Security Information |
|
Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking
Airport Menace: The Wireless Peeping Tom It never fails that something interesting happens to me at the airport. I've even met some famous people during my travels. A few months ago, I ran into Frank Bielec, from the TLC show, Trading Spaces. But one of my favorite things to do at the airport is browse the wireless Ethernet waves. I'm never really surprised at what I find. I'm just glad I know more about wireless Ethernet than the average road warrior. The Dangers Of Ad-Hoc Wireless Networking Links However, for those who are not using "Infrastructure Mode", and are configured to communicate from machine to machine, or "Ad-Hoc", there are a few things you should be aware of. A wireless Ad-Hoc network allows you to communicate with other wireless Ethernet systems without using a wireless access point. It's kind of a peer to peer configuration and it works rather well. The problem is, most people just set it up, and forget about it. At home, it's not a huge problem, but when your on the road, it could cause you a great deal of grief. The airport is probably the best place to find Ad-Hoc networks. Business men and women, delayed once again, power up their laptops and get to work completing the days tasks, or planning tomorrows agendas. I can't tell you how many systems I find in the airport configured this way. Not just in the terminal, but on the plane. About three months ago, just after we reached cruising altitude and were allowed to use our "approved electronic devices", I found that the gentleman two seats up from me had a laptop configured as Ad-Hoc. He walked by me about ten minutes later and commented on how much he liked my laptop. I thanked him, and asked if his laptop was on, and configured to use wireless Ethernet, he said yes. To make a long story short, I showed him that I could see his laptops wireless Ethernet and informed him of the danger. He asked me if I could access his hard drive, and I told him that it might be possible. He asked me to see if I could, so I obliged. After configuring my laptop to use the same IP address class as his, and typing "net use * hiscomputersIPAddressc$ "" /USER:administrator", I received a notice that the connection was successful and drive Z: was now mapped to his computer. I performed a directory listing of his hard drive and the guy almost had a heart attack! After this, he moved up to the seat next to mine and we spent the next hour or so configuring his laptop securely, starting with securing his computers local administrator account. At one point during the configuration, he made the statement that I got real lucky because his local admin account did not have a password. My response to him was, I get lucky quite often. Who Else Has Your Client List The fact is, whether it be "Infrastructure Mode", or "Ad-Hoc" wireless Ethernet communications, if not properly configured and secured, can pose a significant risk. There are thousands of articles on the Internet about the dangers of improperly configured wireless networks, yet the number of unsecured networks seems to be getting greater, not less. Strength And Posture Does Reduce Your Risks When I perform security assessments, I create a list of potential targets, and potential methods of compromise. I then prioritize that list by which system, with a particular vulnerability, may be easiest to compromise. Those at the bottom of the list typically never come on my radar screen; the best scenario it to keep of the radar altogether. Conclusion 1. Above all, make sure all your user accounts have strong passwords, especially those that have administrative control over your system; 2. Configure your wireless network to use some sort of encryption. I know there is a lot of concern about the "crackability" of WEP, but if this is all you have to work with, and then use it. It is still helpful; 3. If possible, use MAC addresses filtering to restrict unwanted systems from attaching to your wireless network; 4. Make sure the firmware for your AP's and wireless Ethernet cards are up to date. These updates can be found on your card or AP's support site. Remember, if you are compromised over your wireless network it can be near impossible to track down where the attack came from. Worse yet, think about how many systems become compromised, and no one ever knows it? About The Author
MORE RESOURCES: UHG says it's rebuilding Change Healthcare with cloud-based security Healthcare IT News UCLA police chief, accused of security lapses before mob attack, defends his actions Los Angeles Times The U.S.-Japan Alliance Council on Foreign Relations Dave Chappelle's attacker sues Hollywood Bowl, security 2 years after he stormed stage: report New York Post Dave Chappelle attacker suing Hollywood Bowl security for negligence New York Daily News Ripple effect: Local agencies ramp up security after state, national cyberattacks on water supplies Altoona Mirror The Mystery Of EgyptAir's Inflight Security Officers... One Mile at a Time RELEASE: Gottheimer Announces Record $4.8 Million in Nonprofit Security Grants, Stands Against Antisemitism ... Josh Gottheimer NJ religious sites getting $4.8M for security, Gottheimer says NorthJersey.com Microsoft will base part of senior exec comp on security, add deputy CISOs to product groups GeekWire After canceling commencement, USC will host event at L.A. Coliseum, rolls out new campus security Los Angeles Times Former security guard found guilty of killing man over loud music WREG NewsChannel 3 Dazz Unveils AI-Powered Automated Remediation for Application Security Posture Management Dark Reading FTC Highlights Privacy and Data Security Work ACA International Former security guard Gregory Livingston found guilty of murdering man at Kroger gas station over loud music Action News 5 White House releases critical infrastructure memo empowering CISA to strengthen health care security | AHA News American Hospital Association College campuses tighten security amidst graduation ceremonies Abccolumbia.com Cabana Live shooting: Victim sues venue, security, others WESH 2 Orlando Joe Andruzzi Foundation, Amplix, celebrate reaching $1 million milestone in food security grants The Sun Chronicle Graduations kick off at UConn with extra security measures in place Eyewitness News 3 NIST launches initiatives to enhance AI safety and security American Banker Senate Bill to Establish Public Database to Track Voluntary AI Security Incident Reports Executive Gov Chaotic lake getting fence and security Wink News Ahead of RSA, Menlo Security announces partnership with Google Cloud for better browser security SiliconANGLE News Private security worker raises concerns over handling of UCLA encampment violence FOX 11 Los Angeles LISTEN: Know the News - Election Security and Voting Machines in Northwest Arkansas Northwest Arkansas Democrat-Gazette Graduations kick off at UConn with extra security measures in place Eyewitness News 3 Bodega owners, advocates address spike in armed bodega robberies, call for ramped-up security measures News 12 Bronx Before mob attack, UCLA police chief was ordered to create security plan but didn't, sources say Yahoo! Voices Thune wants cooperation for cyber security plan KELOLAND.com NSA Highlights Mitigations against North Korean Actor Email Policy Exploitation National Security Agency From Greenpoint to Sunnyside: After sublets and apartment shares, I wanted the security of owning a place Brick Underground Kentucky security guard allegedly reported false bomb threats at places he worked Lexington Herald Leader 174 Nebraska schools get $10 million to upgrade security Omaha World-Herald Verdict found after deadly 2021 Kroger fuel center shooting WATN - Local 24 Leander ISD makes progress on safety, security bond projects Community Impact Ex-security guard Knapp maintains lead at Byron Nelson Omaha World-Herald Marathon County Public Library mulls security guard amid uptick in unsafe behavior Wausau Pilot and Review Belgium’s Aikido lands $17M Series A for its ‘no BS’ security platform aimed at developers TechCrunch Lancaster city, county spent at least $7600 for security for cancelled Drag Queen Story Hour LNP | LancasterOnline Making a career of medical device interoperability and security Healthcare IT News |
RELATED ARTICLES
Web and Computer Security Well, if that would have been said to me by my father when I was 2 years of age, I would have understood. But when today, my own computer tells me that when I am 34, I wonder why I spent $1500 on my computer hardware and software just to enjoy the (un-realized) benefits of this great and revolutionary information technology?Today’s cyberspace is hazardous. Network Security 101 As more people are logging onto the Internet everyday, Network Security becomes a larger issue. In the United States, identity theft and computer fraud are among the fastest rising crimes. Watching the Watchers: Detection and Removal of Spyware If spyware were a person and he set himself up in yourhouse, you are likely going to do one of two things. You'llkick him out yourself or you'll call someone (such as thepolice) to do it for you. Is My PC Vulnerable on the Internet? No longer are viruses the only threat on the internet. In recent years other threats have evolved which include spyware, adware, hacking, identity theft, information theft, pop-ups and the loss of information. Avoiding Scams: If It Sounds Too Good to Be True, It Probably Is A week or so ago, I received an inquiry from a man in Indonesia about buying multiple copies of certain items on my website. I immediately suspected fraud, so I explained that I only had one piece of each. Fishing for Fortunes. Scam! Spelt phishing, but pronounced as above, this despicable act is an effort to batter your bankroll or commandeer your cash.To put it simply, you can get emails from account administrators, which strongly urge you to update details attached to that account. Everything You Need To Know About Spyware and Malware You are at your computer, checking out software on EBay. The computer is really sluggish, and you are not running anything else. Keeping Worms Out of Your Network... No auntie Sookie, not earth worms, computer virus worms that can get to you computer and slowly dig deep into your files and eat them away. Put that eggnog down and I'll tell you some more about these new worms. Phishing and Pharming: Dangerous Scams As soon as almost all computer users already got used to -- or at least heard about -- the word "phishing", another somewhat confusing word appeared not long ago. Pharming. Anti-Spyware Protection: Behind How-To Tips There is no doubt that "how-to articles" have become a separate genre. One can find such an article about almost anything; there are even some entitled "How to Write a How-To Article". Phishing - Its Signs and Your Options Phishing is the act of some individual sending an email to a user in an attempt to scam the user to release personal information. Is it easy to determine if it's a scam? Sometimes - but not always. Burning Bridges is Bad, But Firewalls are Good When you signed up for that ultra-fast DSL or Cable connection there was probably one very important piece of information that your ISP failed to mention. By accessing the Internet via a high-speed connection, you have tremendously increased your chances of being victimized by a computer hacker. Dialing Up a Scam: Avoiding the Auto-Dialer Virus For many, the daily walk to the mailbox evokes mixed feelings: The glee that your favorite monthly magazine - or a friend's hand-written letter (quite a surprise in the e-mail age) may be waiting is countered by anxiety of how many bills the postman left you.Now, imagine coming across your phone bill, thicker and heavier than normal. Phishing: A Scary Way of Life The Federal Bureau of Investigation has identified "phishing" as the "hottest and most troubling new scam on the Internet."What is Phishing?Phishing is a scam initiated via e-mail. How Spyware Blaster Can Protect Your Computer From Harm By browsing a web page, you could infect your computer withspy ware, ad ware, dialers and hijackers. These, unwelcomeguests, are some of the fastest growing threats on theInternet today. Delete Cookies: New-Age Diet or Common Sense Internet Security? No, this article isn't about some new, lose-20-pounds-in-a-week, certified-by-some-tan-Southern-California-doctor diet. It's about cookies on your computer - what they are, why they are there, and what to do about them. Data Security; Are Your Company Assets Really Secure? Is your data secure? Think again. Securing data is unlike any other corporate asset, and is likely the biggest challenge your company faces today. What Can Be Done About Spyware And Adware Having a good Spyware eliminator on your computer is vital now a days with all of the different Spyware, Adware, and other malicious computer parasites that are out there. Most of them are reasonably priced and very easy to use. How to Get Rid of New Sobig.F Virus? As you know, this time the virus under the name Sobig.F has wreaked quite havoc! No doubt, many of us have suffered from this recent virus outbreak. Hacked: Who Else Is Using Your Computer? A friend called me one day and asked if I would stop by to look at his computer. He said it was running abnormally slow and he had found something on his hard-drive he could not explain. |
home | site map |
© 2006 |