Wireless Security: Attacks and Defenses
The article wireless security attacks and defenses highlights some of the dangers that computer users face when they set up a wireless network at home or in office. The core danger here is that improperly configured and secured networks invite attackers, and since it is a wireless network, it means that attackers can run their attacks from outside. One of the core dangers is that the default settings are kept when the network is setup. This often means that the admin password for the router or modem is not changed, and that either no encryption or weak encryption is used.
While I personally recommend that you do not setup anything network related if you do not have a deeper understanding of security, I know that this is not really practicable. You should at the very least do some research on the Internet so that you know how to properly secure the router or modem to protect the network against attackers.
While there is a chance that nothing bad happens to you if you do not, chance is that it will eventually. An attacker could log your Internet traffic, use file sharing, download music illegally, send spam mails, write abusive comments or posts, or even trade child pornography using your Internet connection. It will all fall down back to you, and you may be hard pressed defending yourself against these accusations.
Back to the article: It lists Vulnerabilities and Attack Methods (Human Error, Rogue Access Points, Warchalking, MAC Address Spoofing, Noisy Neighbors, Improper Design and Man-In-The-Middle Attacks). You get a good basic understanding of those vulnerabilities and attack methods. This is of course no in depth knowledge but solid beginners knowledge. As always, if you want to know more you have to research.
After explaining the attack methods the article lists defense measures starting with basic defense methods. (WEP, MAC Address Blocking, Ditch the Defaults, Beacon Intervals, Access Lists, Controlling Reset and Disable DHCP)
The article is a good read even though it has been published in 2006. Some of the concepts are not up to date anymore though. It is for instance not recommended to use WEP encryption. Always make sure you select the most secure encryption method available which most of the time these days is WPA2-PSK.To configure your router, open its configuration page in your network. This is usually done by entering the address found on the router's back or in the manual in your web browser. You need to enter the admin password to proceed. Once inside the configuration panel, go through all settings here until you find the security related settings.Advertisement