WIRELESS PIRATES

Recently I had the pleasure of being a passenger in a friend’s car. We were touring the city (Jerusalem) on the way to a wonderful village on the outskirts – Ein Kerem. That’s another story; I’m not a good tour guide.

Having seen all the sites on the way many times, I had my laptop out. I started playing with my laptop’s built in wireless network detector. This nifty little feature, as users of wireless networks know, scans the area for networks you can connect to, and lets you connect to the network, if possible.

While setting up a wireless network is easier today than ever, it’s not the type of thing a computer novice is likely to try on his or her own as it requires at least some degree of technical awareness.

One could assume that people who have set up their own wireless networks would be among the users of anti-virus and other security programs. They are almost certainly among those who avoid opening e-mail attachments, who check downloads for viruses, and set up firewalls to keep out unwanted intruders.

Since most of the people in the apartment building in which I live have two or more computers, we set up a wireless network for the whole building. We’ve taken all of the precautions below.

But most people’s concerns over security stops at the entrance to their hard drive, it seems. Wherever we were driving, whether in the middle of a city or through small villages, wireless network after wireless network appeared in my available network list.

Nearly all of them were unprotected — meaning that anyone who wanted could access the Internet from that network — not to mention hack their way into other computers on the network if they knew what they were doing!

I wanted to stop the car and shout, “Hey, Starman, Bakeshet, CentralOffice, Magav 16” – just a few of the network names that appeared on my list – “You’re sitting ducks! Turn on your security system!”

Although I don’t want to alert any crooks to the free wireless they can get just for the searching, I know I can trust my high class honest readership with this little statistic — would you believe that more than four out of five networks I found on my journey were unprotected, allowing anyone with the ethical temerity to wire themselves up?

Driving around town and searching for network bandwidth to steal has become a popular pastime among some who have dubbed it “wardriving” with some wardrivers even “warchalking” to indicate where they have found free access.

Finding these networks is simply a matter of doing a manual search with the software that came with your wireless connection, or you can download NetStumbler ,a free tool that will beep and blink whenever a wireless network is in range, and let you know which ones are unprotected to boot.

There are also “freestanding” devices, such as Smart ID Technology’s WiFi Trekker, which will light up when it gets in range of a network.

Now, I am not talking about truly free wireless access points, such as the one in downtown Jerusalem or the one at Ben Gurion Airport, among the many new ones being added on a regular basis. There’s nothing wrong with those, or with wardriving to discover those kinds of networks.

But connecting to a wireless network obviously not meant for public access has become a major problem and it’s not just a matter of “being cheap” or wanting to keep the hoi polloi off your network just because you’re a snob.

In the worst case, unauthorized users sneaking onto your network might be hackers who steal data or spread viruses. At the very least, extra unwanted users on your network can slow you down, spreading your network resources thinner than you can afford.
You don’t want that, and you don’t have to put up with it.

Your most basic defense is built right into your wireless router. WEP, Wired Equivalent Privacy, will help you at least partially encrypt your data as it is sent to and from your computer to your router. You can only hook into a network by providing a password. WEP is good enough to stop average users, so the neighbor down the block who is looking for freebies will probably back off trying.

However, there are tools to break encryption codes that hackers can use, similar to password hacking programs for regular LAN systems. Wireless users are at a distinct disadvantage, because while hackers need physical access to a wired network to search for passwords and codes, all they need is patience to get your encrypted access codes.

One way to improve the effectiveness of WEP is to change your password/encryption key frequently. Setting up a new key once a week will discourage hackers who do manage to break through your WEP. If the key they discovered works just once, they may just give up and move on to easier targets.

Another useful tool I came across is MyWiFiZone, a free download that will throw up another layer of defense to keep nudniks out. MyWiFiZone only allows selected users to get onto your network, requiring authentication of users by IP address and/or MAC (hardware) address for authentication.

Without that, users get a redirect page telling them they’ve been banned (install it on a wired computer and follow the configuration information carefully in order to get it to work properly).

The program puts approved PCs on a “white list,” members of which are allowed exclusively onto the network – so if bad guys aren’t on the list, having the WEP code won’t help them.

Even though you can’t see them or feel them, the networking “freeloaders” will stop at nothing to get at your network resources. Don’t make it easy for them.

Dennis Turner