Active Stocks
Thu Mar 28 2024 15:59:33
  1. Tata Steel share price
  2. 155.90 2.00%
  1. ICICI Bank share price
  2. 1,095.75 1.08%
  1. HDFC Bank share price
  2. 1,448.20 0.52%
  1. ITC share price
  2. 428.55 0.13%
  1. Power Grid Corporation Of India share price
  2. 277.05 2.21%
Business News/ Leisure / Unsecured airwaves
BackBack

Unsecured airwaves

Unsecured airwaves

On a leash: It is easy for hackers to get to information being transferred over the wireless network. Premium

On a leash: It is easy for hackers to get to information being transferred over the wireless network.

Wireless fidelity (Wi-Fi) penetration is growing by leaps and bounds, not only among business houses, but also among residential users. As most households nowadays have at least a desktop, it makes sense to have a Wi-Fi router within homes for flexible Internet access.

But as happens with the Internet, proliferation breeds vices. If the spurt in number of cyber crimes in India is any indication, the possibility of unsecure Wi-Fi networks being compromised is high. Let’s take a look at things you need to be on top of.

Encryption woes

Data transfer over wireless networks is in the air and not confined to any wire. It is easy, therefore, for a hacker to get to the information being transferred over the wireless network. To prevent this, there is a need to encrypt the data in a way that it can only be deciphered by someone who has the decryption key.

Wireless routers have two kinds of encryption: Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). WEP is considered a weak encryption mechanism as it has many loopholes. It uses 64-bit or 128-bit security keys to encrypt data of which 24-bits are called Initialization Vector (IV). Since 24-bits give only 16.7 million variations, it is comparatively easier to decode the keys. Also, the possibility of using the same IV key more than once is high—making the system vulnerable to hack attacks.

On a leash: It is easy for hackers to get to information being transferred over the wireless network.

WPA2 is the advanced version of WPA. Since WPA is a newer technology, it is possible that many routers may not support it, so the user needs to do a firmware update.

The WPA key can be enabled by going to the Wireless Setup tab and selecting the WPA Security option. Using a passphrase, which is an alphanumeric keyword, we can generate one or more WPA keys. The passphrase should be longer than 16 alphanumeric characters and should only be known to the administrator.

Plugging the loopholes

Hackers take advantage of the many loopholes, such as weak passwords, etc., that users tend to overlook while securing their Wi-Fi networks. Configuring the security settings on your Wi-Fi router is time consuming.

Administrator password

All the routers are shipped with default factory settings, which many users do not change while connecting to the Internet. These default settings are known, as they are specific to manufacturers. The first thing you should do while setting the router is change the default username and administrator password, so that it is known only to you.

Enabling WEP or WPA encryption

The need to scramble data while using a wireless network is paramount. You should activate the necessary encryption key. It is advisable to choose WPA or WPA2 encryption rather than WEP if your router supports it. To configure the WPA encryption you have to enter a unique passphrase.

Broadcasting SSID

Service Set Identifiers (SSIDs) are public names of wireless networks. All the client machines communicate within a network using similar SSIDs. Router manufacturers gen-erally give default SSIDs; for example, the Linksys router will have a default SSID “Linksys". A user should change this default SSID. Broadcasting SSID is a feature that is ideal for businesses and mobile hot spots where users move in and out of networks. For home broadcasting, SSID may make the system vulnerable to attack if the router is not protected by a username and password.

MAC address filtering

Media Access Control (MAC) address is identification for all the hardware connected to your network. In a home network with a limited number of users it is better to find out the MAC addresses of all the machines connecting to the network (enter ipconfig/all in the command prompt to get the whole list). The administrator should then feed these numbers under the “permit only" tab in the Wireless Network Access tab. This will ensure that any system whose MAC address does not pass the filter will not be able to access the network.

Positioning the router

The range of wireless routers may exceed the boundaries of your house, but its strength reduces with distance. It is deemed best to have the wireless router inside the house rather than on the window so that there is very little leakage.

Switching off the router

This may seem a very trivial thing to be included in this section. But remember, you must always switch off your router when you are not using it so that hackers don’t have access to it.

*********

Common Wi-Fi Hacking software

NetStumbler: A Windows-based tool used to locate open wireless networks

Kismet: Displays SSIDs that are not broadcast

Airsnort: Cracks WEP encryption keys

Cowpatty: Cracks WPA- pre-shared key

Wireshark: Sniffs data transferred over a wireless network

Wi-Fi Jargon

Encryption: It’s the process of scrambling legitimate information using algorithms called ciphers, so that the information can be decrypted only by someone or something that has the encryption key.

Service Set Identifier (SSID): It is a name that identifies a particular 802.11 wireless LAN network. For the client machine to connect to the network, its SSID should match with that of the router.

WarDriving: It’s the act of locating and logging on to wireless access points from a moving vehicle using a laptop or a PDA or a cellphone.

This story is brought to you by digit

Write to us at businessoflife@livemint.com

Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!

Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less
Published: 09 Feb 2010, 10:08 PM IST
Next Story footLogo
Recommended For You
Switch to the Mint app for fast and personalized news - Get App