using wireless internet without security

Discussion in 'Computer Security' started by Erik, Dec 8, 2006.

  1. Erik

    Erik Guest

    Some families in my neighbourhood are using wireless internet without any
    security.



    I know that using security (password or Mac-address filtering) is often
    advisable, but I would like to know better what risks are involved by having
    an open wireless network:

    1) Can virus spread across a wireless network between computers which are
    only sharing the internet connection?



    2) Is it possible for users sharing an internet connection to gain access to
    files on other computers sharing the connection?



    Thank you

    Erik
     
    Erik, Dec 8, 2006
    #1
    1. Advertising

  2. Erik wrote:

    > Some families in my neighbourhood are using wireless internet without any
    > security.
    >
    > I know that using security (password or Mac-address filtering) is often
    > advisable,


    MAC address filtering is no security. It's pure illusion.

    > 1) Can virus spread across a wireless network between computers which are
    > only sharing the internet connection?


    Well, yes, if there's a way to remote execute code.

    > 2) Is it possible for users sharing an internet connection to gain access to
    > files on other computers sharing the connection?


    Well, yes, if you allow such access.

    And you don't even care about abuse of the internet connection?
     
    Sebastian Gottschalk, Dec 8, 2006
    #2
    1. Advertising

  3. Erik

    Todd H. Guest

    "Erik" <> writes:

    > Some families in my neighbourhood are using wireless internet without any
    > security.
    >
    >
    >
    > I know that using security (password or Mac-address filtering) is often
    > advisable


    MAC filtering is very easily bypassed by anyone other than casual
    snoopers. The same can be said of WEP encryption which can be
    broken in minutes using freely available tools.

    >, but I would like to know better what risks are involved by having
    > an open wireless network:
    >
    > 1) Can virus spread across a wireless network between computers which are
    > only sharing the internet connection?


    Absolutely, but that's an issue orthogonal to the whole wireless
    equation, and more a risk of putting a group of computer on the same
    network.

    However, if you lack a hardware firewall or home office router today,
    you'll be adding no additional risk of network based piece of malware
    spreading to you from the internet right now. If you have a "software
    firewall" or are using windows firewall on your machine already, and
    if you configure it not to trust computers on your local area network,
    you'll be in as good a shape as you are against internet based attacks
    today.

    > 2) Is it possible for users sharing an internet connection to gain access to
    > files on other computers sharing the connection?


    Absolutely. With similar caveats above though. The difference
    between an internet based threat and one of a local area network is
    often in how the packet filter software ("software firewall") is
    configured. Many of these programs trust the computers on your LAN
    implicitly, which if file sharing is being used, would leave them open
    to a neighbor jumping on the open access point.

    Other more worrisome things, however, would be johnny neighbor jumping
    on the open access point, running script kiddie attacks against
    goverment networks, then men in black start knocking on the front door
    inquiring about the illegal hacking activity originating from that
    internet connection.

    If you want to frighten the neighbors into action, that's the threat
    that's most compelling. And add that with directional antennas, the
    attacker could be up to a mile away.

    WPA security with a strong, random, long passphrase is what they
    should implement. Don't bother with WEP or MAC based filtering, and
    SSID hiding tends to cause the legitimate owner more headache in
    getting legit computers configured than it provides in any obscurity.

    Best Regards,
    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Dec 8, 2006
    #3
  4. Erik

    Jim Watt Guest

    On Fri, 8 Dec 2006 10:02:53 +0100, "Erik"
    <> wrote:

    >Some families in my neighbourhood are using wireless internet without any
    >security.


    Its a bad idea, turn on the security features preferably
    WPA

    --
    Jim Watt
    http://www.gibnet.com
     
    Jim Watt, Dec 8, 2006
    #4
  5. Erik

    John Hyde Guest

    On 12/8/2006 7:24 AM, Todd H. wrote:
    > "Erik" <> writes:
    >
    >> Some families in my neighbourhood are using wireless internet without any
    >> security.
    >>
    >><SNIP>


    > WPA security with a strong, random, long passphrase is what they
    > should implement. Don't bother with WEP or MAC based filtering,


    Unless your hardware does not support WPA, then use what you have. Even
    though it is easily broken, you should be using something until you
    replace the hardware. And you *should* replace the hardware if it does
    not support WPA
     
    John Hyde, Dec 11, 2006
    #5
  6. John Hyde wrote:

    >> WPA security with a strong, random, long passphrase is what they
    >> should implement. Don't bother with WEP or MAC based filtering,

    >
    > Unless your hardware does not support WPA, then use what you have.


    What a nonsense.

    > Even though it is easily broken, you should be using something until you
    > replace the hardware.


    Because it's easily, it's not "something" at all.

    > And you *should* replace the hardware if it does not support WPA


    Or something where a VPN client (OpenVPN, IPsec) runs.
     
    Sebastian Gottschalk, Dec 11, 2006
    #6
  7. Erik

    John Hyde Guest

    On 12/11/2006 11:32 AM, Sebastian Gottschalk wrote:
    > John Hyde wrote:
    >
    >>> WPA security with a strong, random, long passphrase is what they
    >>> should implement. Don't bother with WEP or MAC based filtering,

    >> Unless your hardware does not support WPA, then use what you have.

    >
    > What a nonsense.
    >
    >> Even though it is easily broken, you should be using something until you
    >> replace the hardware.

    >
    > Because it's easily, it's not "something" at all.
    >


    You know the story about the bear? WEP is like the red sneakers. It
    won't stop an even moderately deterined attacker, but it will keep the
    neighbor kid who does not know about cracking tools out of it. Even an
    attacker will likely go after the easy targets first. Besides, I did
    say replace it, right?
     
    John Hyde, Dec 12, 2006
    #7
  8. John Hyde wrote:

    > You know the story about the bear? WEP is like the red sneakers. It
    > won't stop an even moderately deterined attacker, but it will keep the
    > neighbor kid who does not know about cracking tools out of it.


    Well, except that the neighbor kid knows such cracking tools. Google told
    him.

    > Even an attacker will likely go after the easy targets first.


    It is an easy target.

    > Besides, I did say replace it, right?


    And I'd recommend switching it off until then.
     
    Sebastian Gottschalk, Dec 12, 2006
    #8
  9. What's all this other stuff in addition to "WPA"? I set my router to:
    WPA-PSK [TKIP] + WPA2-PSK [AES] Does all that additional stuff add to
    security?

    Thanks
    RH
     
    Roger Hammonds, Dec 12, 2006
    #9
  10. Erik

    Todd H. Guest

    Roger Hammonds <> writes:

    > What's all this other stuff in addition to "WPA"? I set my router to:
    > WPA-PSK [TKIP] + WPA2-PSK [AES] Does all that additional stuff add to
    > security?


    Not appreciably, no.

    Biggest determining factor in your security using WPA with a
    pre-shared key (PSK) is how long, random and complex the passphrase is
    that you select for the pre-shared key.


    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Dec 13, 2006
    #10
  11. Erik

    Jim Watt Guest

    On Tue, 12 Dec 2006 17:49:23 -0500, Roger Hammonds <>
    wrote:

    >What's all this other stuff in addition to "WPA"? I set my router to:
    >WPA-PSK [TKIP] + WPA2-PSK [AES] Does all that additional stuff add to
    >security?


    You may find that not all the devices you need to connect
    support all functions that the router does so its a case
    of finding the best compromise.


    --
    Jim Watt
    http://www.gibnet.com
     
    Jim Watt, Dec 13, 2006
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Sm9obg==?=

    Sharing my Internet Connection without using a router

    =?Utf-8?B?Sm9obg==?=, Sep 16, 2004, in forum: Wireless Networking
    Replies:
    2
    Views:
    1,310
    Rachael the Wiccan Rat
    Sep 17, 2004
  2. COMSOLIT Messmer

    IT-Security, Security, e-security

    COMSOLIT Messmer, Sep 5, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    622
    COMSOLIT Messmer
    Sep 5, 2003
  3. =?Utf-8?B?bXJpY2g=?=

    Wireless without the Internet

    =?Utf-8?B?bXJpY2g=?=, Jun 25, 2007, in forum: Wireless Networking
    Replies:
    3
    Views:
    388
  4. Jim Watt
    Replies:
    0
    Views:
    605
    Jim Watt
    Apr 27, 2008
  5. Suzan
    Replies:
    4
    Views:
    850
    Suzan
    Nov 9, 2008
Loading...

Share This Page