Steps you can take to protect against wardrivers:
There are a number of very simple steps you can take to protect your wireless network. For many of these, you will have to access your router configuration utility (check your manual on how to do this, you will generally need to type an IP address into your browser such as 192.168.0.1 or 192.168.1.1).
Don’t broadcast your SSID. If you are broadcasting your SSID, this is the first thing a program will pickup and recognize. If you configure your router to not broadcast your SSID, it will be difficult to detect (but not impossible, for some software can sniff wireless communication, so if you are using your wireless network, the SSID can be revealed). If you are not broadcasting your SSID, but it can be guessed (such as if you are using a default SSID), cloaking is pointless. Due to this, remember to change your SSID from the factory default. This is not a 100 percent effective method to secure your network, but it is a good first line of defense.
Change the default password. When you buy a router, a factory password is stored. People experienced in working with routers know the default passwords for different routers (and the make of the router can be seen by wardriver software such as netstumbler). It is important that you secure your router with a good password.
Encrypt your wireless communication. I can’t stress the importance of encrypting your wireless communication enough. Enable encryption and enter a key. Most routers are only capable of WEP encryption, but if they permit, use EAP encryption, it’s more secure than WEP. Like cloaking your SSID, encryption is not 100 percent secure. Given enough time and determination, if someone wants to target you and access your network, WEP encryption can be bypassed using software such as AirSnort.
Filter the MAC addresses that are allowed to connect to your router. This would require that you enter your router configuration and input the MAC address of each wireless card you have. This will restrict access so that only your computers can connect to the router. You will need to obtain the MAC address (which is the individual identification address of a network card in the form a 12 digit hexadecimal number). If someone sniffs traffic and detects the MAC address of a computer wirelessly using your network, the wardriver could emulate that address and connect to the router, but this takes time.
If you configure file sharing on your computers, make sure it is password protected. You should not share files on your networked computers unless it requires an authenticated user to access. Set up the same user accounts on your machines so that your computers can share files.
With these relatively simple steps, wireless network users can secure their networks from wardrivers. Wireless networks are inherently insecure, and these tips will merely help you greater secure your network. If someone is really determined to gain access to your network, given enough time, a good hacker can get access. These tips will deter the average wardriver from gaining access to your network, however. Although these methods are not definite security measures, they will change your network from being something that can be hacked in a matter of seconds, to something that will take a determined hacker days if not weeks of work, all of which will have to be done while in close proximity to your network.
About the Author:
Zackary Anderson is a network security veteran, and CEO of Andertec Enterprises http://www.andertec.com, which specializes in onsite custom computer services for the Los Angeles area. Andertec also sells custom made-to-order computer systems, and has a line of revolutionary products at incredibly low prices including the best-selling CyberHome Complete home automation package.
|
Article Source:
thePhantomWriters Article Submission Service