KA Data Group -Technology Solutions (Entries tagged as wireless)

It's Easy To Sniff Out Wireless Intruders!

blog@kadatagroup.com (admin) — Sun, 25 Nov 2007 20:58:05 -0500

Part five of our six steps in securing your wireless network is very straight forward. If you've taken every possible step to keep out wireless intruders, there's still a chance that someone can get onto your network. So you should regularly check to see whether someone's where he shouldn't be - on your network.

If ever you find someone that shouldn't be on your network, kick them off IMMEDIATELY! One way to do this is to get a program, which will keep an eye out for wireless intruders. When it finds any, it notifies you that they're on your network, show you their activity, and even send them alerts telling them that you know they're using your network. It's called "AirSnare" and you can get it for free here.

This is part five of our six steps to securing your wireless network.

Secure Your Wireless Network - Limit The Number of IPs

blog@kadatagroup.com (admin) — Fri, 23 Nov 2007 20:39:00 -0500

Normally, when your computer connects to your network, your router gives it an IP address. Every computer connected to the Internet needs an IP address in order to browse the Web.

Most times, your router just hands out these IP addresses without question to all network clients, so any time a nearby wireless PC asks for an IP address, the router hands one over with no questions asked.

To help control your security, you can tell your router to only give out a certain number of IP addressesone for each computer on your network. How does this help you? If the computers on your network use all the available IP addresses, it prevents your router from assigning an IP address to an intruder trying to connect to your network.

This setup varies somewhat from router to router. In the Linksys WRT54GX4, log in as an administrator and go to the Setup screen. In the box next to "Maximum Number of DHCP Users:" type the number of computers that will use your network, (both wired and wireless), and click Save Settings. That's all it takes. Now intruders won't be able to get IP addresses to get onto your network. If you add another computer to your network, make sure you go back to the Setup screen and increase the number of DHCP users by one.

This is part four of a six part series about securing your wireless network.

See part one here.

See part two here.

See part three here.

Secure Your Wireless Network - Filter Out MAC Addresses

blog@kadatagroup.com (admin) — Tue, 20 Nov 2007 20:27:00 -0500

Every piece of networking hardware has a unique ID number, like a serial number, called a MAC address. No two pieces of networking hardware have the same MAC address. A MAC address always has 12 hexadecimal digits and looks something like this: 00-08-A1-0B-8E-3D.

You can use these MAC addresses to keep out intruders. Many routers let you permit only certain MAC addresses onto your network. You can set your router to let in each of your computers, and keep everyone else out.

The way you do this varies from manufacturer to manufacturer, and even from model to model. On a Linksys WRT54GX4, log into the administrator screen, and click the Wireless link, and then Wireless Network Access. The Wireless Network Access screen appears, with boxes labeled MAC 1, MAC 2, and so on, up to MAC 50. Select "Permit only PCs listed to access the wireless network. Scroll to the bottom of the screen and click "Select MAC Address from Networked Computers." From the screen that appears, make sure all the boxes are checked, and click Select. You'll be sent back to the Wireless Network Access screen. All the MAC addresses that you check will be automatically filled into the boxes next to MAC 1 and so on. Click Save Settings. Now only PCs on your network can connect to it; all others will be blocked.

What happens if you buy a new computer, and want it to get onto your network, or you have a friend over who wants to use your network? You just need to find their wireless adapter's MAC address and pop it into a MAC box on the Wireless Network Access screen. To find out the network adapter's MAC address, choose Start-->Run, type command, and press Enter. A command line box will open. Type ipconfig /all and press Enter. Look for the numbers next to "Physical Address," such as 00-08-A1-00-9F-32. That's the MAC address. Copy that number into a MAC box on the Wireless Network Access screen, and that computer will be allowed to connect to your network. When you copy the number, don't include the hyphens.

This is part three of a six part series about securing your wireless network.

See part one here.

See part two here.

Use Your Wireless Router's Built-in Encryption

blog@kadatagroup.com (admin) — Thu, 15 Nov 2007 20:17:00 -0500

It's simple: You need to use encryption. Encryption keeps you safe in two ways. First, it won't allow anyone onto your network who doesn't have the special pass key, so it's a way to make sure that intruders can't get it. It also stops snoopers as well, because anyone who tries to sniff out network activity will only see garbled, meaningless characters, rather than your email, for example.

There are two encryption standards you can use to protect your network: Wireless Equivalent Protocol (WEP) and Wi-Fi Protected Access (WPA).

The WEP protocol is older and less secure than WPA, so your best bet is to use WPA. But the truth is, even WEP is most likely good enough for you. It's not as if your home network has CIA-level classified secrets. So it's not likely that intruders or snoopers will want to spend large amounts of time and energy trying to break your encryption, even if it's as weak as WEP. You mainly want to use encryption to protect your network against passers-by and war drivers looking to make a little mischief.

How you set up WPA differs according to your router. In a Linksys WRT54GX4, log into your router administrator screen, click the Wireless link, then click Wireless Security. Choose your encryption method from the drop-down list, type in an encryption key, and write it down on a slip of paper, because you'll need to use it at each PC. Click Save Settings.

After this, you'll have to set up encryption on each of your PCs, using the same key as you used in the router. In XP, on each PC, click the wireless connection icon in the System Tray and click the Properties button. Click the Wireless Networks tab, highlight your network, click the Properties button, and then click the Association tab. In the "Network Authentication" drop-down box, select your encryption method. In the "Data encryption" dialog box, choose TKIP. Next, uncheck the "The key is provided for me automatically" box. Enter your WPA key in the "Network key" box, and type it again in the "Confirm network key" box. Click OK and then OK again. The PC can now connect to your network using WPA encryption.

This is part two of six steps to securing your wireless network. See step one here.