool can monitor your network for less than a day and decode the encrypted messages.

Products based on the 802.11 standard alone offer system administrators no effective method to update the keys. For 802.11, WEP encryption is optional. For WPA, encryption using Temporal Key Integrity Protocol (TKIP) is required. TKIP replaces WEP with a new encryption algorithm that is stronger than the WEP algorithm, but that uses the calculation facilities present on existing wireless devices to perform encryption operations. TKIP provides important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. Through these enhancements, TKIP addresses all of known WEP vulnerabilities.

 

[London Geezer]

So what is it that makes WPA much better than WEP? Just a better encryption algorithym?

I think I shall prod my flatmate since our network supports that.
We already have 128bit WEP & MAC table.

While you do want encryption, it does cost bandwidth and time to process. 64 bit WEP encryption takes about 10% bandwidth and not much processor capacity, 128 bit takes about 25% and a noticable bit of CPU capacity. Anything higher than that is definitely more secure, but starts to eat into your capacity and bandwith quite a lot.

So, for home use, 128 bit WEP is the best. For businesses, WPA and a Radius server is preferrable. And they have the money to pay for a better / faster computer and connection as well.

Edit: for a home network, the main bottleneck is your internet connection, so a bit of encryption isn't noticeable.

Are you freaking serious!? So my 4Mb connection is now a 3Mb one?? Doesn't sound right.

 

[pcchen]

So what is it that makes WPA much better than WEP? Just a better encryption algorithym?

I think I shall prod my flatmate since our network supports that.
We already have 128bit WEP & MAC table.

Here's a good introduction to the security problems in WEP.

 

[wireframe]

Are you freaking serious!? So my 4Mb connection is now a 3Mb one?? Doesn't sound right.

The overhead is only on the WiFi part of the network. Your WAN (ADSL) is untouched. Only communication happening between the WiFi Access Point and clients (or other APs in WDS) incur the WEP overhead penalty.

Just to add a bit to the WEP v WPA debate. It's not just about better algorithms and stronger encryption. WEP has some real issues that make a 128-bit WEP key as 'useless' as a 64-bit one. The problem is that a WEP connection is established without any encryption. If anyone is listening (sniffing) at the time the connection is made, they will be able to grab the key. WPA is encrypted handshaking so it takes much more work to 'get inside'.

If you are paranoid, but insist on using WEP, you might as well stick with 64-bit WEP and MAC filtering. It will keep most people out, but a skilled cracker will break this in no time flat. However, a skilled cracker targetting you directly is very difficult to stop under any circumstance. WPA is better, but you should still MAC filter. The real problem with security is that you need to go the whole nine yards or forget it (sorta). It's amazing how many people have a strong security infrastructure and then toss it all away by keeping their passwords/keys on Post-Its etc.

Paranoia is normal. It is best to assume you are completely vulnerable at all times and act accordingly. A false sense of security is very dangerous.

EDIT:

I am not sure about this, but I think I am right when I say that there is a common and easy way to break WEP all the time. It goes something like this. Because the handshake is not secure, it is the vulnerability that is targetted. Unfortunately this is a very brief communication sequence and typically happens once per session (under ideal conditions). I believe the fast WEP crack is to stimulate a new handshake by interfering with the communications of the attached devices. That is, you inject a signal that is 'garbage' only to disrupt communication between APs and clients (or client and client in ad hoc networks). This forces the network to re-establish a connection and this triggers the handshake. This means you can snoop at your own leisure and do not need to be listening at any one time.

Similarly, I think WPA is attacked like this. The same WiFi DoS principle is applied, forcing the clients to reconnect. By doing this a few times, you get a few permutations of the 'secure' WPA TKIP key. This makes the task of breaking it easier as you now have several connection sequences to compare and contrast, and you also know that the data you are looking at is the connection sequence.

Maybe someone who has actually tried this could comment more. I'm a saint...

 

[hoom]

thanks guys

 

[Bouncing Zabaglione Bros.]

Are you freaking serious!? So my 4Mb connection is now a 3Mb one?? Doesn't sound right.

It will keep most people out, but a skilled cracker will break this in no time flat. However, a skilled cracker targetting you directly is very difficult to stop under any circumstance.

Paranoia is normal. It is best to assume you are completely vulnerable at all times and act accordingly. A false sense of security is very dangerous.

Similarly, I think WPA is attacked like this. The same WiFi DoS principle is applied, forcing the clients to reconnect. By doing this a few times, you get a few permutations of the 'secure' WPA TKIP key. This makes the task of breaking it easier as you now have several connection sequences to compare and contrast, and you also know that the data you are looking at is the connection sequence.

Maybe someone who has actually tried this could comment more. I'm a saint...

The thing you have to be aware of is that when these kinds of exploits come up and everyone says things like "it's possible but not likely", "will keep out most people" etc, this is true at the beginning, but it's not long before someone has bundled it all up into one program where any person with very little technical knowledge can click on a button, find and hack into a Wi-Fi network. It's especially easy when the exploit has been extended using more techniques like the "fast hack" you describe above.

We've seen the same thing with virus and trojan creation, cable modem uncapping, and just about anything else you can think of, and you can bet there are simple tools out there for anyone to easily and conveniently break into your wi-fi.

Given the rise in computer crimes and identity theft, I'm sure it won't be long before listening in and stealing your neighbour's banking details straight off their Wi-Fi will become common-place for the thief who used to go through your garbage for personal info. These are the guys who duplicate credit cards, put cameras and card readers over ATMs, and adopt other suprisingly sophisticated techniques and equipment to steal money off individuals.

This is all some of the reasons why I chose to go wired rather than wireless. Wireless is just too easy to break into, and there are any number of reasons why people would do it, identity theft, bandwidth theft, spamming under your IP, etc.

 

[London Geezer]

Well, my philosophy has always been, if my upstairs neighbour really wanted to hack my network, he would succeed, whatever i do.

My network had been completely open (not even MAC filtering) for more than 7 months. Now i put a WEP key protection.

If someone wanted to get into my network, they'd have done it, and they would do it, whatever encryption i'd use from now on.

That said, a huge THANK YOU for explaining all this stuff guys.

 

[wireframe]

This is all some of the reasons why I chose to go wired rather than wireless. Wireless is just too easy to break into, and there are any number of reasons why people would do it, identity theft, bandwidth theft, spamming under your IP, etc.

I agree that WiFi is inherently insecure (if that is what you meant). I would even go as far as saying all communication is inherenly insecure and this is why encryption exists. It doesn't solve the problem, but it helps. I hope I did not come across as saying "don't worry." That is quite far from what I intended. However, I think when dealing with an insecure medium, like WiFi, there is little reason to go overboard in upping bitness in things that ultimately do very little to protect you, like WEP. This is just false security. On the other hand, you may get 80% of the benefit at much lower levels, choosing to trade performance for a false sense of security. With WEP, I really don't think a 128-bit key is going to protect you any more than a 64-bit one if someone is looking to get in.

Going, or staying, rather, wired is one way, but WiFi exist for a reason. Not everyone can have wires for all their devices comfortably. WiFi is here to stay and now it is an issue of how to deal with it, including its flaws. Because it is a broadcasting system you are inviting evesdroppers. The best you can do is to screen off as many as possible. It's unreasonable to employ a system where you get 1Mbps actual data transmitted for every 10Mbps of network bandwidht due to security overhead. Even then, I am sure that a cracker directly targetting you could find a way in. You have only reduced the number of candidates until the cracking process is automated. I liken this to not ever having sex because of threat of disease. Sure, you can avoid those diseases, but then you are missing a fundamental part for why the system exists (and...you'd probably contract some other weird disease anyways and wonder why you didn't at least have fun getting it).

So, a WiFi system with WPA, MAC filtering, and no SSID broadcasting is as good as it gets and this is what needs to be done. I also recommend switching WiFi off when not in use, but that may be more problematic than some people want to hear. Mind you, many home APs seem to have a tough enough time going 24 hours without a reset anyways, so this may be a small issue.

To answer the question of the OP, I think the answer is very simple: most people don't realize they are exposed. They have a tough enough time trying to connect their laptop to their home AP without consulting the manual and phone support that they never stop to think how exposed they are. I am sure many people are thinking "but who could possibly guess my IP?" Not realizing that this IP address is part of a greater system and can be derived.

 

[Bouncing Zabaglione Bros.]

Well, my philosophy has always been, if my upstairs neighbour really wanted to hack my network, he would succeed, whatever i do.

My network had been completely open (not even MAC filtering) for more than 7 months. Now i put a WEP key protection.

If someone wanted to get into my network, they'd have done it, and they would do it, whatever encryption i'd use from now on.

Just because someone hasn't emptied your bank account in the last seven months, it doesn't mean someone won't do it next week. If you're really unlucky, someone could steal your identity and go on a spending spree, leaving you to deal with the court cases and debt collectors for years to come.

 

[London Geezer]

Well, my philosophy has always been, if my upstairs neighbour really wanted to hack my network, he would succeed, whatever i do.

My network had been completely open (not even MAC filtering) for more than 7 months. Now i put a WEP key protection.

If someone wanted to get into my network, they'd have done it, and they would do it, whatever encryption i'd use from now on.

Just because someone hasn't emptied your bank account in the last seven months, it doesn't mean someone won't do it next week. If you're really unlucky, someone could steal your identity and go on a spending spree, leaving you to deal with the court cases and debt collectors for years to come.

There's nothing on my computer to go all the way through my bank and stuff. They might be reading all my emails (and have a right laugh) and enjoying very fast downloads (whle i'm not there) but nothing more than that.

 

[wireframe]

Well, my philosophy has always been, if my upstairs neighbour really wanted to hack my network, he would succeed, whatever i do.

My network had been completely open (not even MAC filtering) for more than 7 months. Now i put a WEP key protection.

If someone wanted to get into my network, they'd have done it, and they would do it, whatever encryption i'd use from now on.

Well, the problem is that although your neighbor may be Mr Rogers, your WiFi is open to anyone within range. You have probably heard of wardriving, where crackers simply drive down roads and sniff WiFi networks. So your neighbor's saintly attitude is not a good yardstick for determining your need for security. Furthermore, how do you know he is not listening, gathering enough data for a swift decisive strike when the time is right? (got your heart pumping there, didn't I? )

I didn't metion this before, mainly because it is not WiFi specific, but VPNs can be very useful for WiFi. By creating a secure VPN tunnel you can protect yourself very well, but this has more overhead costs. However, if you are looking to use a 22 or 54 mbps network to pipe a measly 4mbps ADLS connection, you have plenty of spare room for security.

But you are right, at some point you have to just let go and trust something. You can't shut yourself in a vault just because you heard there are people lacking honor and integrity out there in the world. There is lots of other security measures in place to protect you. When you do your online banking you are probably using a secure socket (HTTPS) or even a VPN. So, while the snooping neighbor may snap up your transmission, he now must crack a 1024-bit RSA to get to the real meat.

I think the main problem is that it's difficult to find your own level of security v comfort (or effort) until you have been hacked/cracked. When nothing happens you see only reason to drop your guard a bit more to make it faster or easier to use. Then, whap! You are struck where it hurts and next thing you are nailing the modem down to the furniture where it stands. No more cracking so you think you are safe. Never do you stop to think that this was one strike, you had your guard down, but even now with your guard up it could happen. This is how we set our own relative perceptions of when we are safe and when we are not. It's so much faith (and groveling).

 

[Bouncing Zabaglione Bros.]

Going, or staying, rather, wired is one way, but WiFi exist for a reason. Not everyone can have wires for all their devices comfortably. WiFi is here to stay and now it is an issue of how to deal with it, including its flaws. Because it is a broadcasting system you are inviting evesdroppers. The best you can do is to screen off as many as possible. It's unreasonable to employ a system where you get 1Mbps actual data transmitted for every 10Mbps of network bandwidht due to security overhead.

Oh, I'd agree with you completely, but I think a lot of people go wireless for the convenience that it has all been marketed with, not realising the gaping security loopholes that exist. I'm sure they'd be happy to run a bit of CAT5 to their desks if they realised the true limitations of Wi-Fi security and throughput. Or maybe people are just stupid and lazy and won't care until they find their bank accounts emptied, by which time it will be too late.

Those holes *will* be exploited because they are there and spreading along with the technology. The exploitation will happen because the opportunity for exploiting becomes more widespread. If everyone starts leaving all their front doors open, the theives will soon realise they can just walk in and grab whatever they want anywhere they go. It's only a matter of time if it isn't happening already. Identity/internet/banking theft is becoming more common, and hacking into (un)secured Wi-Fi will just become another tool in the theives arsenal.

 

[London Geezer]

Oh, I'd agree with you completely, but I think a lot of people go wireless for the convenience that it has all been marketed with, not realising the gaping security loopholes that exist. I'm sure they'd be happy to run a bit of CAT5 to their desks if they realised the true limitations of Wi-Fi security and throughput. Or maybe people are just stupid and lazy and won't care until they find their bank accounts emptied, by which time it will be too late.

That's why we have insurance. One can't be paranoid and looking over their shoulders 24/7, like he can't be held liable if something criminal happens to him without him knowing. Like car accidents, shit happens, but people have insurance so they don't need to worry about losing lots of money because of other people's fauls or crimes.