& cplSiteName &

Hacking Home WLANs

Light Reading
LR Mobile News Analysis
Light Reading
8/31/2006

It's a great idea to have employees working from home via wireless connections. Unless, of course, hackers break into those employees' wireless LANs -- and potentially compromise your entire enterprise network.

Researchers say it's way too easy to break into most home WLANs because most users typically leave their wireless routers configured with the default SSID, administrative password, and unencrypted settings. That makes the home WLAN a welcome mat into the user's corporate network.

"It's scary how vulnerable these networks are," says Ken Baylor, director of market development and strategic alliances for McAfee. In some recent war-driving tests, McAfee found half of home wireless LANs were unprotected and unencrypted, Baylor says. And few enterprises are paying attention to their users' home WLANs.

The safest bet is a secure VPN connection for your users, researchers say. Even a well-secured home WLAN with a WPA/WPA2 encryption and a unique SSID is still not as safe as a secure VPN link. That's because the wireless encryption ends where the wired network begins.

But even with a VPN, a user can contract spyware and suffer from a keylogging attack, Baylor says.

Meanwhile, most home users run WEP encryption or none at all, he says. Only about 10 or 20 percent run WPA. The 128-bit WEP encryption isn't enough: Baylor says his team was able to crack WEP encryption on a wireless router in less than two minutes.

WEP is notoriously weak for encryption, security researchers say. "If anyone is using WEP to keep anyone except their kid sister from reading their mail, they're in trouble," says one researcher who requested anonymity. "Even WPA-PSK with a weak passphrase is way better then WEP."

Even more dangerous than an attacker eavesdropping or piggybacking on your user's home WLAN is what Baylor calls the "evil twin" attack, basically a phishing scheme that sends the machines to corrupted servers posing as a trusted resource. All it takes is hacking into a Linksys wireless router's DHCP setting, for instance.

"So if the user types in 'bankofamerica.com,' he's sent to a phishing site" that looks exactly like the real one, Baylor says, and it's totally transparent to the user.

"These attacks are simple to set up and get running," Baylor says. "They are undetectable, so it's very likely these have been done."

In an evil twin attack, the hacker basically intercepts and redirects the user to the fake site and steals his bank account or other sensitive data, says Corey O'Donnell, vice president of marketing at Authentium. (See Insecure at the Airport?) The hacker simply logs on as the system admin of the wireless router, which is a no-brainer when the user leaves it in the default setting.

"But home users are no less secure than other non-corporate entities," O'Donnell says. "The vulnerabilities are greater when your users are in a public space, and a hacker comes in and poses as a falsified WiFi connection and steals your data."

How can you protect your home users, and ultimately your corporate network?

  • Change passwords on wireless devices
  • Upgrade to the latest firmware
  • Turn off the default SSID (it advertises the WLAN)
  • Consider WPA2
  • Use authentication, such as 802.1X
  • Add a personal firewall to the WLAN end point

    — Kelly Jackson Higgins, Senior Editor, Dark Reading

  • McAfee Inc. (NYSE: MFE)
  • Authentium Inc.
    (1)  | 
    Comment  | 
    Print  | 
  • Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
    wifidude
    wifidude
    12/5/2012 | 3:42:33 AM
    re: Hacking Home WLANs
    http://www.witopia.net offers the same security and management big companies use to home users for $9.99 a YEAR or businesses for $99 a year. Much stronger than plain wpa or wep. As the article suggests, it has TRUE 802.1x authentication built-in and actually yields WPA-Enterprise or 802.11i if you like.

    For evil twins and other hotspot security concerns, their personalVPN service fixes all that with an SSL VPN that encrypts all your data over any wireless or wired network as well as anonymizes you online for $39.99 a year.

    All services work on mac, PC, or Linux

    and, yes, I'm a friend of the company but their solutions to the above are most certainly for real so don't let that stop you from checking them out. :)
    Featured Video
    Upcoming Live Events
    October 22, 2019, Los Angeles, CA
    November 5, 2019, London, England
    November 7, 2019, London, UK
    November 14, 2019, Maritim Hotel, Berlin
    December 3-5, 2019, Vienna, Austria
    December 3, 2019, New York, New York
    March 16-18, 2020, Embassy Suites, Denver, Colorado
    May 18-20, 2020, Irving Convention Center, Dallas, TX
    All Upcoming Live Events
    Partner Perspectives - content from our sponsors
    Multiband Microwave Provides High Capacity & High Reliability for 5G Transport
    By Don Frey, Principal Analyst, Transport & Routing, Ovum
    5G + Cloud + AI + Ecosystem, Opening New World of Video
    By Samuel Chen, President, Cloud & Data Center Marketing, Huawei
    All Partner Perspectives