Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.



2002 posts

Uber Geek
+1 received by user: 116

Trusted
Subscriber

Topic # 12541 22-Mar-2007 18:27 Send private message

Hey guys.

I have been thinking of doing a study to see how people percieve the importance of wireless network security.
Over the last couple of nights, I went for a drive around Havelock North, which for those that dont know, is one of the most rapidly growing areas in Hawkes Bay.
It also has a range of low socioeconomic residential areas, very close to areas of high socioeconomic areas. I spent about 4 hours driving around and found that of the 180 access points that we found, 71 were unencrypted and allowed us access to the network. (we didnt do anything other than confirm that the dchp server gave us an ip then we moved on).

I was also rather surprised to find that around 60 of these access points were in areas that we would consider higher socioeconomic areas, or the newly developed areas with average house prices around $500,000+. Almost all of the access points we found in the lower areas were secured.

Most of the business leaders of Hawkes Bay live in the upper areas of Havlock North and I would imagine many of these business leaders keep company information / records etc. on home computers which are literally accessible to someone, in a car, on the street.

Any thoughts?
We also found that there is a surprisingly high amount of laptops with the SSID 'hpsetup' in havlock north. We didnt bother connecting to these but many were unencrypted also.




Ray Taylor
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
643 posts

Ultimate Geek


  Reply # 64843 23-Mar-2007 14:35

what software are you using to discover access points?
we use kismet on Linux down here in chch and a 5 minute walk thru the CBD gives us 200+ APs, but over 50% are WEP or WPA, MAC filtered - not that that helps secure anything against someone with the right tools anyway Wink

I think the best security is keeping your signal inside your house, but with a 24db dish we could associate to a d-link 604 2kms away




Sniffing the glue holding the Internet together



2002 posts

Uber Geek
+1 received by user: 116

Trusted
Subscriber

  Reply # 64844 23-Mar-2007 14:42 Send private message

barf: what software are you using to discover access points?
we use kismet on Linux down here in chch and a 5 minute walk thru the CBD gives us 200+ APs, but over 50% are WEP or WPA, MAC filtered - not that that helps secure anything against someone with the right tools anyway Wink

I think the best security is keeping your signal inside your house, but with a 24db dish we could associate to a d-link 604 2kms away


We used Netstumbler. No external antennas or no special cards. Just my centrino laptop. I was also sure to stay away from the havelock village centre as there is probably 20 ap's there, most of which are cafenet and telecom hotspots which we could connect to, but wouldnt get very far with unless we were an xtra or cafenet user.




Ray Taylor
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




412 posts

Ultimate Geek


  Reply # 64847 23-Mar-2007 15:08 Send private message

raytaylor: Hey guys.

Any thoughts?
We also found that there is a surprisingly high amount of laptops with the SSID 'hpsetup' in havlock north. We didnt bother connecting to these but many were unencrypted also.


There was a programme on television a while ago about this, can't remember the programme name but I think it was Close up on TV1.  Maybe this is archived on the new TVNZ website.

If you can be bothered, you could always leave a note in their letterbox saying you can access their network, and give an URL with instructions on how to fix the problem.

I'd suggest you don't give them your personal details (as an offer to fix it yourself), lest they accuse you of 'hacking their account' and calling the police, wasting the cops time and you losing sleep over the complaints.




2002 posts

Uber Geek
+1 received by user: 116

Trusted
Subscriber

  Reply # 64848 23-Mar-2007 15:10 Send private message

Thats not a bad idea.
Next time, i might do something like that.

To be honest, i wouldnt be bothered fixing it myself - theres tooo many.




Ray Taylor
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




643 posts

Ultimate Geek


  Reply # 64849 23-Mar-2007 15:10

Try kismet, netstumbler is good for playing with but a joke if you're serious about security testing. we can see people netstumbling a mile away because of all the probe requests it makes. I had a honeypot setup in riccarton a few years ago capturing the MAC addresses of people wardriving with netstumbler ;-)

EDIT: I too am familiar with the moral dilema of knowing about other peoples lack of security. I have even found gaping holes in some of NZ's largest hosting providers but for fear of being accused of extortion I have always refrained from telling the admins.

What would you do?




Sniffing the glue holding the Internet together

88 posts

Master Geek


  Reply # 65987 2-Apr-2007 14:22

barf: what software are you using to discover access points?
we use kismet on Linux down here in chch and a 5 minute walk thru the CBD gives us 200+ APs, but over 50% are WEP or WPA, MAC filtered - not that that helps secure anything against someone with the right tools anyway Wink

I think the best security is keeping your signal inside your house, but with a 24db dish we could associate to a d-link 604 2kms away


best security is to be wired Money mouth Luckily for me we built a new house last year and its CAT 5 structure cabled (16 ports) sightly more expensive than going wireless, but slightly....... more secure

150 posts

Master Geek


  Reply # 69003 1-May-2007 01:05 Send private message

a new whitepaper was released that web can be cracked with only 40,000 IV's instead of the normal 5 million some dudes at MIT sussed it out, go MIT theyre always coming out with awesome stuff, off topic but they lately came up with a way to hack quantum encryption was believed to be unbreakable but there you go.

http://www.grc.com/SecurityNow.htm#89 even more breakable web

22 posts

Geek


  Reply # 72344 27-May-2007 08:14 Send private message

Makes me wonder how secure my network is. Well... it's not really a network anymore as my flatmate moved out and now my pc is all that's connected, and I no longer use wireless for connections.

I did some probing and discovered a suspicious cordless phone 'network' with 13% signal strength. It's that 2.4GHz thing right.




2002 posts

Uber Geek
+1 received by user: 116

Trusted
Subscriber

  Reply # 72374 27-May-2007 11:24 Send private message

Yea it could be a skype / voip phone or a cellphone or pda with wifi. I dont think your standard 2.4ghz cordless phone broadcasts or uses the same methods to talk like wifi does.




Ray Taylor
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




643 posts

Ultimate Geek


  Reply # 72390 27-May-2007 14:09

many/most modern cordless phones use the same 2.4GHz band of spectrum as 802.11b/g, so probably it's not an 802.11g network you're seeing but it is still 2.4GHz RF energy that could potentially interfere with an 802.11g signal.




Sniffing the glue holding the Internet together

3865 posts

Uber Geek
+1 received by user: 4

Moderator
Trusted
Subscriber

Reply # 72391 27-May-2007 14:19 Send private message

Does it only appear when you heat up a burrito?

It could also be a wireless video sender i guess?


122 posts

Master Geek


  Reply # 72417 27-May-2007 20:34 Send private message

One of the best security tips I've read is simple & cost effective. Put your access point on a power timer switch (a few bucks from the local hardware store) so it's only on when you're using it.

451 posts

Ultimate Geek
+1 received by user: 2


  Reply # 72463 28-May-2007 09:20 Send private message

wifi security...

If one is going to worry about about the lack of wifi security then one might as well ponder how many people have no firewall or no virus control or no malware control the list can go on and on...

personally I have wpa2 with aes encryption, no dhcp, locked down mac addresses and turn it off when I am not using it ie every night unless downloading

That said I wonder more about how many PCs without firewalls are accessed without the owner knowing, a port scan of the local subnet was quite an eye opener !
















122 posts

Master Geek


  Reply # 72466 28-May-2007 09:32 Send private message

personally I have wpa2 with aes encryption, no dhcp, locked down mac addresses and turn it off when I am not using it

Ah, almost identical to my setup. Except, I have an external honeynet with intrusion detection systems. If an unauthorized portscan occurs, a signal is sent to the magnetic kennel locks to 'release the dogs'.

61 posts

Master Geek


  Reply # 72473 28-May-2007 09:49 Send private message

I found this article on wireless security very interesting.

http://blogs.zdnet.com/Ou/?p=43

Cheers
Reon

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic








Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when new jobs are posted to our jobs board:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Forms of government for New Zealand
Created by charsleysa, last reply by KiwiNZ on 20-Apr-2014 18:55 (120 replies)
Pages... 6 7 8


MH370 - Call for Search & Rescue Help
Created by DS248, last reply by Sideface on 17-Apr-2014 17:28 (735 replies)
Pages... 47 48 49


why does the tax payer have to pay for the prince and princess' 6 star holiday?
Created by joker97, last reply by Geektastic on 17-Apr-2014 15:49 (67 replies)
Pages... 3 4 5


Whats the best wife friendly media centre?
Created by amorpeth, last reply by jonolynn on 19-Apr-2014 20:20 (14 replies)

Snap suffering Trans-Tasman congestion 18/04?
Created by Lias, last reply by NonprayingMantis on 19-Apr-2014 00:05 (26 replies)
Pages... 2


Help ! Home business connection and VDSL dead. yikes.
Created by Scotsman, last reply by Scotsman on 17-Apr-2014 21:10 (26 replies)
Pages... 2


galaxy s4 now on 4.4.2
Created by nzrock, last reply by Yabanize on 21-Apr-2014 09:05 (60 replies)
Pages... 2 3 4


TVNZ on Demand Jailbreak Detection
Created by TranceManNZ, last reply by hio77 on 18-Apr-2014 20:25 (12 replies)


Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.