Slashdot Mirror

← Back to Stories (view on slashdot.org)

Exploiting and Protecting 802.11b Networks

Posted by michael on from the who-needs-echelon dept.

iforgotmyfirstlogon writes: "A couple of guys from Extreme Tech drove around New York, New Jersey, Boston, and Silicon Valley with a high gain antenna to see how many (secure and) unsecure wireless networks they could tap into. They used NetStumbler and Linux AirSnort to help them search. Results? They came across over 800 networks and less than 40% had any sort of security."

3 of 168 comments (clear)

  1. Any How-to Doc on how to secure your wireless LANS by mgpeter · · Score: 5, Insightful

    Does anyone know of any good Documentation on how to secure wireless communications ?? I know we have 2 wireless connections between 3 building using SMC's Wireless routers, and the only security that was built in other than the 64 and 128 bit encryption (which is apparently crackable), and only allowing certain MAC addresses to communicate (which is also easy to crack).

    So instead of writing articles on how bad wireless tech is to crack, (4th article I've read in a week) why not write a how-to on how to implement security on your wireless LANs.

  2. Thoughts on 802.11b 'privacy' by jwkane · · Score: 5, Insightful

    It comes down to speed vs. privacy. You can ignore WEP and use IPsec or a VPN. You'll take a speed hit, but you'll have reasonable privacy.

    If you don't mind exchanging some privacy for additional speed, 128 bit WEP isn't a bad choice. It hasn't lived up to it's "Wired Equivalent" name but sniffing and decrypting is a non-trivial operation.

    For more speed with minimal privacy, 80 bit WEP doesn't cost much bandwidth (2%) and you're still only going to be sniffed and decrypted by folks with a clue.

    In some situations, speed is most important and privacy is meaningless. Suppose you're downloading Debian ISO's over a wireless link. There are times (one might argue the majority of internet traffic) when privacy just doesn't matter. If you can use reliable encrypted protocols for the exceptions then open mode 802.11b is fine. What are you trying to hide?

    As long as we're able to encrypt those transactions that require privacy none of the WEP "stuff" matters. How secure is your wired network internet traffic after it gets to your ISP?

  3. New Zealand by Anonymous Coward · · Score: 5, Interesting

    We tried this stunt from an office window in the centre of New Zealand's largest city, Auckland. Even with only the laptop's wireless card, we were able to tap into 13 networks, and gain external internet access through 10 of these. The main security risk this poses, is that most highspeed business connections here are MB capped, and therefore, any kid with a laptop and wireless LAN card can use any local retailer's high-speed connection to download his warez, or even worse, to carry out even more highly illegal activity and it is traced back to.. the kid? No. The retailer. And this was only with a 5 inch steel aerial! Imagine what we could tap into with the kind of reciever power used in that article. Ironically, one of the internal networks we were able to enter completely anonymously, was that of a major NZ bank. Cash anyone?