Issue 44 Helping Small & Home Businesses Succeed!      
Home  Call Center Hub  Business-Webmaster Links  Answering Service Options  How Call Center Works

 

Airport Menace: The Wireless Peeping Tom
By Darren Miller - Published May 5, 2005


As a network security consultant, I travel quite frequently. 
At times, it seems like the airport is my second home. I 
actually like to fly, it's a moment in time where no one can 
reach me by e-mail, or mobile phone.

It never fails that something interesting happens to me at 
the airport. I've even met some famous people during my 
travels. A few months ago, I ran into Frank Bielec, from the 
TLC show, Trading Spaces. But one of my favorite things to 
do at the airport is browse the wireless Ethernet waves. I'm 
never really surprised at what I find. I'm just glad I know 
more about wireless Ethernet than the average road warrior.

The Dangers Of Ad-Hoc Wireless Networking

Most people who have wireless Ethernet at home, or the 
office, connect to the wireless network by attaching to a 
wireless Access Point, or AP. This method of wireless 
networking is called "Infrastructure Mode". If you have a 
secure wireless network configured in "Infrastructure Mode" 
you are using MAC address filtering, some level of 
encryption, and have made some additional changes to your AP 
in order to prevent just anyone from using it or capturing 
data. For more information on configuring your 
"Infrastructure Mode" wireless network take a look at the 
"Wireless Network Security" page at Defending The Net.

Links
http://www.defendingthenet.com/WirelessNetworkSecurity.htm

However, for those who are not using "Infrastructure Mode", 
and are configured to communicate from machine to machine, 
or "Ad-Hoc", there are a few things you should be aware of.

A wireless Ad-Hoc network allows you to communicate with 
other wireless Ethernet systems without using a wireless 
access point. It's kind of a peer to peer configuration and 
it works rather well. The problem is, most people just set 
it up, and forget about it. At home, it's not a huge 
problem, but when your on the road, it could cause you a 
great deal of grief. The airport is probably the best place 
to find Ad-Hoc networks. Business men and women, delayed 
once again, power up their laptops and get to work 
completing the days tasks, or planning tomorrows agendas.

I can't tell you how many systems I find in the airport 
configured this way. Not just in the terminal, but on the 
plane. About three months ago, just after we reached 
cruising altitude and were allowed to use our "approved 
electronic devices", I found that the gentleman two seats up 
from me had a laptop configured as Ad-Hoc. He walked by me 
about ten minutes later and commented on how much he liked 
my laptop. I thanked him, and asked if his laptop was on, 
and configured to use wireless Ethernet, he said yes.

To make a long story short, I showed him that I could see 
his laptops wireless Ethernet and informed him of the 
danger. He asked me if I could access his hard drive, and I 
told him that it might be possible. He asked me to see if I 
could, so I obliged. After configuring my laptop to use the 
same IP address class as his, and typing "net use * 
hiscomputersIPAddressc$ "" /USER:administrator", I 
received a notice that the connection was successful and 
drive Z: was now mapped to his computer. I performed a 
directory listing of his hard drive and the guy almost had a 
heart attack!

After this, he moved up to the seat next to mine and we 
spent the next hour or so configuring his laptop securely, 
starting with securing his computers local administrator 
account. At one point during the configuration, he made the 
statement that I got real lucky because his local admin 
account did not have a password. My response to him was, I 
get lucky quite often.

Who Else Has Your Client List

Just think of the possibilities. What do you have to lose if 
someone is able to just peruse the files and data on your 
laptop? Do you maintain your customer list on your laptop 
(Do you want this in the hands of a competitor)? How about 
your personal finances (Identity theft ring a bell)? So many 
people I talk to initially say, "I really don't have 
anything of great importance on this system". Then they 
think a little bit and start rattling of things they never 
really thought about before. All of a sudden, they get 
concerned.

The fact is, whether it be "Infrastructure Mode", or 
"Ad-Hoc" wireless Ethernet communications, if not properly 
configured and secured, can pose a significant risk. There 
are thousands of articles on the Internet about the dangers 
of improperly configured wireless networks, yet the number 
of unsecured networks seems to be getting greater, not less.

Strength And Posture Does Reduce Your Risks

Keep in mind that your objective should be to reduce the 
chances that you will become a target for computer 
compromise. When I was growing up in South Philadelphia, I 
remember my father telling me that when you walk down the 
street, especially in the evening, to walk tall, and project 
a position of strength and authority. Why, because thugs 
typically pick out those who look like an easy target. The 
same thing goes for computer security. Reduce the risks of 
becoming a target buy configuring your system with a strong 
security policy.

When I perform security assessments, I create a list of 
potential targets, and potential methods of compromise. I 
then prioritize that list by which system, with a particular 
vulnerability, may be easiest to compromise. Those at the 
bottom of the list typically never come on my radar screen; 
the best scenario it to keep of the radar altogether. 

Conclusion

If your are using wireless Ethernet, no matter what 
configuration, follow a few rules and keep yourself secure 
against most common types of compromise.

1. Above all, make sure all your user accounts have strong 
passwords, especially those that have administrative control 
over your system; 

2. Configure your wireless network to use some sort of 
encryption. I know there is a lot of concern about the 
"crackability" of WEP, but if this is all you have to work 
with, and then use it. It is still helpful; 

3. If possible, use MAC addresses filtering to restrict 
unwanted systems from attaching to your wireless network; 

4. Make sure the firmware for your AP's and wireless 
Ethernet cards are up to date. These updates can be found on 
your card or AP's support site. 

Remember, if you are compromised over your wireless network 
it can be near impossible to track down where the attack 
came from. Worse yet, think about how many systems become 
compromised, and no one ever knows it?  
About The Author

Darren Miller is an Information Security Consultant with 
over sixteen years experience. He has written many technology
& security articles, some of which have been published in
nationally circulated magazines & periodicals. Darren is a
staff writer for www.defendingthenet.com  and several other
e-zines. If you would like to contact Darren you can e-mail
him at Darren.Miller@ParaLogic.Net  or
DefendTheNet@ParaLogic.Net If you would like to know
more about computer security please visit us at
http://www.defendingthenet.com. If someone you know has sent you
this article, please take a moment to visit our site and
register for the free newsletter at 
http://www.defendingthenet.com/subscribe.htm.
 
 

click for top   back to Business Newsletter Home
 

Submit an article to our site                                                                          



 

This Issue:

1 2 3 4 5 6 7 8
9 10 11 12 13 14
15 16 17 18 19 20
21 22


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 
 

Answering Service and Call Center Business Hub
 SuccessfulOffice.Org
 Small & Home Business Resources
 Marketing Ideas & Tips