Open Wireless Home Network

It’s no secret that WEP and WPA can be cracked, WEP in less than a minute. Security guru Bruce Schneier recently wrote that his own home wifi network is open – no password, no encryption. My packet filtering freeBSD server’s power supply started making a lot of noise and I decided to turn it off for good. Moreover, I turned off WEP at the wireless router.

My old Netgear router doesn’t support the new and more robust WPA standard, and WEP provides almost no security: there is nothing to be gained by enabling it. No more dealing with hex keys. It’s easy for friends and family to drop onto the network when they come over. Likewise, new machines are easy to configure.

What’s the worst that could happen? I live in the suburbs. The idea of someone sitting in a car, in the Colorado cold, stealing my connection isn’t a likely scenario. And if it they did, so what?

More likely, a neighbor would connect to my network – probably inadvertently - and steal band width from my connection. Unless my network is running slow, I’m not really worried about this.

But what about our family’s computers and data? We have several Linux/FreeBSD boxen, and two Macs. Our wireless router is no less secure than any of the free wireless hot spots I connect to: the airport, cafes, office park free wireless, etc. We simply take the same precautions at home we would take at a public wifi connection.

A few simple things should keep your data safe:

  1. Keep your computers up to date.
  2. Use a safer browser, like Firefox.
  3. Don’t enter any data you care about – passwords, web forms, etc. – from a web page that is not being served over SSL (https in the url).
  4. If you use an email client, make sure you use SSL to pop/imap your mail.
  5. Encrypt any sensitive data on your machines.

Make sure you do the above when you use a public wifi connection.

I do a couple other things, that won’t stop anyone in the know from using my network, but will keep the neighbor kid from accidentally using my printer.

  • You can use access by mac address to white list your computers. This can be easily spoofed, but will prevent anyone from ‘accidentally’ connecting to your network.
  • Turn off (or disconnect) your printer when you’re not using it.
  • Check your wireless router’s log files.

References

Cracking WEP and WPA Wireless Networks

Bruce Schneier. My Open Wireless Network

Share and Enjoy:
  • Twitter
  • del.icio.us
  • Facebook
  • Print

Posted Friday 8 February 2008 in sarbastic.   TrackBack URI

Leave a Reply