Untethered fun in the sun...

06/10/2009 14:49

As summer approaches, the dream of working while sitting on the beach comes to the fore. While I doubt many of us will be that lucky, the technology to enable this has been with us for some time and most of us use it every day: WiFi.

WiFi (or Wireless Fidelity) is any of the widely deployed wireless networking protocols that operate in the frequencies unregulated by the FCC (Federal Communications Commission), specifically 2.4 GHz and 5.8 GHz. These protocols are technically referred to as the IEEE (Institute of Electrical and Electronics Engineers) 802.11x specification, with the "x" being the version. The versions are lettered: "b", "a", "g", and now "n" (in order of release) and specify the maximum connectivity speed, signaling rules and frequencies used.

Many coffee shops, cafés, airports, and hotels offer WiFi hotspots for their patrons. Many homes and offices have these networks up and running for their families, employees and guests.

So just what are the security implications of these WiFi networks?

To answer this question, we should first break it into two perspectives: as the network, and as the computer.

From the computer's perspective, a WiFi connection is just another network connection. This means that connecting to the hotspot in Panera Bread is exactly the same as plugging into a network hub in Panera Bread: you have network access to everyone else's computer on that hub, and they have the same access to you. Viruses may be propagating from 2 tables away, or some girl in the corner may be scanning your laptop for missing patches or holes in your firewall. At this point, these other computers are within the LAN (Local Area Network), which is usually considered safer than the internet. The LAN is usually protected by some sort of firewall or router, but these other computers are behind any firewall along with you.

All of these very close threats are on top of the standard retinue of "bad things" that can happen every time you connect to the internet. This is why you have up to date anti-malware software, virus definitions, and patches (both operating system and applications), and your computer's firewall turned on and properly configured. Right?

From the network's perspective, our consideration needs to be broken down yet again: we need to examine WiFi as an attack vector (way into the network for "bad things"), and we need to view WiFi as a vital service that needs to be available for users.

As an attack vector, WiFi excels. It's very reason for existence is to allow computers to connect without wires, meaning that they may not need to even be in the building. In fact, it’s not unusual to be able to connect to a company's wireless signal from the parking lot or even across the street. This is why a wireless network survey is performed before the network is installed. The survey is done to map out the areas of the building that should have coverage, and place the access points (WiFi hubs) accordingly. You did have a wireless network survey before you had WiFi installed, didn't you?

To protect against this type of intrusion, all WiFi connections should be encrypted with a modern encryption algorithm, and secured with a strong key. The encryption is vital to the network's security as this prevents all of the network traffic from being read by anyone in range. Many of the early encryption algorithms such as WEP (Wired Equivalent Privacy) were broken years ago. Of course, the encryption is useless if the key is known, so a strong key should be used. Even better, access and encryption should be based on the user account in a centralized authentication system (such as Microsoft's Active Directory) instead of a shared key each computer.

There are other measures that can be taken, but these rely more on hiding the network instead of securing it. The SSID (Service Set Identifier) or network name can be prevented from being broadcast, making the network “invisible” to most computers. Also, connections can be limited to specific MAC (Media Access Control) addresses. These MAC addresses are supposed to be unique to each network card, and the theory is to limit WiFi to specific computers. However, both of these measures simply keep out the uninitiated: they can easily be overcome by anyone with 5 minutes and access to Google. While these steps can be useful when used in conjunction with encryption and authentication, they should not be relied upon alone as they will not secure your WiFi network.

As vital service, guaranteeing WiFi can be both difficult and costly. The frequencies that WiFi uses are unregulated for a reason: nobody else wanted them. The most popular frequency of 2.4 GHz, used by 802.11b, 802.11g and 802.11n, is the frequency that water absorbs. Microwave ovens operate at 2.4 GHz, and have been known to interfere with WiFi networks, as can cordless phones, baby monitors, and security systems. In addition to interference, water pipes, brick walls, rebar reinforced concrete, trees and precipitation can block the Wifi signals.

The most vexing interference is by other WiFi networks. The 2.4 GHz frequency can only be broken up into 11 channels, of which only 3 are non-overlapping and usable for any given area. This means that home owners and small businesses in congested areas may not be able to use WiFi at all, as all of the channels are already used. While all of these problems can be serious, they are passive in nature and generally unintentional.

So what if someone wanted to intentionally disrupt your WiFi? On top of all of the possible passive problems for WiFi connectivity, there is the real threat of active interference, specifically jamming. While this may seem the province of "Mission: Impossible" or James Bond, it very simple: WiFi relies on having the transmission frequencies free from any other signals. Any other signal introduced to that channel can disrupt or drown out the signals from the computers or the access point. You don't want to know how easy these jammers are to make. Trust me.

So how do we know if our WiFi is secure and reasonably reliable? As always, a good place to start is a review of your network security policies, and compare them to your WiFi implementation.