Favorite Security Tools for Wireless Security

Fyodor, a well-known white hat and author of the port-scanner nmap has for several years taken a poll of the best network security tools. He lists the top 100 on his site SecTools.org. Some are free and some are commercial. They deal with all aspects of computer security.

Here is his site's list of the best tools in the wireless network security category.

1. Kismet (& Kismac for Mac's): Kismet identifies networks by passively watching wireless network traffic. It will even identify hidden networks.
2. NetStumbler: NetStumbler finds open wireless access points. There is also a WinCE version for PDAs named Ministumbler. It is similar to Kismet but is a more active tool.
3. AirCrack: Aircrack is a suite of tools for WEP and WPA cracking. The suite includes Airodump (an 802.11 packet capture program), Aireplay (an 802.11 packet injection program), Aircrack (static WEP and WPA-PSK cracking), and Airdecap (decrypts WEP/WPA capture files). The real meat of this suite is the ability to crack passwords.
4. AirSnort: AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It passively monitors transmissions, and computes wireless encryption keys when enough packets have been captured.

We'll cover our recommendations to build your own security tool kit using these as well as other free computer security software, in a later update.

Remember that hackers are already using these tools, so you'd be wise to use them against your own network before someone else does. They may not have your best interests in mind.

The TJX Debacle and your customers

By now everyone has heard of the data breach at TJX, and how millions of records were compromised (45.7 Million is the going estimate, but could be as high as 200 Million). These records were stolen over a period ranging from 1 year to 4 years.

A lot of the criticism that TJX has taken has not just been about the breach itself, but about how they had no monitoring in place that would alerted them of the breach in their wireless network security.

If you have a business, you need to protect your customers' data. If you're not really sure about the quality of your wireless LAN security, keep this in mind: A recent article says that 1 in 5 of those surveyed who received a notice stating that their personal information had been lost in the previous 12 months had “discontinued” their relationship with the company involved. And, another 40% said they were thinking about doing the same thing.

We'll be discussing ways to test and monitor your wireless network utilizing free computer security software, and how to make your own network security tool kit, in the coming months.

Wireless (Wi-Fi) Networks Increase the Challenges of Internet Security

Like so many technologies before it, wireless TCP/IP networks (especially WiFi/802.11 networks) were implemented and marketed without much consideration for the increased computer security risks that broadcasting your network traffic to the world might entail.

As any code-breaker knows, one of the best ways to reverse engineer coded messages is to compare lots of these messages to find common patterns. Early WiFi security, specifically WEP encryption, fell to this well known technique, because it re-used encryption keys. As any spy worth his martini and Aston Martin knows, you should never reuse your encryption keys if you want to keep your secrets safe.

Yet, WEP did exactly this, so a patient hacker needs only to listen in on your WEP traffic long enough to discover the (reused) encryption keys. At least WEP prevents casual computer users with no expertise from logging into your network by simply posting up close enough to your base station to detect your WiFi signal. Just add a Pringles potato chip can to your setup, and you can detect Wifi signals hundreds of meters from the source. That's not a problem in any urban (and most suburban) areas.

In short, wireless networks have only increased the challenges of internet security by introducing a huge "back door" into your network. No longer do hackers need physical access to your network to steal your secrets. Nor do they have to defeat a well-secured firewall. Now, they can simply eavesdrop on network traffic beamed out into the ether by your new unsecured WiFi base station.

Over the next few weeks, we'll look closely at the different ways you can reduce computer security risks by implementing basic wireless internet security techniques. Stay tuned, or grab our RSS feed.

Wireless security

Wikipedia reminds us, in the entry for Wireless security, that for typical computer users:

there are a great number of security risks associated with the current wireless protocols, encryption methods, and in the carelessness and ignorance that exists at the user and corporate IT level.

It's not hopeless, though. Review the steps in securing a wireless network to get started on locking down your WiFi network.

Wireless Router and Internet Security: Simple steps for privacy and security

As this article on wireless internet security recommends,

If you are using a wireless router for broadband internet, you MUST secure your connection.

The article, at JustText.com, also offers great tips on:

• Routers
• Firewalls
• Encryption
• Remote Access
• Wireless Internet Security
  

Welcome to the Secure My Wireless blog

We post best practices for securing wireless (typically, WiFi or 802.11) networks, and tips on how to stay safe.