Filesharing did not seem to be a concern as well citing the probability of being caught in the act. He is not concerned about bandwidth stealing either, most likely because he has a flatrate.

I would like to respond to this. A low probability to get caught does not mean that it won’t happen. This is my first concern. And the probability rises with every file shared on the Internet. I’m not sure about the law in America but I do know that you are responsible in many countries if a crime can be connected to your IP and that the excuse that you have been running an Open Wi-FI will not help you at all.

Besides file sharing we have the probability that someone is using the open Wi-Fi for hacking, blackmailing, trojans, viruses, child pornography or insults on forums. Depending on your location it could be highly unlikely that this is happening but I would never take this risk in first place.

Bandwidth is another aspect. If someone used all my upload speed to distribute files I would experience slow downs and could not use several applications that require a certain amount of bandwidth. It’s not only about the amount of Gigabytes that you transfer, it’s also about the impact on the system.

Only to help others out – with Internet – that you do not know ? If your neighbors need Internet so badly they could ask, can’t they ?

Related posts

• YubNub a social internet command line (2)
• Xirrus Wi-Fi Monitor (2)
• Wolfram Alpha Gets Its First Core Update After Launch (3)
• Wireless Security: Attacks and Defenses (0)
• Wireless Networking Software Homedale (13)

My personal advice would be to avoid using something that you don´t know enough about. You should read at least the instructions which should help you setup a relative secure system but that´s of course not sufficient. You should do some research on the internet and articles like the one mentioned above help you understand the concepts and secure your wireless connection.

You could hope of course that nothing will go bad, that no one will get access to your computer, find out about your private files, share child pornography with it, download music from it aso. But I would not take any chances.

Back to the article: It lists Vulnerabilities and Attack Methods (Human Error, Rogue Access Points, Warchalking, MAC Address Spoofing, Noisy Neighbors, Improper Design and Man-In-The-Middle Attacks). You get a good basic understanding of those vulnerabilities and attack methods. This is of course no in depth knowledge but solid beginners knowledge. As always, if you want to know more you have to research.

After explaining the attack methods the article lists defense measures starting with basic defense methods. (WEP, MAC Address Blocking, Ditch the Defaults, Beacon Intervals, Access Lists, Controlling Reset and Disable DHCP)

The article gives a basic overview, you will have to find out how to setup your wireless router properly, that´s something the article won´t mention. Mainly because there are hundreds of different routers out there and it would be impossible to give configuration advices for all of them. Read the manual of your router and I suggest you visit the manufacturer homepage and see if there are updates for it available (firmware for instance). Maybe the manufacturer has a forum where users post their experience, this are always valuable sources for information.

Related posts

• Xirrus Wi-Fi Monitor (2)
• Wireless Hotspot Hacks (1)
• WiFi for Symbian S60 Mobile Phones (6)
• Wi-Fi Signal Strength (8)
• Why you should not run an Open Wi-Fi (7)

We had to do a scan of the surroundings of course and found lots of unsecured wireless lan networks. I don´t know why people keep these unsecured, maybe its laziness, maybe they simply don´t know the risks involved. Its like leaving your doors open when you leave your house. Lots of things can happen..

Others could use your internet connection to surf the web, to spam, download copyrighted files or hack other servers, and do even worse stuff. All using your connection. Guess on whose door the police will be knocking ?

Router / Access Point

This is your main configuration unit. If someone gets access to it he will be able to change lots of preferences like passwords, encryption and mac address. Most routers have default passwords and SSID´s which have to be changed by their owner to make the entire system more secure.

1. Default Login

Your first task is to change the default user login to something else. Routers normally have default usernames and passwords like admin / 0000 or similar. You normally configure your wlan router using a web browser and the routers ip. Those are the username and password you enter when you want to change the configuration.

2. Updates

Visit the manufactures website and look for updates for your router / access point. Often those updates include security updates as well, recommended to to every once in a while.

3. Infrastructure / Ad-Hoc

With infrastructure mode enabled all deviced connected to the wireless lan communicate through the access point / router while the Ad-Hoc mode allows for direct communication. Disable Ad-Hoc mode if available.

4. SSID

The SSID, Service Set Identifier, identifies your router. Companies use default ones like wireless or wlan which are easy to guess. Choose a more secure password, best is a combination of letters and numbers.

Disable the SSID Broadcasting, which transmits its name to everyone in range.Wireless stations searching for a network connection can ‘discover’ it automatically, not needed if you know the SSID and configure your computers the way. It does not make sense to change the name but leave broadcasting on.

Note its still possible to sniff the SSID, its still send in clear text when a client associates with the router / access point.

5. Pings

Turn of Broadcast pings on the access point / router this makes it invisible to 802.11b analysis tools.

6. Mac Address Filtering

Every network device has in theory a unique MAC address. You can configure your access point / router the way that it only accepts connections from the mac address(es) you specify. Its possible to sniff your mac addresses and fake them, don´t rely on this alone.

On windows open the command prompt and enter ipconfig /all

The Physical Address is your MAC address, make sure you selected the right device, a wlan pci card for example.

If you are not using windows go to this website, it explains how you find it on your operating system.

7. Remote Management

Disable if not needed.

8. WPA, WPA2 or WEP

If your access point offers WPA2 encryption use it. WPA2 uses AES encryption. If you have an older access point use WPA and as last resort use WEP. Make sure you chose passwords that are more or less immune against dictionary attacks and chose the highest available encryption option (232 ->104 -> 40)

9. Wlan Coverage

It does not make sense most of the time to provide wlan coverage for a wider area than your own appartment. You can experiment with lowering the transmit level and the use of directional antennas to reduce the area your wlan covers.

Its a good idea to change the encryption keys and the SSID every now and then. The best protection is of course to turn your wireless network off if you don´t need it.

[tags]wifi, wlan, wireless lan, secure, network, wireless network, ssid, broadcast, wep, wpa, wpa2, router, access point[/tags]

Related posts

• Protect your Wireless Lan (9)
• Yahoo marks dangerous search results (4)
• Wordpress Remote Admin Password Reset Vulnerability (13)
• Wireless Security: Attacks and Defenses (0)
• Wireless Network Scanner inSSIDer (3)