The risks of using an unsecured wireless network and how to protect yourself?

[Evander]

I know how to set up my own secured wireless network (should be one of the first things in a router's manual, though in my Belkin's case it's well buried among a lot of junk). But I don't know much about what can happen if I use someone's open network.

Passwords and credit card numbers stealable? Malware vulnerable? Files accessible? Web sites visited detectable? Emails interceptable? Something else?

What can one to do protect themselves when using an unsecured network? Software firewall I assume is the most important step (does it need any specific configuration?), but is it also necessary (in the context of open networks) to use antivirus/anitspyware and/or some sort of encryption software?

What are the legalities of using an an unsecured network?

I feel this topic should be stickied (if we get a nice write up of the topics of course). Wireless networking is still a fairly new thing to most people, and more and more people are buying laptops than ever before. By default your new laptop will most likely auto connect to the first open network it sees when you turn it on, even if the user doesn't has know idea what a wireless network is. I wonder if Geek Squad or Circuit City even enables encryption of home networks for people who have them set it up.

So I'm calling on the Anandtech community to cut through the BS and rumors and give us the straight scoop. Already there is a fine security thread here, but I didn't really notice the topic of wireless networking being addressed so much (correct me if I missed it).

 

[papaschtroumpf]

The easiest way to think of it is that someone on the unsecured wireless network can do everything they could if plugged in your wired network.

The number 1 things people will do is use your internet connection. Everything they do will appear with your IP address. they can browse the web, look for "how to make a bomb", send threatening letters to the president of the US, or share illegal files over P2P network.
That should be scary enough...

If you're still not scared, what other things can someone do when plugged in your network? most computers will automatically share some files to any other computer on the network, this is especially true if you are already using multiple computers on your network, because you told your firewall that it's OK to share information on your LAN. This means that there is a good chance that nothing on your harddrive is really safe.
scared yet?

The thing about software firewalls is that they are generally designed to protect you agaisnt threats from the Internet. Usually everything on your local home network defaults to being considered safe. As I said, it's even more true if you have multiple devices on your network, because you probably had to tell your firewall it was OK for them to talk to other devices in the house. For example use a WiFi base media player to stream music from my computer to my TV (movies too), so anyone connecting to my network can get access to those movies, because I told the server computer it was OK lto let other devices in the house play those movies/music.


The bottom line is that you must protect your network at the wifi level. there is a lot of bad information on the internet about his by the way. Here are a few myths:

- encryption will slow down your network: well it's somewhat true, encryption required more computations, but so does running a firewall, an antivirus, etc... Security has a cost. On the other hand I challenge anyone to be ablet o tell the difference with modern access points and wireless cards. In fact a lot of them do it in hardware not software.

- set your AP not to broadcast its SSID: This does make you slightly stealthier, in that devices listening to access points may miss that it's threre. It's not hard for anyone with a bit of wireless knowledge to figure out your AP is thre and to connect to it. Think of it like this: instead of leaving your car with your wallet on the front seat in plain view, it's the equivalent of throwing a sweatshirt over it before leacing the car.

- set your AP for MAC address filtering, so only authorize devices (uniquely identified by their MAC address) will be allowed: the bad news is that it's very easy to have arogue computer use any MAC address it wants. It's like having an ID made of printed plain paper and without a picture: anyone can photocopy it and pass for you.


So what about enabling security? There are several security standards, wich Wifi calls WEP, WPA WPA2, and both WPA and WPA2 come in flavors called PKS (for pre-shared Key) and "Enterprise"

WEP: It doesn't matter if it's 64 or 128 bit WEP, it's somewhat strong against brute force approach, but some smart people have long fiured out non-brute force approaches to crack your WEP key, sometimes in minutes. It's ancirent security technology, it's broken, and will only lull you into a false sense of security. One intersting property of WEP is that the same key is used all the time, and the all devices use the same key: this means once you figured it out, you can spy on any other device on that network.

WPA/WPA2: WPA is older technology and was desgined to be compatible with hardware that was WEP capable, while fixing most of the problems of WEP. WPA2 sues stronger algorithms, that ofetn requried vendors to devices with more processing power (in the AP or your wireless card). the simplest flavor of both is the "preshared key". Bascially you enter a passphrase, which both devices need to know, but use complicated crytographic mechanisms to assure each other they are sharing the same passphrase without ever sending the passphrase to each other. Contrarily to WEP, each communication link between an AP and a another device has its own key: even if you knew the presahred key, you wouldn't be able to spy on the communication between the Access Point and another device. Another property of WPA/WPA2 is that the key constantly changes, so it is much much harder to crack.
The "Enterprise" level WPA/WPA2 doesn't even use a preshared key, it uses a 3rd party authentication mechanism (often a radius server, whih may be built into one of the Access Points/Router). Ther eare several advantages to this from a security point of view, one of them is that it ensures to the device that the access ponit/router itself is an aauthorized access point rather than a rogue device.
Support for "enterprise" level security in consumer products is still hit and miss, can be hard to set up, and frankly is mostly overkill for the home user.

Bottom line: use WPA-PSK or better, use a difficult to guess pasphrase (fhefy$%658efewfe43t!@!5tgrrsd8fg qualifies), and you should be OK.

you should still run an antivirus and a softwar firewall on your machine, but the softwar firewall is more to know what is getting out than what is trying to get in.

hope it helps a bit.

 

[Evander]

I appreciate the long response. Actually I already know that I should protect my own wireless network, I was wondering more along the lines of what could happen to to ME when using someone else's unsecured network.

You mentioned if files were automatically set up to share then another party could access my files. Vista by default has the hard drive as "not shared" so I assume my files are safe (bad assumption?). So let's say I connect to someone's unsecured network and their files are shared- how could I access them? I ask not b/c I want to access them (I'm actually a huge proponent of individual privacy), but just to see that if I could do it, then I KNOW someone could do it me. And actually I'm not all that familiar of what can be done on a wired network, I never set up my own home network until less than 2 years ago. What prompted this question is that I'm temporarily staying with my family and they have no wireless network, but I can access wireless internet anyway since this is an apartment complex and there are several unsecured networks flying around (which most people's laptops including mine automatically connect to when booting into windows).

 

[lxskllr]

Since no one smarter has answered Ill put in my noobish $.02. If somebody wanted to they could use a packet sniffer to see what you're transmitting over the network. I honestly think the odds of that are pretty low though. I use unsecured networks all the time when I'm traveling, and haven't had any issues yet. As long as your folders aren't shared you should be ok.

The biggest threat would be in transmitting sensitive data over the network. Since you're in a apartment complex the odds are higher of having somebody setup a hostile connection for the purpose of stealing information, but I would guess that it's pretty rare. The safest way to use an unsecured connection would be from a individual house that doesn't have many residences around it, preferably owned by a 70 year old woman

 

[Oakenfold]

I don't have the technical know how but using a network that you can't trust is not necessarily a good idea depending on the value of keeping the data that you have available on the client computer confidential or maintaining the integrity.

By connecting to an untrusted network it may provide people with additional ways to compromise the client computer and the contents of the disk connected to the network.

I don't know the specifics regarding what can and can't you see within windows and how to compromise something within windows, I just know it's possible to find vulnerabilities to gain access to the drive itself.

Or at least that's my noobish understanding. Bottom line is if you connect the client with un-encrypted data to an untrusted network you are making a gamble.

Regarding transmitting data, if it's someone's network the bottom line is they can capture whatever you send over it. It's just up to someone wanting to get the data bad enough with the right know how, to know how to analyze it and know what to do with it.

Someone chime in if I'm speaking incorrectly here, I only know what I do from reading. I have no hands on experience with this, well not much anyhow.

This might be a good discussion for the networking forum. Does this help?

 

[bsobel]

Originally posted by: Evander
I appreciate the long response. Actually I already know that I should protect my own wireless network, I was wondering more along the lines of what could happen to to ME when using someone else's unsecured network.

You have to assume the unknown network is hostile and will have access (to a minimum) all traffic you send non-encrypted.

 

[nodeleza]

please can anyone here help me ?
i am so scary ,
last week my internet connection got down , the i got connected for 1 week to unsecured internet connection , i signed in to hotmail messenger alot and talked to my friends , and started a video calls with them ,
my question is ,
is anyone on this unsecured network could viewed my video calls ? did they saw my video ? please try to reply me ASAP please =((

 

[lord_emperor]

please can anyone here help me ?
i am so scary ,
last week my internet connection got down , the i got connected for 1 week to unsecured internet connection , i signed in to hotmail messenger alot and talked to my friends , and started a video calls with them ,
my question is ,
is anyone on this unsecured network could viewed my video calls ? did they saw my video ? please try to reply me ASAP please =((

Only if they specifically arranged to capture your packets and chose to do so while you were connected.

 

[nodeleza]

Dear lord_emperor
I Already Connected To This Unsecured Network For Just About 15 Minutes ...
I've Made One Video Call , Then After That I Disconnected From This Network ,
Would Anyone Could See My Video Call And Save It During This Time (( Just 15 Minute )) ??
Is That Possible ?
I Heared That If Anyone Would Hack A Conversation & Take Anything It Must Take A Time (( From 1 To 3 Or 4 Hours )) ...

I'm Sorry For The Long Messages , & The Too Much Questions ,
I'm Waiting Your Reply ASAP
Thanks.

 

[nodeleza]

Also Can They Save This Video Call ?
Or Just Can See IT ?