Say your local DSL provider makes you a sweet deal
on an 802.11 package. Or maybe you already have DSL or a cable Internet service and you just bought a wireless router that allows you to roam around your house connected to the Internet. In your own home, what's the worse that could happen if you don't turn on WEP (Wired Equivalent Privacy) or any other 802.11 security options? You could get a visit from the FBI, that's what.
At this year's Black Hat Briefing in Las Vegas, the annual Hacker court involved a scenario where a houseboat sailing up and down the Potomac River was able to use various unsecured wireless networks to access troop deployment plans from the Naval Academy at Annapolis. Presented in the form of a mock court case--including a real live federal court judge--the prosecution laid out how it identified various Web addresses used to launch the intrusion on the Naval Academy. However, when federal agents arrived at the homes matching the Internet addresses, they found the computer hard drives to be lacking any evidence of the crime. All of the homes, however, had 802.11 networks that were not secure, and all bordered the Potomac. Through some silly testimony that I won't explain here, prosecutors ultimately revealed that a houseboat sailing on the river had the ability to receive wireless signals from shore; the occupants of the boat had used the onshore wireless networks to commit their crimes. The prosecution provided forensic evidence of the houseboat's laptop, which contained the incriminating data.
Think that scenario is pretty far-fetched? Not so.
Several weeks before the Black Hat gathering at the end of July, a patent-document company, MicroPatent LLC, suffered a Web-based intrusion and subsequent e-mails demanding 17 million dollars in exchange for the illegally obtained information. Based on digital forensic evidence, federal agents in Virginia (a PDF file) began searching the hard drives of computers found in two homes and one dentist's office in Arlington, Virginia. The hard drives in the two homes and the dentist's office were clean; all had unsecured wireless networks, however. Federal agents instead focused on a name within the extortion e-mail itself.
In your own home, what's the worst that could happen if you don't turn on WEP (Wired Equivalent Privacy) or any other 802.11 security options? You could get a visit from the FBI, that's what.
Shortly afterward, Myron Tereshchuk, 42, was arrested. Owner of a small patent-document firm that was a competitor to MicroPatent LLC, Tereshchuk had been caught allegedly removing files from the U.S. Patent and Trademark Office. Banned from the U.S. Patent and Trademark Office, Tereshchuk blamed MicroPatent and consequently began his campaign against it. In an attempt to obscure the origins of his attack, he used the unsecured Arlington wireless networks. In the end, federal agents found the necessary evidence to arrest Tereshchuk on his hard drives.
What to do
It's not a foregone conclusion that your wireless network will be used by criminals, but it is important that you do your best to protect it. Here are some ways you can secure 802.11:
It's not a foregone conclusion that your wireless network will be used by criminals, but it is important that you do your best to protect it.
Change your name
Start by changing the default name of your network, the Service Set ID (SSID). For example, Tsunami is the default SSID for Cisco's Aironet Access Point, so you want to make sure you're not one of the thousands of Tsunami networks in the world today. Don't use personal info such as your street address in your ID, either. That's too revealing to strangers. Try random numbers instead.
Turn off SSID
If your unit allows for it, turn off SSID broadcasting altogether. This prevents strangers from passively scanning the area and receiving your network's broadcasts.
Protect your intranet
Be sure to place your access points (APs) outside your firewall. If you place your APs inside the firewall and someone breaks into your WLAN, he or she has access to your intranet, too.
Block unknown devices
Restrict your wireless network to known Media Access Connection (MAC) addresses, which are unique identifiers for every hardware device. If you don't know the addresses of the devices on your network, make an audit today. Then you can block rogue devices trying to connect to your net without your permission.
Although WEP by itself will not by itself make your network secure, it's a good first step.
Have you secured your 802.11 home network? Talk back to me.