Placement of your wireless access points is the first layer of security for your wireless network. If your wireless access points can be physically touched by a passerby you have major problems.

The easiest way to hack a wireless access point is walk up to it and press the reset button. This will make it default back to an open network and poof you have keys to the kingdom

When placing your wireless access point the only thing you should be able to see is maybe the antenna. You can purchase access point antennas that look like ceiling panels or fire alarms.

If a hacker is in your building probing your wireless network he is going to look for access points. If he can determine the make and model of your access point he can search the Internet for default passwords and vulnerabilities for that access point.

Finally when placing your wireless antennas outdoors try and make them blend into the building as much as possible. You should use a wireless directional antenna that is flat against a wall rather than a Yagi antenna which screams look at me.

Wireless access points can be hacked in 20 seconds or less if they are mounted in the wrong place. The most secure wireless network is the one nobody knows about.

It’s common nowadays to see people sitting in a park and computing, or at their local Starbucks, tapping away on their keyboards. At home, people are taking advantage of the freedom from cables and wires that a wireless network brings.

But along with that freedom come dangers. After all, wireless is really just radio waves, which don’t just go between your laptop and your network, they go all over the place, just waiting to be plucked from the ether by someone with just the right device and bad intentions.

This Special Report covers home users. Small Businesses face increased risks that come with an increased number of users with increased access to the businesses’ hardware.

The dangers fall into 2 categories – Data Security and Bandwidth Stealing both of which can be solved with the same steps.

At first there was only one provision for restricting wireless access, WEP (Wireless Equivalent Privacy). WEP, however, has many vulnerabilities

Now there’s also WAP (Wireless Application Protocol), which is newer technology and more secure, if you follow the basic steps.

As with almost any technology, the landscape is always changing. New security systems challenge the hackers. They respond with new hacks, which are respsponded to with new security. It’s a never-ending dance.

However, by taking the following simple steps you will greatly reduce your vulnerability, at least for now. Consult the documentation that came with your wireless network hardware and software to see exactly how to implement these steps.

1. Don’t use the default Administrator Password

   This is the most-often ignored and most basic step. Your Wireless Access Point is shipped with either a default administrative password, or no password at all. Be sure to change this before you you use your WAP for the first time. It should be a password that you will not forget, but would not be easy to guess.

   One easy trick is to substitute numbers for letters, for instance the number 3 for the letter E, and the number 7 for the letter T. So the word “gadget” becomes gadg37. Of course you will want a longer password, because the longer the password, the harder to crack. And remember to use boh UPPER and lower case.

   Most of the default administrative passwords are well known to the hackers. After all, all they would have to do is check the default password on THEIR wireless devices!

2. Replace your default WAP’s SSID

   Your Wireless Access Point will have an SSID – a “name” that was given to it at the factory, typically “Linksys” or “default.” Obviously, these are well known in the hacker community, and the fact that most wireless networks have never had this ID changed makes them more vulnerable.

3. Stop Broadcasting Your SSID!

   By their very nature, wireless networks broadcast their availability so that wireless cards in devices can find them. But just because it broadcasts it’s presence does NOT mean it has to also broadcast it’s SSID. For a hacker to connect to your network, he has to know your SSID. There’s no sense in just giving it to him!

4. Encrypt your transmissions

   Right out of the box, your wireless network will send your data completely unencrypted. That means that hackers can capture your data and easily read it. Older networking hardware uses WEP 128-bit encryption when enabled, but newer WPA encryption, now built into most hardware is far superior. It should be required on all your wireless computers and devices.

   WPA (Wi-Fi Protected Access) encryption, which includes both scrambling and authentication is much more secure than WEP.

   All your wireless computers should use MAC Addressing
   MAC (Media Accessing Control NOT a MacIntosh computer) is an unique hardware address you should assign to your wireless computers so that your Wireless Access Point will only allow these specific computers to connect to your wireless network.

   To find your computer’s MAC address, click Start>>Run. In the Open box, type CMD and click OK. At the prompt, type IPCONFIG /ALL and press Enter. Scroll down and write down what is listed as “Physical Address.” It will be something like 00-00-00-00-00-00.

   Enter this address in your router’s management program. This won’t keep determined hackers out, but it makes things more difficult. It might be enough to encourage them to go elsewhere.

5. Keep your network and computers updated

   As with any software, your Wireless Access Point manufacturer will update the drivers and software to close vulnerabilities and improve performance. By keeping up to date you can stay ahead of the hackers.

6. Can you use secure connections?

   Nowadays may ISPs will provide SSL and other secure services. Check with your ISP and use these services where available.

7. Keep your Operating System and Security Software up to date and patched

   Your security software includes anti-virus, anti-spyware, anti-adware and anti-Browser Helper Object software up to date, as well as keeping your Operating Software patched.

8. Remember that public hotspots are NOT Secure

   Whenever you are using a public hotspot, be aware that you are extra vulnerable. Try to NOT do your banking or other critical computing at public hotspots. You are much better off connecting over a dialup connection than in an insecure environment.

© Steve Freedman, Archer Strategic Alliances, 2005 All Rights Reserved

Wireless access point scanning software can mean one or two Things. first it could mean that you are trying to find wireless access points on a LAN to find their IP address. This can be used when you start a new job and you want to get a quick handle on if any one has wireless access points on the LAN and to find their IP addresses. You can down load wireless access point scanning software from the wireless AP’s manufacture or generic versions off the internet. As a wireless administrator you really want to have you wireless access points with static IP addresses so you can find them when you need them.

The second kind of wireless access point scanning software is for discovering the actual wireless signal radiating from the AP. Now this is often referred to as war driving software.

Examples of Wireless access point scanning software are:

Netstumbler: Netstumbler will scan for radio beacons from wireless access points and tell you their names, MAC address, SSID and if they are locked or not. This type of software is very easy to use. All this software will do is tell you the above information and signal strength

Kismet and Airsnort – These fall into the wireless “sniffers” category, which are used to collect packets from wireless transmissions. If enough packets are colleted then a hacker can eventually crack the encryption key. The collection of packets is a very time consuming process, which could take days or even months. After all the packets are collected then encryption cracking software will take over and start the cracking process.

Wireless access point scanning software falls into those two categories LAN and wireless discovery. If you wish for your wireless network to be protected you can also use these same programs as an IDS ( Intrusion Detection System). The most secure wireless network is the one nobody knows about.

Wireless access points can function in three different types of modes: root, repeater and bridge.

Root Mode – This is the most common type of mode where multiple users access the access point at once like a hotspot. In root mode users with laptops or PDA’s can access the internet to watch videos of the Torino games or just to check email. On a side note, there is a difference between being a mobile user and a roaming user. A mobile user stays connected to one wireless access point. A roaming user moves from access point cell to another access point cell. I point this out because of the extra load on the access point.

Repeater – Repeater mode is used when you want to extend your signal beyond it’s current limits. You need to place the repeater access point with in the range of your current root access point. It must be close enough to the root access point so that the repeater is repeating a strong signal not a weak signal. If you end up repeating the weak signal you will not be able to watch the olympic Torino games.

Bridge – Bridging acts as a wireless wire. Two access points in bridge mode will only talk to each other, No other clients will be able to access them. Bridging is useful when connecting two buildings or large temporary locations when laying laying wire isn’t cost effective.

To set up a wireless bridge you will have two access points and two directional antennas. Depending on the distance, you will use volt meters or manufacture’s software to aim the access points. Prior to doing this you will have to enter the MAC address of each access point so they know who to line up with.

Mounting your antennas properly is one one of the most important things. If you mount your antenna on your roof make sure it is connected to a stud. Take into account that wind is a factor when aligning antennas. You could gave a great signal on a non windy day and no signal on a windy / snowy day. Picking the proper wind rated antenna and proper tower or mounting brackets are the key to bridging.

So when you purchase a wireless access point you are actually purchasing three types of wireless connectivity: Root / Hot spot used to connect multiple mobile clients at once, Repeater which is used to extend the signal of another access point. The last mode we talked about was wireless bridging which is another way saying wirleless wire.

One of the cheapest but most reliable wireless access points I have used is the linksys WAP54g. I have installed this in homes , small offices and schools. 15-20 people can access them at a time and they hardly ever break down. The WAP54g comes with all the latest security features including WPA2 with AES encryption. If you are new to installing wireless access points then you also can take advantage of linksys kickass tech support.

Join the most popular wireless networking news letter on the internet http://www.wirelessninja.com Check out the Wireless Ninja certified access points like the WAP54g http://wirelessninja.com/?page_id=8

I have installed the WAP54G wireless access point since its release and found it a great access point to work with. I have installed the WAP54G wireless access point in small offices, large warehouses, schools and office buildings. Companies like the WAP54 so much because first it’s cheap and second it’s cheap.If you have the money you will always want to purchase enterprise class wireless access points. They are sturdier and have many more power and antenna features that the WPA54G wireless access point.If you don’t have the money and need a wireless network the WAP54g is the most versatile and cheapest access point you can buy on the market. Cheap does come with Quarks and over the years I have noticed many which I will list here.

1. Firmware – Before you start configuring your wireless access points upgrade the firmware first to avoid head aches. WAP54g’s will work 100 times better if you have the correct firmware version installed. Linksys is very good at fixing bugs and if they have a more recent firmware version out you better install it. If you don’t have the most up to date firmware and plan on using WPA2 with AES you will have problems.

2. Power Cycling – A common problem with all Non- Enterprise class access points is that sometimes they need to be restarted or power cycled. The WAP54g is no exception, if your wireless users are experiencing slow connections or they are not associating with the wireless access point then restart it. It is a quark but it does fix many of the WAP54g’s issues.

3. Less is More – Because the WAP54g is a cheap wireless access point companies will purchase a lot of them (often too many) a place them in a small space. Just like all wireless access points placement is the key to having seamless quality wireless coverage in you operations area. If a company says that its wireless network is slow or they are always losing connections they might have too many wireless access points in a small area. Too many WAP54g in a small area will cause chaos, turn them all off and start placing them in better higher positions one at a time, preferably mounted on the wall.

You will need less wireless access points if you use the correct wireless antenna. The WAP54g comes with two di-pole omni-directional antennas that emit a wireless signal in a doughnut pattern. If you place the WAP54 wireless access point near a wall half of your signal is going out the window. Purchase a directional antenna to replace the rubber duck antennas. You will find that you have a better signal quality and your wireless network will be more secure because nobody can sit in the parking lot and pick up your SSID.

4. Bad Access Points – I due recommend the WAP54g wireless access point but I have run into many lemons. If you install a wireless access point and many people are having problems connecting, after you have upgraded the firmware and upgraded their drivers, You could have a lemon wireless access point. As a network admin you don’t have hours and hours of time to screw with one thing, if everyone connects fine to all the WAP54g’s except for one toss it or return it. WPA54g’s are sensitive to power fluctuations and it could have got zapped, always have it plugged into a surge protector.

Like I have said before the WAP54g is a good cheap wireless access point. When your client is strapped for cash and needs a wireless network use a linksys WAP54. Just remember to upgrade you firmware, power cycle if you are experiencing odd problems, less is more and don’t waste your time on a lemon.

EWG’s have two jobs one is to keep the roaming wireless user connected and second authentication. Use will use a Enterprise wireless gateway in medium to enterprise level work place. Wireless gateways reduce administrative over head my managing wireless access points from a central location. They also reduce security risks by the use of thin wireless access points instead of Fat wireless access points.

Administrator of a wireless network with FAT wireless access points can be a huge cost and high security risk. Each wireless access point carries your wireless network key and can end up being used against you. When deploying a wireless network with FAT wireless access points you need to configure each wireless access point individually. Also if you need to change the form of encryption or authentication you will need to configure each access point one by one. A wireless enterprise gateways will let you configure all or some access points to your needs. This makes your company more dynamic and can adjust its security needs to each situation. If you are having a company meeting and have guest who will need wireless access then you will be able to adjust quickly. Or if you have a perceived wireless attack you can disable wireless access points quickly and efficiently…

When a user roams between two Fat access points there is usually a battle between AP on who is now going to handle this user. With a wireless enterprise gate the third party switch will now act as a traffic cop and tell the AP what to do. This is important because if the user needs a constant connection the slowness of a FAT wireless access point hand off can limit the user ability to work.

Wireless enterprise gateways utilize many security features such as VPN’s which further encrypt wireless traffic. They also use NAPT or Network Address Port Translation which hides the interior clients from everyone else. Wireless encryption gateways like any switch can utilize VLANS or virtual lans which segment the wireless users form the wired users.

Wireless enterprise gateways will reduce security risks and administration. The reduced administration cost combined with flexibility to react to your changing business environment makes the benefits out weigh the cost of the gateway.

Wireless LAN Switches: The Best Solution

There are two types of wireless access points Intelligent (Fat) and Thin wireless Access points. A fat wireless access point has everything it needs to handle wireless clients. A Thin wireless access point is basically a radio and antenna that is controlled by a wireless switch. If you deploy several Fat wireless access points they need to be configured individually. With thin wireless access points the entire configuration takes place at the switch saving you time and money.

Wireless LAN Switches provide many benefits:

Wireless Mobility – Intelligent access aren’t managed in a central location which means there is no third party monitoring the movement of a user. If a user moves to another work area traditional wireless access points have a hard time passing off the user to the new access point. Thin wireless access points are controlled be the wireless LAN switch who will manage the users movement.

Security- Using the wireless LAN switch the administrator can check logs, configure is security settings, make group polices for wireless users all in one spot. Also built in to many wireless LAN switches are RADIUS servers which will give another layer of security on top of your encryption policies. In enterprise wireless networks the administrators biggest fear is rogue wireless access points. Wireless LAN switches can detect when a new wireless access point comes into the area and decide if it is a trusted or non-trusted device.

Placement – Power over Ethernet is another great feature of wireless LAN Switches. Power over Ethernet eliminates the need for an power outlet to be near the wireless access point. This saves your company money by not having to install new power outlets. Also this improves security by not having the wireless access points within easy reach of passerby’s.

If you are deploying a wireless LAN for a company I would be scared if you don’t utilize wireless LAN switches and wireless thin access points. The upfront costs of these products are more but your total cost of ownership will be less than having to administer each wireless access point separately. To sum it up home owners should stick with Fat access points and businesses should use thin.

First thing you need to do is purchase a wireless adapter card with a prism2 chipset. Just go to google and type in linux wireless adapters and track one down.

If you are using a fairly good wireless distro it should pick up the card automatically.

Ok, Now you have the card now what, you plugged it in and look to the bottom write where the Windows XP wireless Icon usually is and find nothing.

There is no Zero config utility with linux, but they do have built in tools to help connect to wireless networks.

Now you need to find the Command line terminal, it usually looks like a window with a shell because it is a shell.

Now let’s test to see if you have your card working. Type in iwlist at the command prompt. If it doesn’t let you, then you might have enter administrator mode.

You can enter administrator mode by typing su at the command prompt. Then you will be asked for the administrator password.

Now type in iwlist at the command prompt. This will give you a ton of tools to work with. Once you have typed in iwlist and nothing happens then you probably don’t have the right card or it’s configured wrong.

Check and make sure you don’t have any other wireless network adapters active and disable them if they are. Also make sure that your wireless adapter is set to start up at boot time. You need to look for your system utilities area..it’s like the Microsoft control panel called Yast.

By the way your wireless adapter should be named wlan0

The iwlist command will give a list of options that look like this:
usage: iwlist [interface] scanning
[interface] frequency
[interface] channel
[interface] bitrate
[interface] rate
[interface] encryption
[interface] key
[interface] power
[interface] txpower
[interface] retry
[interface] ap
[interface] accesspoints
[interface] peers
[interface] event

All of these options can give you various detailed information about surrounding wireless networks.

If you type in iwist scanning it will give a out of all wireless networks available to you with an output like this:
wlan0 Scan completed :
Cell 01 – Address: 00:14:BF:75:31:FD
ESSID:”Len”
Mode:Managed
Frequency:2.462 GHz (Channel 11)
Quality:2/94 Signal level:-84 dBm Noise level:-154 dBm
Encryption key:on
Bit Rate:1 Mb/s
Bit Rate:2 Mb/s
Bit Rate:5.5 Mb/s
Bit Rate:11 Mb/s
Bit Rate:18 Mb/s
Bit Rate:24 Mb/s
Bit Rate:36 Mb/s
Bit Rate:54 Mb/s
Bit Rate:6 Mb/s
Bit Rate:9 Mb/s
Bit Rate:12 Mb/s
Bit Rate:48 Mb/s
Extra:bcn_int=100

This gives you the Network Name, MAC address, Frequency, encryption and much more. This information can be used to join your preferred network.

If you are monitoring certain access point you can type in iwlist accesspoints and get the listing of each nearby access point with the MAC address.

Once you have located the access point you want to connect with it’ time to start using another command called iwconfig.

iwconfig is used to configure your wireless adapter so you can connect it to your preferred network. You can configure every thing from the ESSID to the transmit power of your wireless adapter.

sYNOPSIS
iwconfig [interface]
iwconfig interface [essid X] [nwid N] [freq F] [channel C]
[sens S] [mode M] [ap A] [nick NN]
[rate R] [rts RT] [frag FT] [txpower T]
[enc E] [key K] [power P] [retry R]
[commit]

The syntax for using the iwconfig command is: iwconfig (interface name) then what ever you want to configure. So if you want to configure the ESSID you would type iwconfig wlan0 essid “network name”.

Now that you know that the tools are there go to work!!!

Learn everything you could ever want to know about wireless networking technology at http://www.wirelessninja.com Learn how to prevent hackers from exploiting your wireless network. Also learn how to prevent the most dangerous computer threat, social engineering.

Organizations in our region have been steadily adopting wireless networking over the past few years, and many more businesses will take the leap to wireless over the course of 2006. By implementing a wireless network, your employees can do their job more efficiently and be more productive. For just about every business, there is an opportunity to use a wireless network to become more competitive in the marketplace.

Many businesses have installed wireless access points (WAPs) in order to realize various benefits, but my experience has shown that relatively few organizations understand the importance of properly securing their wireless network. If an attacker gains wireless access to your network, they are behind your firewall and there is very little protection available to you. It is not uncommon to find unsecured networks in our region, and I frequently see access points in use that are not up to today’s security standards. When you add in the number of improperly configured WAPs, it becomes apparent that our region has a lot of room for improvement.

When evaluating your need for wireless security, you should ask yourself these four questions: How valuable is your data and how sensitive is it? What regulations are your company obligated to meet regarding data privacy? How much traffic passes by your office? Are there any potentially attractive targets near you? In many instances a company’s wireless security policy is like failing to have a front door to your house. Anybody walking by can peek in to see your valuables, and easily walk in to take whatever they want.

I won’t get into the technical aspects regarding how wireless networks can be attacked and the methods that can be employed to make them more secure, but I can offer an overview of the three wireless security standards and how they compare to each other to give you an idea of where you stand. Just compare the information present on the access point, its original box, or the manufacturer’s web site to learn what your WAP is capable of.

The first security standard developed for WAPs is known as WEP (wired equivalent privacy). Older WAPs and less savvy network administrators will employ this method for protecting a wireless network. A pre-shared key is the best defense of WEP. Most people do not change the WEP key frequently which is like having the same password for all users on your network. WEP can be easily defeated by an inexperienced hacker using simple tools, making this a poor security choice. If your access point is more than two years old, it probably uses WEP and should be replaced immediately. Using the front door analogy, WEP is like locking your screen door, and giving every person who visits the house a key. People can easily peek inside, too many people have a key to open the lock, and an intruder could just cut a hole in the screen to unlock the door from the inside.

To address the problems inherent with WEP, the wireless industry developed a standard known as WPA (Wi-Fi Protected Access). WPA requires the use of passphrases (long passwords), and a unique encryption key for each user that frequently changes. Other technological improvements were made to improve security, as well. WPA was designed to be backwards compatible with WEP access cards, giving administrators an affordable upgrade path to improved security. WPA is like installing a solid front door to your house, and using the lock on the doorknob. Intruders can’t peek inside and it is more difficult for them to gain entry to your house.

WPA has not yet been hacked, but it’s only a matter of time. To address this reality the wireless industry has just released the WPA2 (Wi-Fi Protected Access 2) standard, sometimes referred to as 802.11i. WPA2 improves upon WPA by adding user authentication with a server and using stronger encryption. Windows XP just began supporting WPA2 in May. A properly configured WPA2 network satisfies US Government security standards, making them a necessity for regulated businesses in the medical and financial industries. WPA2 protection is like using the deadbolt of your door and an intercom to verify the visitor’s identity before letting them inside.

If you are about to purchase a new access point, it should definitely support the WPA2 standard. If you must to use a WAP that utilizes WEP or WPA standards, there are still methods that will help you create a more secure network. Getting the most out of an inferior technology is sometimes better than failing to properly use a new one. For specific information on securing your network, give me a call and we can develop a security policy created to meet your individual needs.