in black and white
Main menu
Share a book About us Home
Biology Business Chemistry Computers Culture Economics Fiction Games Guide History Management Mathematical Medicine Mental Fitnes Physics Psychology Scince Sport Technics

wireles network hacks mods - briere D.

briere D. wireles network hacks mods - Wiley publishing, 2005. - 387 p.
ISBN: 0-7645-9583-0
Download (direct link): wirelesnetworkhacks.pdf
Previous << 1 .. 72 73 74 75 76 77 < 78 > 79 80 81 82 83 84 .. 87 >> Next

170 Part III: Wireless on the Go
Securing Hot Spots
Security isn’t a big deal just within your own home network: It’s important on the road, too. Unfortunately, one area where people tend to neglect their wireless security (through no fault of their own, most of the time) is when they’re out using the wireless hot spots we discuss in Chapter 9.
That’s because most hot spots don’t have any Wi-Fi security turned on. In fact, most hot spot operators purposely keep WEP and WPA turned off because it’s difficult for their users to configure quickly (almost not worth the effort to some folks for a five-minute online session to check e-mail) — and if users think it’s too much bother to get online, the hot spot won’t make any money.
If hot spot operators don’t take security seriously, don’t worry: Take matters into your own hands. You can take some steps when accessing hot spots to keep yourself safe and sound and your data out of the hands of the bad guys, even if the hot spot you’re using is not secure.
Using Wi-Fi security when you can
One of the very best ways to stay secure on hot spots is to use the same security measures that you’d use in your own home wireless network. That means using WPA and 802.1X authentication to encrypt all the data crossing the airwaves and to perform mutual authentication (of yourself and of the AP you’re connecting to).
Such an approach can keep your data secure and also prevent you from logging onto an “evil twin” AP (we discuss these in Chapter 9 — it’s an AP that’s masquerading as the one you’re trying to log onto, in an attempt to steal your personal information).
Unfortunately, not many hot spots are yet using such methods — simply because they feel it’s just too difficult for their customers to bother with. Some networks that do use WPA and 802.1X include
T-Mobile: The hot spot (and cellphone) company that’s unwiring Starbucks coffee shops (and thousands of other locations) has begun to roll out 802.1X authentication throughout all of its hot spots. To use it, you simply need a T-Mobile account and the T-Mobile client software (find out about both at Folks who sign onto T-Mobile hot spots without the T-Mobile client software (using the Web site instead) are not protected by WPA and 802.1X.
Chapter 10: Staying Safe on Any Wireless Network 171
Radiuz: This community network (which we discuss in Chapter 12) is designed to help users share their wireless networks securely while also taking advantage of other users’ networks as a roaming service. As the company’s name implies, RADIUS is a big part of this, and users must authenticate themselves and join a secure network using WPA and 802.1X. Find out more at
Connecting to a VPN
If you’re like the vast majority of hot spot users, you can’t rely on connecting to the hot spot via a secure connection. When this happens to you — when you’re forced to connect to a hot spot “in the clear” — your best bet for security is to use a VPN (virtual private network).
VPNs take everything you send across the wireless network (and even across parts of the wired network) and encapsulate the data into a secure tunnel.
This means that even though your data is passing across a bunch of unsecured public networks (like the wireless LAN and the Internet), it is scrambled and encrypted and therefore secure until it reaches its final destination.
You can get a VPN on your connection in one of three ways:
^ Corporate VPN: If you’re connecting back to your own corporate network, you may already have a VPN set up (and VPN software on your computer). A corporate VPN sets up a tunnel from your laptop (or handheld computer, for that matter) all the way back to the VPN concentrator within your corporate network. Many teleworkers and telecommuters already have VPN connections set up from their home office back to the headquarters.
Depending on what type of VPN connection your company has set up, you may have secure VPN tunnels only for certain applications (like your e-mail and access to the corporate file server) and not for other applications (like your personal e-mail or Web browsing). Check with your network admin before you assume that your corporate VPN secures all of your online communications at a hot spot.
^ VPN built-in to hot spot client software: Many hot spot providers (like Boingo or iPass) provide their customers with special hot spot client software. This software provides users with a directory of hot spots, and also configures computers to access the network. But the really big advantage of using these clients is that they have built-in VPN capabilities. All the data leaving your computer is encapsulated in a secure tunnel until it gets to the hot spot provider’s own network, where it is decrypted and sent to its final destination on the Internet. If you’re using one of these clients, you can feel safe that your data is secure on the wireless network.
Previous << 1 .. 72 73 74 75 76 77 < 78 > 79 80 81 82 83 84 .. 87 >> Next