Is your network’s security up to scratch?
I was just looking through the network security part of an IT Textbook that high schools are currently using and noticed the dodgy security information it was giving. The textbook recommends using WEP encryption to âsecure the networkâ , hiding the networkâs name (SSID) and filtering MAC addresses; and goes on to explain why you should use these multiple methods of âsecurityâ together.
The textbook writers are clueless, and the information is out of date, even though it was printed only last year.
For my guide âHow to recover WEP keys using Backtrack Linuxâ the test WEP-secured network took a full 8 minutes to crack and gain access to. Now, if that was a WPA-secured network it would be much more challenging. For a start you canât gather IVs on WPA and you are limited to using a dictionary to try and crack the passwords. If the key isnât in the dictionary â you wonât be getting in. You will also find other challenges if you Google for it.
Hereâs my first update to the textbook: Always use WPA or WPA2, never use WEP, and take advantage of the fact that WPA allows you to have up to 63 characters in the passphrase.
The next point is about how hiding your SSID supposedly improves security. It actually just makes you feel good, giving you a false sense of security, but degrading the networkâs performance in the process. When the Wireless Access Point makes the SSID length zero in the network advertisements, âhidingâ it, it adds extra work for the network to connect, and ultimately the SSIDÂ must be transmitted unencrypted anyway in order for the network to function. Furthermore the active probing from hiding the SSID also leads to worse security, by transmitting more data that is very useful for a hacker. Itâs explained in this pdf from 2003 and itâs still true now.
So: Hiding the SSID does not improve security.
The textbookâs last point is about MAC Addresses. MAC addresses are the addresses of a computerâs networking hardware or a Wireless Access Pointâs (or routerâs) address, and it is possible to restrict which addresses can connect to a network in most routers. For example, the kismet program can give you a list of MAC addresses connected to an access point.  In Backtrack Linux, or any Linux for that matter, you can forge a MAC address with two commands, or alternatively type it into a program like spoonwep as you hack it (refer to screenshots in the tutorial), which means that the restrictions are easily bypassed.
An Australian blogger who blogs on The PC Report.