WiFi Security Pitfalls

Wireless Internet access has flooded the world. It can be found in hotels, airports, ordinary cafeterias, not to mention specialized Interne cafes, where you can now use your laptop or smart phone to access global web.

That is without mentioning indefinite number of house, where Internet connection is shared amongst computers or WiFi enabled devices. It is often too late, when owner begins to realize that something is wrong with his Internet connection.

Speed is falling, connection drops, bloodsucking ADSL company claims they provide you full service, and in worst cases – you’ve been visited by law enforcement, for spamming somebody and hacking somebody’s site. You know that you are innocent, but your Internet Service Provider (ISP) brings up the logs, where illegal activity was actually performed from your IP address.

Not to get deeply into this, not to create a headache for our readers, we’ll try to review typical wireless router configuration settings, understanding of which should give you a clear image on how to avoid such event.

It really happens because of negligence of a person who installs WiFi router. WiFi security itself is far from ideal, but leaving default settings unchanged, makes your WLAN (Wireless Local Area Network) bare naked in front of potential intruder.

Configuration

In order to configure setting, we’ve described below, you need to access your router administration page. Normally, it is found at http://192.168.0.1 , but depending on how it was configured, address might vary.

To find out the correct address, please open command line prompt (Windows key + R –or– Start Menu > Run… –or– Start Menu > cmd). In newly opened window, type in:

Ipconfig

This utility will list all of your network interfaces. Most likely, there is just one that has “Default gateway” item filled. This is the right address.

Now please, open your browser at http:// address-you’ve-just-saw .

Enter your (login and) password and proceed with configuration. By default, most routers have their user names set to ‘root’ and passwords set to ‘admin’. It might vary, so please consult your router documentation or check “default router passwords” link on the internet.

It might also have been changed by person who performed router installation. He should have left you router login details. Otherwise, you may need to contact that person to know how these details.

In case you have difficulties accessing your router configuration page, please comment below or access very thorough resource – PortForward.com – on subject of router configuration, containing step by step pictures on accessing various router models.

Let’s take a closer look at WiFi settings, which, unless properly configured, severely facilitate penetration and hijacking of your WLAN:

Administration password

A must do for every device you connect to Internet. Make sure that you’ve changed default password.

Most routers come with default passwords set, such as “cisco, router, admin”, it is not a secret, therefore, it first thing to change.

Security mode

(WEP/WPA/WPA2/RADIUS/OFF)

Security or protection mode is a property that defines the way your wireless connections are being authenticated and encrypted.

If you turn this setting off, your router becomes accessible by anyone with-in it’s transmitting range.

WEP mode is very basic mode of encryption and authentication. Depending on your router, it may support 64-bit encryption – which is four keys, 10 hexadecimal characters each (read: 5 symbols length) – and 128-bit encryption – which is one, 26 hexadecimal characters length (read: 13 symbols length).

64 bit WEP encryption is incredibly weak and can be cracked with-in a matter of few minutes to few hours, depending on how much wireless traffic is passed thru your router, while attacker is monitor and capturing it.

128 bit WEP encryption is actually stronger, but due to weaknesses of WEP algorithm in general, it is also decipherable in reasonable amount of time.

Both keys are formed using identification phrase, which you define. Needless to say, that regardless of its length, it is transformed to 5 or 13 symbols length keys, and hence maximum variations in such password are 2555 and 25513 respectively. It might seem strong, but it’s not. The more data you transfer (or is transferred to you), the more packets attacker will capture, and hence the more chance he has to break your password.

WPA mode is comparatively stronger. It uses TKIP algorithm, which although is also breakable via applicable cryptographic techniques, might require considerably more, or considerable less time to break.

You, as far as we aware, can use up to 64 characters, but they all should be printable (to ensure easy typing and 100% compatibility with other wireless devices), which leaves you with about 94 characters – and this means English only.

WPA2 mode is closest you can come to WiFi security. It can work in WPA-TKIP cipher mode, or WPA2-AES. AES stands for American Encryption Standard – currently considered to be strongest synchronous encryption algorithm, also known as Rijndael (from names of two brilliant Belgian cryptographers – Vincent Rijmen and Joan Daem).

It encrypts your data with combination of 256 bit AES key, 128 bit Initialization vector and 128 incrementing counters – result is 512 bit of secured data. It is practically unbreakable, especially if your pass phrase is long enough (over 10 characters), contains alpha-numeric and punctuation characters (like !, -, @, etc) and your attacker is typical wardriver – wireless penetrator – as opposed to might NSA, for example.

There are also WPA-Enterprise, WPA2-Enterprise and RADIUS(-only) security modes. Those modes provided for user authentication against RADIUS server, as additional level of security (which is actually access control method). It is rarely found in home networks, therefore we will abstain from describe those modes thoroughly.

Password

Length and consistency of your password are actually depended on the algorithm of your choice. With WEP, there is no sense in making lengthy password, since it is breakable anyway.

But with WPA, especially WPA2, it makes a pretty good sense to set your password for some lengthy number of random characters; including those characters most people don’t use for passwords (punctuation marks, for example).

SSID Broadcast

SSID or Service Set Identifier is your wireless network name, by which it can be found by other computers. Now some people claim that turning off SSID broadcast will increase your WLAN security.

That is not exactly truth. Even though your SSID is not broadcasted, and other computer with casual network connectivity tools cannot find your router, unless they know your WLAN’s SSID, typical attacker will discover it quite quickly. It can later be used to spoof attacker’s identity, in relation to your router, and provide him with additional legitimacy.

In addition, turning off SSID broadcast, will enforce you to type in network name manually, on each device, and, perhaps, define other settings for that network.

It is therefore recommended to leave this setting on.

Wireless mode

That has actually very little to do with security, but still worth mentioning. Suppose your router is high-end and supports Wireless-N standard. But your devices are low-end or, by any reason, of older generation. That means you don’t need to have your wireless network to work in wireless-N mode, in vice versa. If all your devices are of Wireless-N standard, and they DO work in that standard, you have no reason to enable support for B and G modes.

Those modes differentiate by speed:

• B – is slowest (11Mbit/s)
• G – is average (54Mbit/s)
• N – is latest standard, supporting two frequencies – 2,4GHz and 5 GHz – two bandwidth modes – 20Mhz and 40Mhz and speeds up to 65 and 150 respectively

NOTE: Those are negotiation speeds, actual transfer speeds varies by many factors, such as radio channel clarity, router processor speed, distance between your device and router.

Signal strength

This parameter defines how power is signal of your router, and hence, wireless network. If you are only to use it in your house, which is not too large, and there are lots of different houses or flats around, it makes sense to reduce power to lowest working level. If you, in the opposite, proud possessor of a large villa, or just expecting to pass over your WLAN to your neighbor friend, it makes sense to raise signal strength to higher degree, until desirable results are achieved.

Remember, the stronger your signal, the further it gets away. The further it gets away, the closer it gets to 3rd unwanted party.

Also note, if you live in a big city, in large building full of apartments with other buildings around, be sure to place your router away from window – otherwise signal gets out and bounces of the neighbor building, giving your neighbors lot of interesting possibilities.

MAC filtering

Additional layer of security is provided by WLAN MAC filtering technique. This option, if present, allows you to create list of wireless devices that have right to access your WLAN. Devices are distinguished by unique manufacturer MAC address, consisting of 12 hexadecimal characters, divided by columns (like 00:1F:01:02:03:04). Alternatively, you can create list of blocked devices.

NOTE: Although this adds some security to your network scheme, it might also cause problems with some devices, which fail to authorize. Be sure to put in all your device’s wireless MAC addresses into allowed list, and if it still doesn’t work, turn this option off.

Practically, this is not very helpful, since potential attack can easily intercept MAC address, and spoof his computer, as if it acts in name of yours.

DHCP Server

This is not exactly related to WiFi security, still increases time for potential attacker to break in from outside. All you have to do is to change network IP zone to any alternative.

NOTE: It is advisable to use only reserved IP ranges, in order not to prevent yourself out of accessing actual sites in the Internet.
Reserved ranges are:

• 10.0.0.0-10.255.255.255
• 172.16.0.0-172.31.255.255
• 192.168.0.0-192.168.255.255

AP Isolation

This is an option to isolate your AP (Access Point) from other clients in your wireless network.
Note that although WiFi against WiFi isolation might work, WiFi users (you and your devices, or your family members and their devices) will still be able to access LAN behind your router. Hence, this option is not very useful, if you’re target at secure WLAN.

Fragmentation and RTS thresholds

Those features found in some routers can also be used to harden the life of your potential enemy, if you reduce them from 2346 and 2347 to 1346 and 1347 respectively. Actually what it does increasing commutation errors probability and slowdowns or disables distant users.
This trick is actually not recommended under normal conditions, so you better leave those values as-is.

Remote router administration

Unless you plan to change settings of your router from the other side of connection (eg. from Internet), it is advised to disable remote administration at all.

Wireless access to router configuration page

We recommend you to disable this setting. In case potential malefactor actually cracks your WiFi password, he won’t be able to change any settings on your router, or retrieve your Internet connection details (login, password, lan addresses and port forwarding settings).

Conclusion

To conclude our review, we’d like to advise you to be always one step before potential problems, and keep your WLAN safe.