Keep it Covered: Wi-Fi Security

Checking office notebooks for any potential software or virus issues is part of my job as an IT engineer. As I was checking the laptop of a close colleague named Marcus (which, for the purpose of anonimity we shall call Dillbert), a unique icon labeled Data 3.5G had caught my attention. Turns out that Dillbert’s new apartment building does not yet have any internet infrastructure so he had to sign up for this service which basically lets his laptop transmit data via GPRS network. For 195 aed (roughly $55) a month, he could surf the web anywhere using a 3.5G wireless data card. The only downside is that the package he chose provides him with data download limit of up to 120mb. Which, for a man of his age, should be enough for him to be able to check his email from time to time.

His first month’s bill was for 25,000 aed ( $7142). 

What the fuck, I thought. That’s ludicruously batshit crazy!

“What the fuck”, I exclaimed. “That’s ludicruously batshit crazy!”

Turns out that someone was able to leech off his connection for some reason, probably by cracking the encryption of his 3.5G card. That, or it just sucks to be him at the moment.

We hear loads of stories like this. A person opens his window pane, turns on his laptop’s wi-fi card, and basks in the chockful amount of delicious bandwidth and invisible data streming through his room from the neighbors’. It’s not that these people make a concious decision to become leechers, but unsecured wireless networks more often than not gives them a hard time not to become leechers.

After hearing Dillbert’s dilemma, I decided to post some ideas that can help ease your mind with your wi-fi’s security standpoint.

1. As unnecessary to point out as it may be, use a password. And a strong one at that. A sufficiently strong password which comprises of numbers and letters, both uppercase and lowercase, will most likely make password cracking impossible. Regularly changing your password is as good as choosing a strong one.

2. Create a low-brow SSID. Ok, this one’s not sure to provide “real” security. But a network name such as WebofOblivion, Ladiesman217 or DunEvenThinkAboutIt will make any leecher think twice before trying to connect. On the other hand, boring SSID names such as linksys, Netgear, or default, are most likely to become bandwidth-rape fodder because the people who don’t bother thinking of clever names for their home networks are the same people who don’t bother to password-protect them.

3. Use WPA instead of WEP. WEP is not exactly “good” encryption. With freely downloadable hack tools such as airsnort or aircrack, and some good determination, WEP-protected wireless signals can be easily “sniffed” and security on that network can be cracked in a matter of minutes. WPA is the current, common encryption standard you should probably be using — though, of course, you should use something stronger as soon as it becomes available. 

4.  Restrict access by MAC address. Against expert wireless network hackers, MAC address restriction doesn’t provide real protection but restricting the MAC addresses allowed to connect to the network helps ensure you are not one of the “palatable free connection” that people prefer to attack. 

5. Shut down your network when not in use. If your network is not the sort that needs to run on a 24/7 basis, then you can reduce the availability of it to security crackers by turning it off when it isn’t in use. Unlike with hiding your SSID, turning off your wireless gateway provides the highest level of stealth.

6. Keep it covered. Make sure you have a good firewall running on both the wireless gateway and your laptop. Make sure you turn off unneeded services, especially on Windows where there are loads of unneeded network services that are surprisingly active by default.

7. Delete your network in wireless preferred network list. Say your next-door neighbor paid you a visit and had to connect to your wi-fi to show you some cool videos showing two girls and what appears to be some sort of a bowl, do not forget to remove your wireless network under his Preferred Network list. Windows XP and Vista tends to keep a cache of all the wireless networks the computer has connected to so it can connect to them automatically next time. Here’s how:

• In the Control Panel classic view, open Network Connections.
• Right-click on Wireless Network Connection then select Properties.
• Go to the Wireless Networks tab and delete your network name in the list of Preferred Networks.

Yes, my home network name is King Chawla. For I am KING! Of, well, nothing.

And there you have it. These tips will surely lessen the likelihood of a wi-fi attack on your wireless network. Or, if you’re the one doing the “mooching off”, then pray that the karmic balance always be on your side. Oh, and don’t forget to read this article regarding a dude who thought driving to a neighbor’s house every night is wiser than paying for his own internet connection.