Wednesday, May 04, 2005

For Those Paranoid About Wireless

In many buildings I've visited in London, Manchester and Edinburgh, I've found one or more wireless networks belonging to firms other than the one I was visiting. I've also found any number of wide open private wireless networks scattered around the place. In my own firm's head office, just outside the Chairman's office, I regularly see a network belonging to another firm. These other networks my laptop can see are, in the main, "protected" by the use of WEP, but some are wide open (or have a WEP key the same as the SSID). And with a bit of web suring, you might discover that certain firms have a standard SSID and WEP key for all their sites, which makes getting onto these networks trivial when you can stand outside and just leech the signal. In additon to the 802.11 networks, there are also bluetooth devices andd IR based devices in a number of public or semi public areas that are also potentially vulnerable.

So what's to be done? Several things really. First, as far as 802.11 goes, you should be investing in more advanced wireless security products as well as the use of smart cards, etc. WEP is easy to crack for the dedicated hacker who loads up a Linux laptop, and uses readily available tools. And since most firms using standard WEP are not likely to change WEP keys that often, WEP really is not adequate for preventing much more than casual usage attempts. For a look at the tools available, or perhaps to scare yourself silly as to how easy this might be, Google is your friend.

The use of WPA etc, make cracking 802.11 networks harder, but if you can avoid any RF signal from entering or leaving your site, you reduce if not emiminate the risks from the passer by attacker. A US firm, Force Field Wireless has several products aimed at helping you to reduce the RF emisions. Their DefendAir Radio Shield paint, or your own paint mixed with Paint Additive, reduces the RF transmission through any paintable surface. With a few coats, you get little or no useful RF emsssions through walls, ceilings, etc. This might be an ideal product for use in a board room - although remember that the RF spectrum that is eliminated includes cell phones! And an office with no cell phones ringing is not all bad.

For the even more paranoid, a UK firm, Glasslock has special glass to reduce the the risk of evedropping via the glass.

These things are not a particularly cheap way of doing things. The paint additive is US$34.95 enough to mix with 1 gallon of your own paint, or buy ready mixed paint at US$69.95/US Gallon (128 fl oz). But there are places and uses for these things. And besides, even if you aren't paranoid, they're probably still out there looking to get to you, your network and your data.

No comments: