Linux - How to break a network with only three keystrokes, Thinking of installing a wireless network

How to break a network with only three keystrokes


Thinking of installing a wireless network?

Think again. Although we deliberately omit describing some key components of the hack attack kit to prevent intruders from wrecking havoc, those missing pieces are all too readily available.

It used to take a certain amount of talent to break into a computer network, but not any more. Run a scanner, look for holes, download passwords or generate buffer overflows and you're in!

Today, breaking into a corporate network, not just their Web site, is even simpler. I've talked with people who believe that it's so simple that some companies should be prosecuted for stupidity. Not a bad idea, perhaps, but the cause may be that CIOs and security people are not aware of recent developments that leave their networks open to remote attack invisibly.

Our arsenal of attack equipment consisted of:

1. A laptop running W2K

2. A handheld GPS receiver connected to the laptop's serial port.

3. A wireless Ethernet card

4. A 12" antenna connected to the Ethernet card.

5. Two pieces of free software downloaded from the Internet.
( to remain unidentified to protect vulnerable wireless networks)


We drove the streets looking for an insecure network. Within 1/2 hour, our rig recognized about 100 separate Access Points inside of wireless networks. These access points broadcast signals on well-defined frequencies (IEEE 802.11b specifications) that shout "Here I am!?" In other words, we found organizations broadcasting who they were and where they were. That's all we needed to break in.

The Third Man's software did two things:

1. Identified the open network, and
2. With the GPS, gave us the exact physical location of the network.


Thus armed, the Third Man locked into an historical Vegas business.

How to break into a wireless network

Reboot your computer. (thus, the article's title, "Three Keystrokes.) With your wireless Ethernet card inserted and the unprotected access point will mate up instantly. You also need to change the Service Set Identifier (SSID) on your Ethernet card to match SSID on the network's access point. You can choose
to manually force your DHCP settings to renew, but if that gives you any trouble, merely reboot!

As far the "victim" was concerned, the wireless laptop was a legitimate node on their internal network. Wireless access points automatically assign internal IP addresses through DHCP, and now we could see their LAN just as clearly as if we were sitting at a desktop insider their facility.

The Third Man ran a sniffer program that captured all of the LAN traffic inside of this company. It was transmitted through the wireless access point straight into the Third Man's computer. Passwords. Contracts. E-mail. We he had it all.

Stupidity Reigns

What's to prevent anyone from hacking wireless networks? Nothing! In fact, this sort of techno-entertainment even has a name, it's called "War Driving," and we found more than 100 open networks in just a few minutes.

So why not encrypt your wireless networks and prevent a hack? Wired Equivalent Privacy (WEP), was designed just for that purpose, to protect wireless networks from such shenanigans. Unfortunately, the people who set up WEP chose to use a 26-bit encryption algorithm, which is close to useless. Even stronger encryption methods have been cracked as of August, 2001 by researchers from AT&T and elsewhere. The GPS software also showed if WEP was in use We found just two companies using WEP.

The Future of Mobile/Wireless Networks

So what can you do to protect yourself from this technical incompetence? First, don't use wireless networks unless you really have to it's like putting a modem on your network, with a public dial-up number and no password. Next, be suspicious of vendor claims.

Vendors have got to standardize their encryption routines Forget about using proprietary algorithms. Use only well-known and proven crypto schemes with decent key management. Look for wireless technology using standards like DES, 3XDES, AES, RSA, and PGP.

Finally, beware of in house geeks that install wireless access points to your networks without permission. Land-based war dialers can find unapproved modems in your networks...War Driving does the same thing to identify rogue network connections.

Bottom Line - Don't...

Don't use wireless networks that tie into your main systems. And do not use wireless networks that employ proprietary encryption, that compounds the mistake. Look for vendors whose products offer solid security, encryption and meet acceptable industry standards.

The National Security Agency and their contractors are working on setting standards as are other industry groups. It will take time to get the wireless network secure but it's worth the wait.


The topic on Linux - How to break a network with only three keystrokes is posted by - Patel

Hope you have enjoyed, Linux - How to break a network with only three keystrokesThanks for your time

Tech Bluff