Surviving 21st Century WarGames. The rise of wireless internet has led to a newer tactic called “wardriving.”

0
24


I’m willing to bet that the average reader here has seen the 1983 fictional movie that was titled WarGames. In the film, Matthew Broderick’s character inadvertently brings the world to the brink of nuclear war. This all starts with Broderick’s character “war dialing” random phone numbers, looking for dial-up internet modems to connect to. He unwittingly connects to a modem servicing a supercomputer that runs nuclear wargames, while thinking that he’s connected to a computer game company. The situation escalates quickly, but is fortunately resolved without causing World War Three. The movie depicts a mostly harmless teenager just messing around on the internet…but what if a genuinely bad actor tried that same technique?

The world’s changed since 1983, and the rise of wireless internet has led to a newer tactic called “wardriving.” Wardriving is when a person travels (typically in a car, but potentially on a bike or on foot) across an area, searching for wireless access points. There are several reasons why someone would do this. A person could simply be looking for an open/non-password secured network to get free internet access. Or a person may want to do something shady while using your router’s IP address. Remember that no matter how many people or devices are on your network, all the traffic flows through one public-facing IP address provided by your internet company and tied to your address. If your neighbor does something illegal while connected to your wi-fi, then the odds are that there will be a knock on your door rather than on his.

Companies also wardrive. Google acknowledges that their Street View vehicles collected wi-fi data from 2007 to 2010. If the wi-fi signal was encrypted, the vehicles were only able to collect a limited amount of information, including Service Set Identifiers (SSIDs–the network name that your wi-fi router broadcasts) and location. This supposedly helped to refine Google’s positioning data. Google also admitted that their vehicles collected emails, usernames, passwords, and other private data from unencrypted (“open”) wireless networks. Google claims this data gathering was a mistake, but court documents from a subsequent lawsuit call that into question.

One of the stranger examples of organized wardriving was a 2011 proposal by the Austin, Texas police department to find unsecured wireless access points across the city. “Operation Wardrive” was purportedly intended to discover open wi-fi networks, with police following up with residents to inform them of the dangers of unsecured wi-fi. The Electronic Frontier Foundation (EFF) pointed out that under this plan–even if well-intentioned—any information that the Austin police gathered during Operation Wardrive would potentially be a public record, open to record requests under Texas law.

If all this talk of wardriving alarms you, there are some simple changes you can make to protect yourself. Ideally, you want your wi-fi signal to extend as far as you need it, and not an inch more. Ask yourself where you really need wireless access on your property. Do you need wi-fi outside your house? If so, how far? Try wardriving your own property. Take a walk around with a cell phone, tablet, or other portable wireless device. Note how far away from your router you are when you lose the wi-fi signal. You may be surprised at how far the signal propagates.

Wireless signal modification

The easiest solution to a wireless signal that strays too far is to move your router to a more central location on your property. This isn’t always feasible though, depending on where buildings are and where power and internet drops are available.

Another course of action is to modify the router’s signal strength. This is usually an option in the router’s settings. Typing 192.168.1.1 in your browser should take you to the router login and settings page, where you can dial the strength down. (Conversely, if you have issues with your wireless signal not reaching far enough, you may be able to dial the strength up. Many manufacturers set the default signal strength to less than 100%.)

If your router has adjustable antennas, you can reposition them. Keep in mind that the signal propagates perpendicular to the antenna. So when the antenna stands straight up, it’s broadcasting as far horizontally as it can. Angling the antenna may reduce the signal’s range by directing the signal more vertically and less horizontally. I suppose it’s possible that warflying could become a thing, but as far as I’m aware Google doesn’t have a fleet of snooper planes or drones (yet).

You can also try placing shielding around the router to make the signal more directional. This may be a good option if your router is on the edge of your property and you want the signal to propagate in one direction. A number of companies manufacture boards incorporating Faraday technology that you can mount on whatever side of the router you don’t want the signal to transmit toward. Typically these Faraday devices are used to protect a router from interference from more powerful wireless signals, but it can just as easily block your own signal from propagating in an undesired direction.

After you’ve made these changes, make sure you do another round of wardriving your property. Compare where the signal reaches now to where it reached before. Adjust again as needed. You may not be able to get the signal to fit exactly where you would like it, but fortunately there are additional ways to secure your wireless network.

The four options I just presented focus on modifying the propagation of the wireless signal, without many tradeoffs in user convenience. Here are two more options that focus on how the network operates, but have the potential to inconvenience users of your network. There’s an inherent tension between internet security and user convenience…only you can decide what’s right for your network!

Network settings

Every Internet-connected device has a unique media access control address (MAC address). Your router may allow you to perform MAC address filtering–essentially creating a whitelist of devices allowed to connect to your network. Setting up and maintaining this list of permitted devices can be onerous, depending on how many Internet-connected devices you have at home, and how frequently you add new devices to your network.

You also have the option to disable the SSID broadcast (this should be in the router settings). This means your router will stop advertising your wi-fi signal. Normal devices searching for a wireless access point will pass over your network. For devices that you want to be connected to your network, you will need to manually enter the network name and password to connect them to your network. Note that this will provide a measure of protection against casual wardrivers, but there are professional tools that will detect the presence of a wireless network, even with the SSID disabled. I’ve found that some devices struggle to connect to networks with a disabled SSID, even with the info manually entered correctly. Again, this is your call on how you want to balance security and usability.

Wireless router security

A few quick words on security for your wireless router:

Rule number one is to always require a password to access your wireless network. Be sure to change the default password installed at the factory. Some manufacturers use the same default password across models. If a person can figure out your router’s make and/or model, it is easy for him to dig up the default password (often “admin” or something similarly predictable).

Rule number two is to use a strong encryption standard in your router settings. Wi-fi Protected Access Version 3 (WPA3) is the industry standard. If you have older devices that can’t support WPA3 encryption, WPA2 is the next best (alongside upgrading to devices that can use WPA3).

Rule number three is to choose a wise SSID. Don’t choose a network name that clearly reveals who owns the network (ie “Smith Family Wifi”). And please change the default SSID name. Many of the factory set SSIDs give away the make and model of the router. A wardriving experiment conducted by internet security enthusiasts in the early 2000s was able to predict which wireless networks were the most likely to be juicy targets, just based off of the SSIDs they discovered. The team found a lot of wireless networks named “linksys” or “tsunami.” Linksys is an affordable wireless router brand, commonly used for residential internet. Tsunami is the default SSID for Cisco routers, which are more expensive and commonly used by businesses. A hacker or industrial spy would save a lot of time figuring out what wireless signals belong to a big corporation, thanks to the network owners not bothering to change the factory settings in the router. A good rule of thumb is don’t broadcast information that doesn’t need to be shared. That is true in life and true in wireless security.

Hopefully the foregoing was a helpful primer on wi-fi security. If some modern-day equivalent of a Matthew Broderick hacker comes war driving down your residential road looking for accessible wireless networks, then I hope that you frustrate him! As much as I love WarGames, I don’t want to see a sequel at my house.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here