Saturday, December 10, 2011

Is your WiFi secure? Odds are not in your favor.

  Over the past decade we have seen large advancements in WiFi security, yet there are still a large amount of computer users that aren't taking advantage of these necessary changes. Also contrary to some belief, companies such as cable providers who set up the hardware, do not secure it for you.  As a courtesy to my clients, I always check their wireless network setup to make sure it's secure, and I would say approximately one out of every three networks are easily accessed by intruders.  Possibly more disturbing than that, is nearly 100% of the time, someone within range has either a network with no security, or easily bypassed methods such as "WEP" or "MAC Address Filtering".   So I'd thought I'd share with you why and how to properly secure your wireless network.  If you are afraid to take this task on by yourself, I do offer remote support and house calls within 30 miles of White Lake, MI.

Two Steps To Determine If Your Wireless Network Is Secure (Windows 7)
  1. Check the encryption method: Left-click the wireless connection icon near your computers clock on the taskbar, it looks like signal bars on a cell phone, then right click on the wireless network you're connected to, select "Properties".  If "Encryption Type" is anything other than "AES", you do not have a secure wireless network.
  2. Check password strength: On the same window, check the box that says "Show Characters", Windows may pop up a window to authorize the change.  The password must be over 20 characters in length, and contain both numbers, letters and some special characters such as commas, parenthesis, periods, etc..., if it does not, you do not have a secure wireless network.
Why should you be concerned about having a secure network?
  I know some of you may be thinking, "I trust my neighbors", or "I  don't have anything anyone wants anyway". Well I have one word for you, "Wardriving".  If you haven't heard of it, people actually drive around towns, looking for unsecured networks.  Once they have access, they can do a number of malicious activities such as
  • Copying and/or deleting shared files from your hard drive, photos, resumes, personal information, internet history.
  • Intercepting your passwords as you log into your online accounts (facebook, banks, e-mail)
  • Stealing bandwidth which in turn, slows down your internet.
  • Using your internet for illegal activities such as downloading pirated music and movies, which you could be held responsible for.
"My brother/friend/salesman/says my current setup is fine".
I've heard a few people insist their networks were safe, so I was happy to demonstrate how they were misinformed.  The important thing here is that you don't need to know much about computers to crack these methods, there are programs out there that automate nearly the entire process!  These are some standard scenarios with the type of security, and how soon an amateur hacker can gain access.

  • Open Network (No Security): ~5 Seconds
  • Mac Filtering:  add 15 Seconds to all methods
  • WEP 64-Bit: 60 seconds or less
  • WEP 128-Bit: 20 seconds to 5 minutes
  • WPA (TKIP): 15 to 20 minutes (Pro Hacker) | 7-12 Hours (amateur via bruteforce) 
  • WPA2 Personal: Very secure network, no records of outside hackers being able to crack when passwords are strong.
So how do you make sure you're secure?
It all comes down to two things, using WPA2(AES) encryption to prevent the code crackers, and a 20+ character strong password/key to prevent the bruteforce hackers.  Check your routers manual to make sure it supports WPA2 with AES, if it doesn't, it's time to upgrade.