In some military operations, US Helicopter pilots used a specific signal to track their position against the enemies borders. In order to entice the Chopper across the line, the enemy would broadcast a ‘signal’ that would be designed to fool the pilot to fly the wrong way, and cross into enemy territory. All the way thinking that they were headed in the right direction.
Fast forward to now, with WiFi ubiquitous in both home and business. Its one of the most simple and easy to use devices ever created for networking. Its one of the more insecure devices around.. A hackers haven.
A WiFi Access Point is nothing more than a radio and like all radio signals, it can be listened in on, it can be decoded, it can be faked.
Fooled ya!
One simple hacker trick is to fool computers and their operators into connecting to a nearby access point. A rouge access point will often have little to no security. The hapless user simply thinks that its their lucky day! An open wireless. In the mean time, the hacker can intercept the traffic and copy all the user names and passwords that are used and send the client on to the site of the choice.
Come on in, door’s open
Wireless Access Points ship typically with ‘default’ passwords and SSIDs. Take for instance the Linksys WRT54GS, its user name is: Admin and the Password: admin. Great..that’s simple, an unsecured, popular product. But then again, how bad could it be?
In the 2010 Data Breach Investigations Report A study conducted by the Verizon Business RISK team in cooperation with the United States Secret Service, the report states:
“In May 2008, USSS agents arrested Albert Gonzalez, and he was later indicted along with eight other co-conspirators for hacking into the wireless computer networks of TJX Corporation, BJ’s Wholesale Club, OfficeMax, Barnes & Noble,Forever 21, Discount Shoe Warehouse, Boston Market, and Sports Authority.”
While you may not be a large target such as these, you might have your Wireless listed on Wigle.net its a site that WarDrivers can upload wireless access points they found. Believe me – its worth a look.Sniff! Sniff! – What’s the smell – Packets?? As I said, a Wireless Access Point is a radio and as such, most any WiFi card can conceivably listen in on the wireless signals. Hence a tool like AirCrack-NG can gather enough intelligence to crack a wireless system. From the AirCrack website: “aircrack-ng.org_resources_aircrack-ng-new-logo.jpgAircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. (…) In fact, Aircrack-ng is a set of tools for auditing wireless networks. ” Remember when using a wireless there’s a few simple rules,
- Don’t talk to Strange IP’s. IF you *do not* know the Access Point then do not use it.
- If you do know the IP, be sure and not do things like banking or other personally sensetive information on it
- You likely have an AP at home. Take the standard precautions of changing the default password and user.
- Add a STRONG key and consider changing it frequently.
- If you have a wireless access point near an outside wall of your house, move it inward to reduce the signal.
