Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




3014 posts

Uber Geek
+1 received by user: 471

Trusted

Topic # 12541 22-Mar-2007 18:27 Send private message

Hey guys.

I have been thinking of doing a study to see how people percieve the importance of wireless network security.
Over the last couple of nights, I went for a drive around Havelock North, which for those that dont know, is one of the most rapidly growing areas in Hawkes Bay.
It also has a range of low socioeconomic residential areas, very close to areas of high socioeconomic areas. I spent about 4 hours driving around and found that of the 180 access points that we found, 71 were unencrypted and allowed us access to the network. (we didnt do anything other than confirm that the dchp server gave us an ip then we moved on).

I was also rather surprised to find that around 60 of these access points were in areas that we would consider higher socioeconomic areas, or the newly developed areas with average house prices around $500,000+. Almost all of the access points we found in the lower areas were secured.

Most of the business leaders of Hawkes Bay live in the upper areas of Havlock North and I would imagine many of these business leaders keep company information / records etc. on home computers which are literally accessible to someone, in a car, on the street.

Any thoughts?
We also found that there is a surprisingly high amount of laptops with the SSID 'hpsetup' in havlock north. We didnt bother connecting to these but many were unencrypted also.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
643 posts

Ultimate Geek


  Reply # 64843 23-Mar-2007 14:35

what software are you using to discover access points?
we use kismet on Linux down here in chch and a 5 minute walk thru the CBD gives us 200+ APs, but over 50% are WEP or WPA, MAC filtered - not that that helps secure anything against someone with the right tools anyway Wink

I think the best security is keeping your signal inside your house, but with a 24db dish we could associate to a d-link 604 2kms away




Sniffing the glue holding the Internet together



3014 posts

Uber Geek
+1 received by user: 471

Trusted

  Reply # 64844 23-Mar-2007 14:42 Send private message

barf: what software are you using to discover access points?
we use kismet on Linux down here in chch and a 5 minute walk thru the CBD gives us 200+ APs, but over 50% are WEP or WPA, MAC filtered - not that that helps secure anything against someone with the right tools anyway Wink

I think the best security is keeping your signal inside your house, but with a 24db dish we could associate to a d-link 604 2kms away


We used Netstumbler. No external antennas or no special cards. Just my centrino laptop. I was also sure to stay away from the havelock village centre as there is probably 20 ap's there, most of which are cafenet and telecom hotspots which we could connect to, but wouldnt get very far with unless we were an xtra or cafenet user.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




 

 



424 posts

Ultimate Geek
+1 received by user: 2


  Reply # 64847 23-Mar-2007 15:08 Send private message

raytaylor: Hey guys.

Any thoughts?
We also found that there is a surprisingly high amount of laptops with the SSID 'hpsetup' in havlock north. We didnt bother connecting to these but many were unencrypted also.


There was a programme on television a while ago about this, can't remember the programme name but I think it was Close up on TV1.  Maybe this is archived on the new TVNZ website.

If you can be bothered, you could always leave a note in their letterbox saying you can access their network, and give an URL with instructions on how to fix the problem.

I'd suggest you don't give them your personal details (as an offer to fix it yourself), lest they accuse you of 'hacking their account' and calling the police, wasting the cops time and you losing sleep over the complaints.




3014 posts

Uber Geek
+1 received by user: 471

Trusted

  Reply # 64848 23-Mar-2007 15:10 Send private message

Thats not a bad idea.
Next time, i might do something like that.

To be honest, i wouldnt be bothered fixing it myself - theres tooo many.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




643 posts

Ultimate Geek


  Reply # 64849 23-Mar-2007 15:10

Try kismet, netstumbler is good for playing with but a joke if you're serious about security testing. we can see people netstumbling a mile away because of all the probe requests it makes. I had a honeypot setup in riccarton a few years ago capturing the MAC addresses of people wardriving with netstumbler ;-)

EDIT: I too am familiar with the moral dilema of knowing about other peoples lack of security. I have even found gaping holes in some of NZ's largest hosting providers but for fear of being accused of extortion I have always refrained from telling the admins.

What would you do?




Sniffing the glue holding the Internet together

91 posts

Master Geek


  Reply # 65987 2-Apr-2007 14:22

barf: what software are you using to discover access points?
we use kismet on Linux down here in chch and a 5 minute walk thru the CBD gives us 200+ APs, but over 50% are WEP or WPA, MAC filtered - not that that helps secure anything against someone with the right tools anyway Wink

I think the best security is keeping your signal inside your house, but with a 24db dish we could associate to a d-link 604 2kms away


best security is to be wired Money mouth Luckily for me we built a new house last year and its CAT 5 structure cabled (16 ports) sightly more expensive than going wireless, but slightly....... more secure

163 posts

Master Geek
+1 received by user: 1


  Reply # 69003 1-May-2007 01:05 Send private message

a new whitepaper was released that web can be cracked with only 40,000 IV's instead of the normal 5 million some dudes at MIT sussed it out, go MIT theyre always coming out with awesome stuff, off topic but they lately came up with a way to hack quantum encryption was believed to be unbreakable but there you go.

http://www.grc.com/SecurityNow.htm#89 even more breakable web

22 posts

Geek


  Reply # 72344 27-May-2007 08:14 Send private message

Makes me wonder how secure my network is. Well... it's not really a network anymore as my flatmate moved out and now my pc is all that's connected, and I no longer use wireless for connections.

I did some probing and discovered a suspicious cordless phone 'network' with 13% signal strength. It's that 2.4GHz thing right.




3014 posts

Uber Geek
+1 received by user: 471

Trusted

  Reply # 72374 27-May-2007 11:24 Send private message

Yea it could be a skype / voip phone or a cellphone or pda with wifi. I dont think your standard 2.4ghz cordless phone broadcasts or uses the same methods to talk like wifi does.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




643 posts

Ultimate Geek


  Reply # 72390 27-May-2007 14:09

many/most modern cordless phones use the same 2.4GHz band of spectrum as 802.11b/g, so probably it's not an 802.11g network you're seeing but it is still 2.4GHz RF energy that could potentially interfere with an 802.11g signal.




Sniffing the glue holding the Internet together

4094 posts

Uber Geek
+1 received by user: 42

Moderator
Trusted
Subscriber

Reply # 72391 27-May-2007 14:19 Send private message

Does it only appear when you heat up a burrito?

It could also be a wireless video sender i guess?


122 posts

Master Geek


  Reply # 72417 27-May-2007 20:34 Send private message

One of the best security tips I've read is simple & cost effective. Put your access point on a power timer switch (a few bucks from the local hardware store) so it's only on when you're using it.

725 posts

Ultimate Geek
+1 received by user: 61


  Reply # 72463 28-May-2007 09:20 Send private message

wifi security...

If one is going to worry about about the lack of wifi security then one might as well ponder how many people have no firewall or no virus control or no malware control the list can go on and on...

personally I have wpa2 with aes encryption, no dhcp, locked down mac addresses and turn it off when I am not using it ie every night unless downloading

That said I wonder more about how many PCs without firewalls are accessed without the owner knowing, a port scan of the local subnet was quite an eye opener !
















122 posts

Master Geek


  Reply # 72466 28-May-2007 09:32 Send private message

personally I have wpa2 with aes encryption, no dhcp, locked down mac addresses and turn it off when I am not using it

Ah, almost identical to my setup. Except, I have an external honeynet with intrusion detection systems. If an unauthorized portscan occurs, a signal is sent to the magnetic kennel locks to 'release the dogs'.

68 posts

Master Geek
+1 received by user: 1


  Reply # 72473 28-May-2007 09:49 Send private message

I found this article on wireless security very interesting.

http://blogs.zdnet.com/Ou/?p=43

Cheers
Reon

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Telecommunications monitoring report: Are you being served?
Posted 24-May-2017 11:54


NetValue partners with CRM Provider SugarCRM
Posted 23-May-2017 20:04


Terabyte looms as Vocus users download 430GB a month
Posted 19-May-2017 14:51


2degrees tips into profit after seven lean years
Posted 19-May-2017 09:47


2degrees growth story continues
Posted 17-May-2017 15:25


Symantec Blocks 22 Million Attempted WannaCry Ransomware Attacks Globally
Posted 17-May-2017 12:41


HPE Unveils Computer Built for the Era of Big Data
Posted 17-May-2017 12:39


Samsung Galaxy S8 Plus review: Beautiful, feature-packed
Posted 16-May-2017 20:14


After ten years of mail pain Spark is done with Yahoo
Posted 15-May-2017 13:12


Warnings from security firms: do not click that link or risk your computer being infected
Posted 15-May-2017 10:11


Pushpay named NZ Hi-Tech Company of the Year 2017
Posted 15-May-2017 09:59


Passive Optical Lan means fibre to the desktop
Posted 12-May-2017 17:09


Finalists Named for 2017 CIO Awards
Posted 11-May-2017 20:00


Exhibition to showcase digital artwork from across the globe
Posted 10-May-2017 18:54


Accelerate 2017 to focus on navigating disruption with a design thinking mindset
Posted 10-May-2017 18:49



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.