Sunday, October 02, 2011
Be on Guard against Crackers and Wardrivers by Securing your Wi-Fi at Home
Posted by
Shipcode
at
2.10.11
Labels:
airsnare,
AP attacks,
network encryption,
wardrivers,
WEP,
Wi-Fi hacking,
Wi-Fi paint,
Wi-Fi security,
wirless security,
WPA,
WPA2
In my last article, I demystified an easy to use tool that cracks Wi-Fi AP’s (Access Points) easier. Now it’s time to give some tips about securing your Wi-Fi AP at home.
But first of all why do we need to secure our AP? Well, if someone is using your connection then it can decrease your speed (duh!). And the intruder could sniff the packets in your network or he or she may try to exploit your own PC (Personal Computer).
Scared? Don’t worry we have some simple configurations and setups for you in order to protect your privacy and your Wi-Fi network. Here are some simple steps you can apply:
1. The most obvious thing you should do first is to determine the login page of your router by typing the internal IP address of your router in the browser. (For example 192.168.1.1 or 192.168.2.1)
2. Once you are done logging in to your router, read the manual so that you will be familiar with your router.
3. The next thing you should do is to change the default values for the admin and password settings under the Administration settings of your router. Create a unique password and don’t use common passwords.
4. Change the SSID (Service Set Identifier) name or the Wireless network name so that the attacker could not identify the model of your router because he could google it in order to search for exploits. Don’t use your name or other obvious information for the SSID.
5. In order to prevent other users from accessing your AP, enable network encryption. There are several encryptions for wireless security settings which includes; WEP (Wired Equivalent Privacy), WPA (WPA-Personal), and WPA2 (Wi-Fi Protected Access version 2). WEP can be easily cracked and is the most basic encryption thus making it least secure. Use WPA2 (AES) encryption because it is the most secured encryption.
6. For the WPA2 encryption, use a unique or complex passphrase so that crackers will have a hard time cracking it with their wordlist. If you suspect any activities, change your passphrase monthly. The cracker could have a hard time cracking it because he is only as good as his wordlist.
7. Reduce the signal of your wireless router; you could do this by decreasing the signal range by either changing the mode of your router to 802.11g (instead of 802.11n or 802.11b) or use a different wireless channel.
8. Enable MAC filtering so that it will only allow friendly MAC addresses on the AP. But sad to say, MAC addresses can be spoofed but first things first, the attacker should know one of the MAC addresses connected to the wireless network before he can spoof it thus he needs to sniff the packets first.
9. Update the firmware of your router by checking the official website of the manufacturer in order to be on guard with the latest exploits. And also because some old routers don't have WPA2 encryption in their firmware.
10. Then to check for users connected to your wireless network open your router's administration page (using the 192.168.* address) and look for the DHCP Clients Table (it's under Status > Local Network on Linksys routers). Here you will see a list of all computers and wireless devices that are connected to your home network. But you could also use Airsnare which is a “free utility that alerts you to unfriendly MAC addresses on your network and will also alert you to DHCP requests taking place”.
11. And if you are too paranoid, apply the Anti-Wifi Paint. LOL!
Well, that’s it for now! If you want to add some other tips, just reply to this blog article.
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security. He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.
ROOTCON is managed by like minded InfoSec professionals across the Philippines. All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.