Surfing the net on a neighbors wireless connection

[TechnoPro]

My Dell Axim X3i came in today. I was fooling around with it, powered on the WLAN feature and it picked up my neighbors signal. Free high-speed, not bad!

Do a lot of unsuspecting people leave their connections open like this?

On a more practical note, what else in addition to the following could prevent casual intrusion into a wireless network:

* Turn off SSID broadcast
* MAC Address filtering
* Encryption - whatever the most current standard is.

Thanks.

 

[onelin]

Yes, a lot of people do. I got my wifi stuff today and drove down the street and the laptop picked up 6 or so signals (It's a small neighborhood in a rural area) ...half of which had no security. Some had WEP, but even that isn't much if you're still broadcasting your SSID.

I setup WPA, and from what I've seen, that's the thing to do.

 

[gunrunnerjohn]

I have a friend that does network security for a major local drug firm. He has a iPaq with a wireless card that he walks around the company's locations looking for illegal wireless networks. When he drives from his place to mine, about 8 miles, he tells me he finds from 18 to 20 wireless networks, and mine and one other were the only ones that were using encryption. :Q Most people plug it in and don't have a clue that they're exposed! Why do you think Internet fraud is so popular.

 

[ktwebb]

"but even that isn't much if you're still broadcasting your SSID."

For the guys that running the advanced tools that really want in, disabling SSID broadcasts isn't much of a deterrent. WEP on the other hand, while still broken, will generally give them the "not worth it" blues. Layers. Both measures should be enabled, along with MAC filtering, disabling DHCP, changing the default network ID, changing the default SSID, admin console password, and on and on. Makes sense to take advantage of any security measure at your disposal. But I think most people should know that. It's a wonder some don't seem to with all the information available these days.

 

[TechnoPro]

Originally posted by: ktwebb
"but even that isn't much if you're still broadcasting your SSID."

For the guys that running the advanced tools that really want in, disabling SSID broadcasts isn't much of a deterrent. WEP on the other hand, while still broken, will generally give them the "not worth it" blues. Layers. Both measures should be enabled, along with MAC filtering, disabling DHCP, changing the default network ID, changing the default SSID, admin console password, and on and on. Makes sense to take advantage of any security measure at your disposal. But I think most people should know that. It's a wonder some don't seem to with all the information available these days.

By disabling DHCP, then by definition, each of my devices must be assigned a static IP address, correct?

 

[n0cmonkey]

Originally posted by: TechnoPro

Originally posted by: ktwebb
"but even that isn't much if you're still broadcasting your SSID."

For the guys that running the advanced tools that really want in, disabling SSID broadcasts isn't much of a deterrent. WEP on the other hand, while still broken, will generally give them the "not worth it" blues. Layers. Both measures should be enabled, along with MAC filtering, disabling DHCP, changing the default network ID, changing the default SSID, admin console password, and on and on. Makes sense to take advantage of any security measure at your disposal. But I think most people should know that. It's a wonder some don't seem to with all the information available these days.

By disabling DHCP, then by definition, each of my devices must be assigned a static IP address, correct?

Yes.

I also recommend IPSEC and authpf.

 

[gunrunnerjohn]

Originally posted by: n0cmonkey
Q] Yes. I also recommend IPSEC and authpf.

Well, now you're getting carried away! How many home users even know what this is, never mind actually configuring and using it.

You have to measure the effort to get connected at all to what's at risk. Most home users won't go to that kind of effort to protect their network...

 

[cmetz]

gunrunnerjohn, most home wireless users might as well get a bucket of paint and a ladder and start drawing the target symbol on the side of their house, because that's what they are. Both IPsec and strong firewalling are completely reasonable things to do over a wireless link, and it's a shame that the UI and market positioning means that it's beyond the average user - but for the above-average user, it's the right thing to do, and you shouldn't mock it.

For the average clueless user, WPA TKIP PSK and MAC address filtering are a good one-two punch. I hope that equipment support will improve and the UI for both will improve, that would go a long way towards improving SOHO wireless security.

 

[TiziteLayinLow]

I don't have WiFi in my house, but i would like to learn more about these settings and procedures before i switch over, which will be soon with all the new toys linksys and others are producing.. including wifi tvs... are all the settings you guys are talking about in the router program? and with static ip.. couldnt the intruder simply set a static IP with the standards.. linksys 192.168.1.* (up to 99).. and the same with dlink? i dont see how that would prevent anything if they are serious computer people... does anyone know a good tutorial in laymans terms for this? i have been told to go with the new layered encryption.. which i was told was like 4-5 layers of 128bit.. and change admin pw on router.. maybe set the DHCP server off and set it to pick up anything above like 192.168.1.7 being if you have 6 wifi devices? that way no extra IPs are availible? someone help me out here..lol

thanks in advance,
matt enderle

 

[onelin]

Originally posted by: ktwebb
"but even that isn't much if you're still broadcasting your SSID."

For the guys that running the advanced tools that really want in, disabling SSID broadcasts isn't much of a deterrent. WEP on the other hand, while still broken, will generally give them the "not worth it" blues. Layers. Both measures should be enabled, along with MAC filtering, disabling DHCP, changing the default network ID, changing the default SSID, admin console password, and on and on. Makes sense to take advantage of any security measure at your disposal. But I think most people should know that. It's a wonder some don't seem to with all the information available these days.

That's true. I read up the other day on how, for saving yourself the hassle, leaving SSID on isn't that bad since anyone who wants to can still see it anyway.

Still investigating more ways to lock things down.

 

[n0cmonkey]

Originally posted by: gunrunnerjohn

Originally posted by: n0cmonkey
Q] Yes. I also recommend IPSEC and authpf.

Well, now you're getting carried away! How many home users even know what this is, never mind actually configuring and using it.

You have to measure the effort to get connected at all to what's at risk. Most home users won't go to that kind of effort to protect their network...

First google response.

That solves what it is. As far as how much work it takes to set it up, 15 minutes. 2 hours if you don't know what you're doing. And just because the average home user doesn't care, doesn't mean I shouldn't post some information about it. You read it, maybe you'd be interested in setting it up. Now you know it's there. If not, you wasted more time posting about how stupid and lazy home users are than you did reading my post (which answered a question, not just plugged great technologies).

 

[TechnoPro]

This site makes the following recomendation:

6. Set the DHCP to the same number of computers that you have on your Network. (Example, you have 4 computers set it to 101-104).

Given that ones wireless devices may not be on at all times, this would mean that the DHCP scope would not be fully utilized, leaving IP addresses free to be assigned. How would this enhance wireless security?

On a related note, assuming that DHCP is turned off and that static IPs are used, what would prevent an intruder from gaining access to my wireless netowrk after having assigned themself a static IP from the same class?

 

[n0cmonkey]

Originally posted by: TechnoPro
This site makes the following recomendation:

6. Set the DHCP to the same number of computers that you have on your Network. (Example, you have 4 computers set it to 101-104).

Given that ones wireless devices may not be on at all times, this would mean that the DHCP scope would not be fully utilized, leaving IP addresses free to be assigned. How would this enhance wireless security?

On a related note, assuming that DHCP is turned off and that static IPs are used, what would prevent an intruder from gaining access to my wireless netowrk after having assigned themself a static IP from the same class?

A big part of security is layers. Turn off SSID broadcasting, and most people won't know it's there (unless they are looking). Filter MAC addresses to keep people that don't know how to change their MAC addresses off your network. Use static IP addresses, and preferably ones that aren't "normal" (192.168.0/1.x). Make sure the admin password on your WAP is a good one. Use WEP, or whatever encryption technology you have access to. None of these things will stop someone that is determined, but together they may make it annoying enough to anyone that they lose interest and move onto easier prey.

 

[Agamar]

How do these guys pick up these wireless networks? Mine can barely make it to the other end of my house!!

 

[ktwebb]

Picking up beacons isn't like actually associating to the AP. Plus, wardrivers, chalkers etc... are usually using high gain directional antennas. Your AP probably covers more area than your able to pick up with a weak client device. I could be wrong of course. Speaking in generalities, but most SOHO client cards, Linksys Dlink and so on are pretty lame when it comes to their radios, power output, receive sensitivity and the like. Take a good card like a proxim or cisco card, with excellent receive sensitivity, and put a 15 dB yagi on the other end, and your reception picks up considerably.

 

[Dogma420]

run a virtual network just for wireless/remote access....an extra login, but necessary. WEP, Mac address, blah blah nothing is really secure.

 

[TechnoPro]

I hate to beat a dead horse here, but I have been taking the Axim X3i everywhere I go and periodically surveying the areas I'm in to see if I pick up a wireless signal. Well, the verdict is that I have "free" internet pretty much everywhere I go. I went on my first WAR drive with a PDA - actually my first WAR drive ever. Really opened my eyes.

Thanks to all the replies about wireless security. Some real gems I hope to apply!

 

[lucky9]

Use a wired system. This stuff isn't ready for prime time ie: the ordinary consumer. 'Course neither is Windows.

 

[ktwebb]

The network forum at Anandtech, or any of the bigger tech sites, don't cater to the average computer user. Dismissing wireless here, advising to use a wired only system to these folks, is naive. Perhaps it would have some weight at the forums at Amazon or something like that but not here. Securing your WLAN isn't that difficult for anyone, and for the stereotype that comes here, it's basic. Windows is for another post/forum but that comment is pretty telling as well.

 

[olds]

I can speak as one of the uneducated masses.
I have a wireless router. I got it so I can use my laptop in other rooms. I really know nothing about networking and security. I left all security features turned off so that it would be easier for me to set up. I imagine most neophytes do the same. I have 2 desktops and my wife's laptop connected to the router via cat 5.
I know I need to do more and eventually, I will. I believe there is only one neighbor who could access my signal. The others are too far away.

 

[isofilez]

Originally posted by: TechnoPro
This site makes the following recomendation:

6. Set the DHCP to the same number of computers that you have on your Network. (Example, you have 4 computers set it to 101-104).

Given that ones wireless devices may not be on at all times, this would mean that the DHCP scope would not be fully utilized, leaving IP addresses free to be assigned. How would this enhance wireless security?

On a related note, assuming that DHCP is turned off and that static IPs are used, what would prevent an intruder from gaining access to my wireless netowrk after having assigned themself a static IP from the same class?

after applying all the standard ways of protecting a wireless connection. i too would disable dhcp and go w/ static ips w/ a non stardard ip scope. e.g. my private ip sure wouldn't start w/ 192.168.1.x...if someone tries hopping on your network by supplying themselves an ip..how would they know what ip range your network requires? just a thought...

 

[kt]

I can solve the WAR drives problem pretty quick. Once in a while I would look outside my window and survey the area around my house. If I see any geeks with a laptop, I will run after him with my baseball bat and smash his laptop to pieces.

 

[eLinux]

Well, there are a lot of houses around my area that have completely open wireless networks. That's *so* incredibly scary, especially since some of them have Windows Network Sharing ,and stuff like that turned on. I'm a major stickler for security and I can't even imagine doing something like that. For a while I thought that some of these peopel just left it open on purpose, but it's far too common...people are just uneducated!

WEP, which is by far the most common "encryption" standard available for wireless, is ridiculously weak. WPA, everybody! WPA! All new routers, WiFi cards, APs, etc. should be set up to support WPA... I've been using WiFi for quite some time and it was a pain in the butt to use WPA; I had to update a bunch of drivers on my thinkpad, and eventually I got it to work... Nevertheless, it's worth it. Consider it WEP on steriods. If has a changing key, so things are a bit more secure.

WPA coupled with MAC address filterint, and SSID broadcast turned off can probably thwart most theives... Those dedicated enough can probably get in...

I'd definately say that WPA keeps me a bit more calm at night, considering my network is technically open to the world if you stop and think about it. WiFi...anybody who really wants to can just sit outside my house and eventually have an open door to my LAN. Scary thought.

Secure your network! At the absolute *very* least, use WEP and change your key often.

 

[eLinux]

btw...

I'm no lawyer, so I'm wondering: is it "illegal" to use your neighbors WiFi connection if they leave it open for the world?

I mean, technically it's "wrong" if you stop and think about it (at least it borders wrong), but ...is it illegal? Technically you're no doing anything to break in, so I figure there's nothing illegal about it. Maybe I'm wrong.

 

[kt]

Originally posted by: eLinux
btw...

I'm no lawyer, so I'm wondering: is it "illegal" to use your neighbors WiFi connection if they leave it open for the world?

I mean, technically it's "wrong" if you stop and think about it (at least it borders wrong), but ...is it illegal? Technically you're no doing anything to break in, so I figure there's nothing illegal about it. Maybe I'm wrong.

I don't know.. would you say tapping into your neighbor's phone line be illegal?