The Network Security. Org

Wireless home networks are growing in number as the price of the necessary computer equipment gets cheaper.

But as more people enjoy the ability to carry their laptops anywhere in the house and connect to the Internet without wires, so does the ease of hackers to access home computers that are unprotected.

Kismet detects the presence of wireless networks, including those with hidden SSIDs. It can discover and report the IP range used for a particular wireless network, as well as its signal and noise levels. Kismet can also capture or ?sniff? all network management data packets for an available wireless network. You can use Kismet to locate available wireless networks, troubleshoot wireless networks, optimize signal strength for access points and clients, and detect network intrusions.

MIT assistant professor Dina Katabi says incremental increases in wireless network throughput just aren't going to cut it. Colleague Rob Miller says phishing attacks continue to get trickier and more threatening, and that a "Web wallet" could be the answer to safer e-commerce.

They are two of more than a dozen MIT faculty members presenting their latest research this week at the MIT Information Technology Conference to an audience of business representatives whose companies partner with the university to exchange ideas and transfer technologies from labs into the real world.

Wireless PCs, laptops and devices are being increasingly used in both business and the home. The reason for this marked trend is that wireless computers are easy to deploy, cheap and are usually simpler to manage than standard wired connections. Using wireless, new PCs or laptops can be added without the difficulty and cost of wiring them in.

For enterprises, wireless provides laptop users with convenience and mobility. Corporate workers find it very tempting to be able to move around the office or between company offices and connect into the network via a wireless laptop, wherever they happen to be.

The ability to detach yourself from that wire, and to have an Internet connection wherever you go ? that's very seductive. But there are hidden dangers in wireless networking.

Wireless networking cards are nothing more than radios. And radios broadcast; they spew out their waves promiscuously, to every receiver in range. And every wireless networking card is also a receiver. So every wireless network card can receive all the information being sent out from every other wireless networking card. In your own home, maybe that's not such a big deal, but in your local coffee shop, that can be a very big deal indeed.

The USB Wireless Security lock is a simple yet effective means to ensure computer access is limited to an authorized user. Each kit is composed of a USB receiver dongle connected to the computer, and a battery powered access transmitter, which is to be carried by the authorized user. When the user moves more than 2 meters away from the computer, the security dongle will disable access to the computer until the user carrying the transmitter has returned within the vicinity of the computer.

Wireless networking security has received a lot of attention in recent years as the media picked up on the problems with the technology and started to print stories dealing with war driving, wireless sniffing, and WEP cracking. While these aspects of wireless networking are a valid concern, there are other potentially more dangerous threats that can turn a wireless user into a victim. This update will look at one such threat, the details behind it, and a program that turns the threat into a reality.

By familiarizing yourself with following software, you will not only have a better understanding of the vulnerabilities inherent in 802.11 networks, but you will also get a glimpse at how a hacker might exploit them. These tools can even be used when auditing your own network as we will see later.

Most serious hackers and network auditors use the open source operating system Linux as the platform from which they launch attacks and perform analysis.

Vulnerability assessments can help you find and fix WLAN weaknesses before attackers take advantage of them. But where do you start? What should you look for? Have you covered all the bases? This checklist will help to answer these questions.

1. Discover nearby wireless devices
You can't assess your WLAN's vulnerabilities if you don't know what's out there. Start by searching for wireless devices in and around your office, creating a foundation for subsequent steps.

In our buzzword filled industry, wrapping your arms around wireless attacks and their potential business impacts can be tough. This tip tries to bring order to this chaos by providing a reference list of attacks against 802.11 and 802.1X, categorized by type of threat, and mapped to associated hacker methods and tools.

According to the 2005 WLAN State of the Market survey, two out of three companies have now deployed business class 802.11 (WiFi) wireless LANs. But, despite recent technology advances, security continues to be cited as the number one challenge.

Without adequate safeguards, wireless can open corporate networks to new attacks, from war driving and password cracking to rogues and Evil Twins.

Recently, a reader reported being forced to disable intrusion prevention monitoring within shared, multi tenant locations because the wireless scanning system was generating a confusing abundance of red herrings, or "false positives," from neighboring access points.

The thought of anyone forced to turn off security caused my anxiety level to spike.

Belkin has announced that it will be bundling ZoneAlarm Internet Security Suite with all its new routers.

The company's routers are currently shipping in America with the ZoneAlarm Internet Security Suite, and they will be available in Europe and Australia sometime this summer.

"In the early days of WiFi...2002, 2003... most of the security didn't work on the stuff that was being sold," Andy Trask, co founder of Geek Housecalls said. "People's early experience was they'd have networks that worked great, then they'd turn on security, and the thing would just croak."

Whether your company runs or bans WiFi, your offices have probably been visited by unauthorized "rogue" access points or stations. Most WLAN owners cite rogue elimination as a top priority. Detecting rogues is fairly easy, but eliminating them can be surprisingly tough. This tip describes a methodical rogue hunting process and tools that can help.

Attacks on wireless networks and breaches of "no-wireless" policies are a quick and easy way for hackers to steal data and enter your network. These attacks can compromise your organization's data privacy, network integrity and regulatory compliance. Organizations need to plan for, monitor, and mitigate potential wireless threats.

With the prevalence of mobile devices and the increasing use of wireless aware applications, enterprises need to continually track the threats that they face and take steps to mitigate them. Interesting trends about the nature of wireless threats are emerging, and the WVE database has revealed product defects, user and client behavior, and advancement in attacks and tools as the most prevalent types of submissions thus far.

...there are things you can do to prevent others from using your wireless access point to connect to the Internet. Fact is, if they can access your wireless access point, sophisticated hackers may also be able to access your internal network and the data on your computers.

The first thing to do is to make sure that your wireless access point isn't advertising itself.

Wireless networking is a useful innovative technology that has led to it becoming one of the boom sectors over recent years.

However, its implementation is not as straightforward as a budding IT technician might think, one wrong click and you and your company could be open to unwanted attention from the wrong kind of people. Setting up wireless access devices correctly and securely takes skill and a good knowledge of networking topology and security.

Next time you think about hopping onto your neighbor's unsecured wireless network, think twice, you could face jail time. That's the conundrum being faced by a Rockford, Ill. man who had to pay a $250 fine and has a year of court supervision for using the signal from someone else's WiFi network.

For years, whenever the press has written one of their fear mongering stories about open WiFi, they almost always include some tidbit about how if someone uses your network to do something illegal, you can be arrested for it. It's one of the popular open WiFi horror stories..but is it true? Well, of course, you can be arrested, but it's unlikely that there would be any legal grounds for the arrest.

I recently put the geek hat on and took to the road for some war driving. My goal was to capture a good amount of data on wireless networks residing in homes and businesses. Then, later I would export and compile the data to come up with some interesting statistics and tips to share with others.

My setup in the car was pretty straightforward, just me in the driver seat and riding shotgun was my laptop running AirMagnet's Laptop Analyzer software. However, I had some help keeping safe. A few times my two year old daughter rode along in the back seat, and she often yelled, "Be careful!"

Wireless security protocols have improved considerably, despite the lackadaisical attitude of most users towards their computer security. This is shocking I know, but remember these are the same people who never lock their doors, leave their keys in the car, and dump their kids on random strangers to babysit. But for those of us who care about security, the wireless world finally has some meaningful tools.

In this webcast, information security experts and authors of the book Hacking Wireless Networks for Dummies, Kevin Beaver and Peter T. Davis, will discuss the latest ethical hacking techniques for testing the security of your voice over IP (VoIP) implementations. They will demonstrate the latest tools for testing VoIP security. If you have not used Vomit, this webcast is for you!

Ever since wireless Ethernet was born, a sizable number of folks decided that it should be freely available to the masses at no cost. So we have official community wireless projects, coffee shops, hotels, and other businesses supplying free wireless Internet, and a lot of purposefully unsecured private wireless networks.

Virus analyst firm Kaspersky Lab has suggested that even IT professionals do not pay enough attention to IT security issues, following an analysis of network security at the Cebit 2006 ICT trade fair last week.

Local experts agree that WiFi network security in SA is mostly overlooked, and is often relegated to ?last on the list? status.

Wireless security should effectively resolve issues that deal with the human tendency to be less than perfect. Organizations can prevent data from being stored permanently on the mobile device, or they can use the poison pill approach, which deactivates the mobile device when it is lost or stolen. But the second option is not effective when the device is out of the range of the service provider.

The use of short range wireless Internet connections in public places is becoming very popular. WiFi, as it's known, is a great way to access the web without all the cables. Here's a basic list of what you need to know to keep from becoming a hacker target while you're surfing the web at a WiFi hotspot.

As laptops become more portable and handheld devices more powerful, it's easier than ever to take your computing environment to go. Fast Internet connections are also easier to find when you have wireless connectivity. But with this enhanced mobility comes additional information security risks. By understanding these risks and implementing tools to help minimize them, you can keep your mobile computing safe and convenient.

Panda Software has published the "Security in Wireless Networks" report by PandaLabs, which highlights the security deficiencies in WEP, the most widely used protocol in WiFi environments, and underlines the relative reliability of other current systems, such as WPA or WPA PSK. According to the survey, almost 60 percent of networks had no security system at all.

Setting up a wireless network is incredibly easy. There?s no cable to pull, no holes to drill; just plug in your wireless access point (AP), let your wireless connection manager auto-associate, and you?re online. Unfortunately, so is every other person who happens to be within broadcast range of your AP, and that?s where your trouble starts.

Every business has information that must be kept private. Trade secrets, source code, or even the company?s accounting books can find their way into nefarious hands all too easily. If you have customer data stored on your network, it?s even more imperative to lock down access. A few credit card numbers escaping into the wild can permanently damage your customers? trust; just the possibility of credit card number theft can trigger regulatory disclosure procedures in some states. And wireless network access doesn?t stop at your business?s walls; if your network is open, anyone can squat in your parking lot and hop online.

Do you guys know any good software that would improve my wireless security? I.e. If I am using my notebook computer at a local coffeeshop with Wifi, what can I do to prevent my important data/information from captured via someone else with packet sniffing software? We?ve all got to connect to an unsecured network once in a while, right? What do you do to keep your information secure when you?re on the laptop away from home?

The New York Times recently took a front page swipe at the (Internet) age old question of whether an unprotected wireless network amounts to an open invitation for any piggybacker who happens by with a laptop.

Theft of service? . . . Or victimless "crime" of convenience?

At this point the question has become pretty much a philosophical one: Either you're OK with catch as catch can wireless . . . or you're not. But the story did get me thinking about the issue again.

The WiFi Alliance announced today that the WPA2 security certification program, the second generation of WiFi Protected Access, is now a mandatory feature for all new WiFi CERTIFIED products, marking the next step in the evolution of WiFi security. Nearly 600 products have been WiFi CERTIFIED for WPA2 since it was introduced as an optional program in September 2004, building on the existing WPA program.

Security is all the talk in wireless networks today, whether at home or in the office and for good reason. Which security is best for you? WEP (Wired Equivalent Privacy) used to be the standard, but newer and arguably better security standards have been implemented for wireless. WiFi Protected Access (WPA), so named by the WiFi Alliance, is taking the lead alongside an even newer version, WPA2. Both are based on the Institute of Electrical and Electronics Engineers (IEEE) 802.11i ratified amendment.

Despite a few good online articles and countless alarmist news items decrying parasitic War Drivers and War Chalkers contributing to the moral decay of the country, a surprising number of people still install wireless equipment with all of the defaults enabled. There are a huge number of access points in use today that unintentionally advertise a default SSID, bridge directly to an Ethernet network, and use no encryption whatsoever (or a WEP key left on the factory setting, and therefore easily deduced).

Of all of the network security threats your company faces, few are as potentially dangerous as the rogue Access Point (AP). A rogue AP is a WiFi Access Point that is set up by an attacker for the purpose of sniffing wireless network traffic in an effort to gain unauthorized access to your network. Ironically, though, a malicious hacker or other malcontent typically doesn't implement this breach in security. Instead, it's usually installed by an employee looking for the same convenience and flexibility at work that he's grown accustomed to using on his own home wireless network.

The demand for enterprise wireless connectivity is continually growing as early adopters demonstrate increased productivity and responsiveness, and managers take notice of the significant TCO savings. As a result, IT organizations are coming under increasing pressure to ensure that the wireless network is secure. Fortunately, this can be achieved today with a minimal investment of time and effort.

AirSnort is a Linux utility (using GTK+) for decrypting WEP encryption. A Windows port is also in development.

Scott Fluhrer, Itsik Mantin and Adi Shamir released a paper titled Weaknesses in the Key Scheduling Algorithm of RC4. Based on the security flaws described therin, Blake Hegerle and Jeremy Bruestle wrote a tool that only has to gather about five to ten million encrypted packets from a wireless access point before it can try to recover the wireless key. Depending on the environment this can take as little as a few minutes, or, more commonly a few hours.

Recently, a "Wireless in the Enterprise" reader reported being forced to disable intrusion prevention monitoring within shared, multi tenant locations because the wireless scanning system was generating a confusing abundance of red herrings, or "false positives," from neighboring access points. The thought of anyone forced to turn off security caused my anxiety level to spike.

This page offers some practical security tips for wireless networks based on Apple's Airport and the IEEE 802.11 (WiFi) standards. Executive summary: use only WPA or WPA2 securite modes and pick a strong passphrase.

Wireless networks broadcast their packets using radio frequency or optical wavelengths. A modern laptop computer can listen in. Worse, an attacker can manufacture new packets on the fly and persuade wireless stations to accept his packets as legitimate.

We use the term hacking as described below.

hacker n. [originally, someone who makes furniture with an axe] 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.

Linksys found a place in many a geek's heart when it released the original WRT54G router back in 2003. A network router, 10/100 Ethernet switch, and wireless access point all rolled into one, the WRT54G blazed a happy trail as one of the earliest home networking devices to have its firmware source code made publicly available under the GNU General Public License (GPL). Soon after, a number of third party firmware options became available, letting networking and Linux enthusiasts utilize their routers in ever more powerful and creative ways.

Piggybacking, the usually unauthorized tapping into someone else's wireless Internet connection, is no longer the exclusive domain of pilfering computer geeks or shady hackers. Ordinarily upstanding people are tapping in, too.

"I don't think it's stealing," said Edwin Caroso, a 21-year-old student at Miami Dade College in Miami, echoing an often-heard sentiment. "I always find people out there who aren't protecting their connection, so I just feel free to go ahead and use it."

Symantec and the Internet Education Foundation launched a consumer wireless education effort Tuesday initially aimed at the country's 56 million wireless Internet users.

The first phase of the campaign will focus on issues related to wireless network and mobile security, including online educational modules for wireless home networking and public WiFi use.

Wireless local area networks (WLANs) are not like wired ones data is highly vulnerable in its silent transit through the air. All that is needed is the right utility to find the radio signal, interpret the data stream in much the same way as would any other network interface, and direct the intruder to useful bits of plain text information. Using an unsecured wirless link is the technological equivalent of leaving confidential documents lying around in the street.

Businesses and home users are quickly adopting wireless networking and for good reason. It's cheap, convenient, easy to set up, and provides great mobility. In fact, more than one third of PC Magazine readers have already installed wireless networks in their homes. The freedom from tangled cables is intoxicating but comes with a price.

A wireless network can broadcast far outside your building. With a powerful antenna and some widely available hacking software, anyone sitting near your installation or even driving by can passively (without alerting the target) scan all the data flowing in your network.

You wouldn't design a network with Internet access without a firewall, so why would you have an unencrypted wireless network? Understanding wireless encryption is essential to deploying a secure wireless network.

The security of a wireless transmission is analogous to a written message. There are a variety of ways to send a written message and each provides an increased level of security and protects the integrity of the message.

Connect to a legitimate service provider and make sure the paid service you tap into is the one advertised for that location. Resist using a free signal; it could be a hacker nearby waiting for people to use the decoy Internet access.

? Use your e-mail provider?s online Web site instead of sending and receiving mail from the e-mail software program on your desktop. Web-based services are more likely than desktop software to have an extra layer of security that protects data transmissions.

Wireless local area networking (WLAN) is increasingly popular even for home users and both Windows XP Home Edition and Professional support it and this is further enhanced in Windows XP SP2.

This article shows you how to configure high security settings in your wireless router and Windows XP for the home or small office/home office (SOHO) user, taking Linksys WKPC54G kit (wireless G router WRT54G with notebook PC card) and Windows XP Professional SP2 using infrastructure mode as examples.