54
Appendix B: Wireless Security
Maximizing Wireless Security
Wireless-G Broadband Router
Active Attacks
Hackers use Active Attacks for three purposes: 1) stealing data, 2) using your network, and 3) modifying your
network so it's easier to hack in the next time.
In an Active Attack, the hacker has gained access to all of your network settings (SSID, WEP keys, etc.) and is in
your network. Once in your wireless network, the hacker has access to all open resources and transmitted data
on the network. In addition, if the wireless network's access point is connected to a switch, the hacker will also
have access to data in the wired network.
Further, spammers can use your Internet connection and your ISP's mail server to send tens of thousands of e-
mails from your network without your knowledge.
Lastly, the hacker could make hacking into your network even easier by changing or removing safeguards such
as MAC address filters and WEP encryption. He can even steal passwords and user names for the next time he
wants to hack in.
Dictionary-Building or Table Attacks
Dictionary-building, or Table attacks, is a method of gaining network settings (SSID, WEP keys, etc.) by analyzing
about a day's worth of network traffic, mostly in the case of business networks. Over time, the hacker can build
up a table of network data and be able to decrypt all of your wireless transmissions. This type of attack is more
effective with networks that transmit more data, such as businesses.
Man-in-the-Middle Attacks
A hacker doesn't need to log into your network as a user - he can appear as one of the network's own access
points, setting himself up as the man-in-the-middle. To do this, the hacker simply needs to rig an access point
with your network's settings and send out a stronger signal that your access point. In this way, some of your
network's PCs may associate with this rogue access point, not knowing the difference, and may begin sending
data through it and to this hacker.
The trade-off for the convenience and flexibility wireless networking provides is the possibility of being hacked
into through one of the methods described here. With wireless networks, even with WEP encryption, open to the
persistent hacker, how can you protect your data? The following section will tell you how to do just that.
Maximizing Wireless SecuritySecurity experts will all tell you the same thing: Nothing is guaranteed. No technology is secure by itself. An
unfortunate axiom is that building the better mousetrap can often create a better mouse. This is why, in the