What are the risks of having an unsecure wireless LAN, i.e. 802.11b/g? Someone was pointing out to me that anyone on the net can sniff packets, but all the ones that I have seen that deal with money use a secure protocol like https. I know that someone could use the network to download kiddie porn or upload viruses or something. What are the other problems?
Thanks for your help,
Rob
The biggest one is that people can start slurping enough of your bandwidth to piss you off. That could get you in trouble with your service provided.
Someone could monitor what what web pages you visit and maybe intercept e-mail, chat, or something else.
It makes it somewhat more likley someone could hack into your computer although there is security at the firewall and Windows itself too.
They wouldn’t have much luck with encrypted transactions though.
The risks (except for bandwidth) seem pretty small to me and most people don’t have a problem. Why would someone even care enough to do that?
Also, if you have your network set up with shared drives/folders, so that you can exchange information between computers on your network, anyone connecting to your network can read/write/modify files on your computer(s).
The risks are significant. Although you allude to encrypted protocols, the majority of your Internet traffic is sent in the clear. Have you asked for a password reminder through e-mail? Could someone else ask for a password reminder using your e-mail address, then wait for you to check your e-mail and access the message? (Yes, they can). Plus, think about what passwords you use. Is your e-mail password the same as the one you use for online banking? (It shouldn’t be). The computers on the network are also vulnerable to direct attacks, and all sorts of other shenanigans.
WEP is not good enough. Depending on several factors, any WEP-encrypted network can be cracked in 10 minutes to an hour. You should be using WPA. SSID hiding and MAC filtering are secondary. I don’t bother with SSID hiding, as it makes it hard to tell when I’m in range of the network and an attacker with the ability to crack WEP also has the ability to detect your network and reveal your SSID. MAC filtering can restrict access in many cases, but it is possible to spoof one’s MAC address and connect anyway.
Why is WEP so easy to crack? If cracked, does this mean that a hacker now has arbitrary access to your machine or that he now has the access that he would have if the network wasn’t secured?
That email trick is a sneaky thing I hadn’t thought of before. Good to know.
Thanks for your help,
Rob
WEP is easy to crack for two main reasons. First, the algorithm itself is flawed. By collecting enough packets, statistical analysis will reveal the key. Do a Google search for “FMS attack” and “Korek attack” for more info. Second, WEP provides no protection against replay attacks. This allows an attacker to find packets that fit a profile, like ARP requests, since they are always 28 bytes long. Then, the attacker will continually resend that data, which drives up the traffic on the network and dramatically decreases the time needed to capture enough packets.
Cracking WEP means the attacker has access to the network. It doesn’t necessarily mean they can access the computers on the network, unless you use the same password on your computer as the one used for WEP and the attacker tries that password.