|
|
10 Things to Ponder Before Moving Your Office Network
Moving the office network? How hard could it be? Anybody who's ever moved the office network knows the risks and challenges associated with this colossal task. This mighty endeavour is not merely a case of logging-off, shutting down and pulling the...
Information Technology Degrees
The field of Information Technology encompasses several specific disciplines, including Web Development, Network Administration, and Database Administration. Information Technology has become a necessary department in most businesses today due to...
Internetworking Overview
Internetworking:
Internetworking involves connecting two or more computer
network with some sort of routing device to exchange traffic
back and froth, and to guide traffic on the correct path across
the complete network to their destination...
Keeping your pc healthy at little or no cost
Protect Your PC
Having problems with your pc?
Do your kids, family or friends fill it with all the stuff they find on the internet?
Your computer, just like your car, needs to be serviced regularly to keep it running efficiently. You...
Why Blog?
Why Blog?
Blog, blog, blog. What the heck is it anyway? Does it ribbit?
Oink? Croak? One more torturous gadget I have no time for?
Entertainment? Work? Solitaire? What's in it for me?
If this sounds like you this new year, you're in a...
|
|
|
|
|
|
|
|
Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking
Airport Menace: The Wireless Peeping Tom
----------------------------------------
As a network security consultant, I travel quite frequently. At times, it seems like the airport is my second home. I actually like to fly, it's a moment in time where no one can reach me by e-mail, or mobile phone.
It never fails that something interesting happens to me at the airport. I've even met some famous people during my travels. A few months ago, I ran into Frank Bielec, from the TLC show, Trading Spaces. But one of my favorite things to do at the airport is browse the wireless Ethernet waves. I'm never really surprised at what I find. I'm just glad I know more about wireless Ethernet than the average road warrior.
The Dangers Of Ad-Hoc Wireless Networking
-----------------------------------------
Most people who have wireless Ethernet at home, or the office, connect to the wireless network by attaching to a wireless Access Point, or AP. This method of wireless networking is called "Infrastructure Mode". If you have a secure wireless network configured in "Infrastructure Mode" you are using MAC address filtering, some level of encryption, and have made some additional changes to your AP in order to prevent just anyone from using it or capturing data. For more information on configuring your "Infrastructure Mode" wireless network take a look at the "Wireless Network Security" page at Defending The Net.
However, for those who are not using "Infrastructure Mode", and are configured to communicate from machine to machine, or "Ad-Hoc", there are a few things you should be aware of.
A wireless Ad-Hoc network allows you to communicate with other wireless Ethernet systems without using a wireless access point. It's kind of a peer to peer configuration and it works rather well. The problem is, most people just set it up, and forget about it. At home, it's not a huge problem, but when your on the road, it could cause you a great deal of grief. The airport is probably the best place to find Ad-Hoc networks. Business men and women, delayed once again, power up their laptops and get to work completing the days tasks, or planning tomorrows agendas.
I can't tell you how many systems I find in the airport configured this way. Not just in the terminal, but on the plane. About three months ago, just after we reached cruising altitude and were allowed to use our "approved electronic devices", I found that the gentleman two seats up from me had a laptop configured as Ad-Hoc. He walked by me about ten minutes later and commented on how much he liked my laptop. I thanked him, and asked if his laptop was on, and configured to use wireless Ethernet, he said yes.
To make a long story short, I showed him that I could see his laptops wireless Ethernet and informed him of the danger. He asked me if I could access his hard drive, and I told him that it might be possible. He asked me to see if I could, so I obliged. After configuring my laptop to use the same IP address class as his, and typing "net use * hiscomputersIPAddressc$ "" /USER:administrator", I received a notice that the connection was successful and drive Z: was now mapped to his computer. I performed a directory listing of his hard drive and the guy almost had a heart attack!
After this, he moved up to the seat next to mine and we spent the next hour or so configuring his laptop securely, starting with securing his computers
local administrator account. At one point during the configuration, he made the statement that I got real lucky because his local admin account did not have a password. My response to him was, I get lucky quite often.
Who Else Has Your Client List
-----------------------------
Just think of the possibilities. What do you have to lose if someone is able to just peruse the files and data on your laptop? Do you maintain your customer list on your laptop (Do you want this in the hands of a competitor)? How about your personal finances (Identity theft ring a bell)? So many people I talk to initially say, "I really don't have anything of great importance on this system". Then they think a little bit and start rattling of things they never really thought about before. All of a sudden, they get concerned.
The fact is, whether it be "Infrastructure Mode", or "Ad-Hoc" wireless Ethernet communications, if not properly configured and secured, can pose a significant risk. There are thousands of articles on the Internet about the dangers of improperly configured wireless networks, yet the number of unsecured networks seems to be getting greater, not less. Strength And Posture Does Reduce Your Risks
-------------------------------------------
Keep in mind that your objective should be to reduce the chances that you will become a target for computer compromise. When I was growing up in South Philadelphia, I remember my father telling me that when you walk down the street, especially in the evening, to walk tall, and project a position of strength and authority. Why, because thugs typically pick out those who look like an easy target. The same thing goes for computer security. Reduce the risks of becoming a target buy configuring your system with a strong security policy.
When I perform security assessments, I create a list of potential targets, and potential methods of compromise. I then prioritize that list by which system, with a particular vulnerability, may be easiest to compromise. Those at the bottom of the list typically never come on my radar screen; the best scenario it to keep of the radar altogether.
Conclusion
----------
If your are using wireless Ethernet, no matter what configuration, follow a few rules and keep yourself secure against most common types of compromise.
1. Above all, make sure all your user accounts have strong passwords, especially those that have administrative control over your system;
2. Configure your wireless network to use some sort of encryption. I know there is a lot of concern about the "crackability" of WEP, but if this is all you have to work with, and then use it. It is still helpful;
3. If possible, use MAC addresses filtering to restrict unwanted systems from attaching to your wireless network;
4. Make sure the firmware for your AP's and wireless Ethernet cards are up to date. These updates can be found on your card or AP's support site.
Remember, if you are compromised over your wireless network it can be near impossible to track down where the attack came from. Worse yet, think about how many systems become compromised, and no one ever knows it?
About the Author
Darren Miller is an Information Security Consultant with over sixteen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals. Darren is a staff writer for www.defendingthenet.com and several other e-zines.
|
|
|
|
|
Computer networking - Wikipedia, the free encyclopedia |
Network cards such as this one can transmit data at high rates over Ethernet cables. ... Computer networking is sometimes considered a sub-discipline of ... |
en.wikipedia.org |
  |
Social network - Wikipedia, the free encyclopedia |
Social network analysis (related to network theory) has emerged as a key ... Social networking also refers to a category of Internet applications to help ... |
en.wikipedia.org |
  |
Networking on the Network |
Here, then, are some of the fundamentals of professional networking. ... Asking advice from the people in your network is part of the process. ... |
polaris.gseis.ucla.edu |
  |
Computer Networking - Wireless Networks - Home and Wireless ... |
Site offers coverage of computer network technology in basic networks, VPN, Web servers, Intranets and Extranets, tutorials, and troubleshooting. |
compnetworking.about.com |
  |
ITtoolbox Networking Knowledge Base |
A networking community for IT professionals. Focusing on connectivity, network management, network operating systems, security, and other aspects of ... |
networking.ittoolbox.com |
  |
Howstuffworks "How Home Networking Works" |
How home networking works and the different methods to create a home network. |
www.howstuffworks.com |
  |
SmallNetBuilder |
SmallNetBuilder provides networking and IT news, reviews, help and information for professional and "prosumer" SOHO and SMB users. |
www.smallnetbuilder.com |
  |
Network Computing - Computer Networking, Network Security and ... |
Network Computing - Computer Networking, Network Security & Management news. Enterprise product reviews, comparisons and analysis built by IT professionals ... |
www.networkcomputing.com |
  |
CareerJournal | Career Networking - Professional Network ... |
Professional Network - Career networking news and advice from The Wall Street ... Networking tips that will help you advance your job search or career. |
www.careerjournal.com |
  |
Trail: Custom Networking (The Java™ Tutorials) |
The first describes the networking capabilities of the Java platform that you ... The second provides a brief overview of networking to familiarize you with ... |
java.sun.com |
  |
Windows Server 2003, Longhorn Server & Vista Networking Articles |
Features a wealth of tutorials on various Windows networking related topics such as setting up Windows NT/XP/2000/2003 networks, troubleshooting, ... |
www.windowsnetworking.com |
  |
IBM Networking | IBM Networking |
The era of e-business on demand requires superlative networking capability. ... IBM Networking Services provides e-business solutions anywhere in the ... |
www.networking.ibm.com |
  |
Computerworld - Networking - Voip - Bluetooth - Firewall - Wireless |
Computerworld, the 'Voice of IT Management' is your information source for computer networking. Access up to date information on LAN/WAN, hardware/devices, ... |
www.computerworld.com |
  |
HP Networking products and solutions |
HP ProLiant networking products provide high-powered, simple solutions for enterprise, business, or home networking environments, including ProLiant and ... |
www.hp.com |
  |
Monster: Networking |
Networking Networking Timeline. Networking Timeline · Making New Contacts · How to Set Up and Run an Informational Interview · Nurturing and Keeping ... |
content.monster.com |
  |
Access | CNET News.com |
Phone company shrugs off competition concerns over Verizon's Fios network, saying existing copper is doing the bandwidth trick. ... |
news.com.com |
  |
Network Management: Covering today's Network topics |
Find the latest information on Network Management, Network Security, Network Design and more. |
searchnetworking.techtarget.com |
  |
cisco networking academy program |
cisco.netacad.net/ - 1k - Cached - Similar pages |
|
  |
Networking and Your Job Search: The Riley Guide |
Networking starts long before a job search, and you probably don't even realize you are doing it. ... In Terms of a Job Search, Networking is the way to Go! ... |
www.rileyguide.com |
  |
NetworkWorld.com |
Networking news, reviews, opinions and forums from the Leader in Network Knowledge. |
www.networkworld.com |
  |
|