Powerlist: War Driving & Securing Your Airport Network

Posted by:
Date: Sunday, March 24th, 2002, 22:08
Category: Archive

This excellent thread from the Powerlist has some insight on the (popular) topic of securing Airport networks. I was reminded of it after reading an article in the Philadelphia Inquirer (“Drive-by hackers hunt free, easy Web access“) about how one guy has assembled a list of “hundreds” of open 802.11b access points in the region. Take some caution and make sure your AP or LAN isn’t listed NetStumbler – unless, of course, you want it to be.


This excellent thread from the Powerlist has some insight on the (popular) topic of securing Airport networks. I was reminded of it after reading an article in the Philadelphia Inquirer (“Drive-by hackers hunt free, easy Web access“) about how one guy has assembled a list of “hundreds” of open 802.11b access points in the region. Take some precaution and make sure your AP or LAN isn’t listed on NetStumbler – unless, of course, you want it to be.

Subject: RE: X driver for Lucent card
Date: Tue, 19 Mar 2002 23:24:20 -0500

Here’s a good article from the latest PCMag about the risks involved in wireless networks and some methods to protect yourself: http://www.pcmag.com/article/0,2997,s=1479&a=23839,00.asp It’s actually a very good read. Joe

===============

Subject: RE: X driver for Lucent card
Date: Tue, 19 Mar 2002 16:54:18 -0000

That worked!! The one thing that was missing was having the Network ID as ”default”. There was a category on the Barricade setup page called ”wireless” that I had never seen before. For some reason, it wasn’t necessary to do all that when I was running OS9 on the PowerBook. Guess it does matter for X. Copying that setting worked like magic.

Anyway, both Internet access and File Sharing are working perfectly now.

Sorry, but I don’t know what the “Network Equivalent Key” is.

Apparently it doesn’t matter. I left it blank and everything’s happy.

Just a small word of caution – using the default network name and no encryption (which is what that “network equivalent key” is about – it’s effectively the password for an encrypted network), your network is open to anyone that drives by with an 802.11b-capable laptop. So anyone with an Airport-equipped Mac or a PC with WiFi (built in or added on) could access your network and either dig around on your machines or use your Internet bandwidth. Not a big risk if you live in the sticks, but in a big city it may pay to be more careful.

At the very least, change the network name to something obscure, and (if the option is available on the SMC) make it a ‘private’, ‘hidden’ or ‘closed’ network – the terminology varies, but basically the network will no longer advertise its name loudly to all comers. That way, you have to know the name to connect.

Being involved in network security, I’ve become a bit of a paranoid android. My Airport network is hidden, has a strange name, uses 128-bit encryption and has an access list so only known Airport cards can connect. That wasn’t hard to set up with an Airport Base station and the Apple admin software, but I’m not sure about the SMC.

The sport of ‘war driving’ or ‘parking-lot surfing’, tooling around looking for open wireless networks, is still pretty new – but so was hacking a few years ago…

Kia ora, Ross

Recent Posts

Comments are closed.