Wireless Access Point Security Risks - Tech Learning

Wireless Access Point Security Risks

Question: Are district employees putting themselves at risk when they use open wireless access points or hotel broadband Internet connections with a laptop computer, as when attending a conference or away from school for another reason? The IT Guy says: Absolutely. Yes. Without question. This is a huge problem
Author:
Publish date:
Social count:
0

Question: Are district employees putting themselves at risk when they use open wireless access points or hotel broadband Internet connections with a laptop computer, as when attending a conference or away from school for another reason?

The IT Guy says:
Absolutely. Yes. Without question. This is a huge problem and most people seem to be oblivious to it.

In coffee shops, airports, hotels, other public places or even your own home, unscrupulous hackers can use free software tools to steal passwords and other confidential information quite easily if computer users have not taken steps to protect themselves. And today, most people haven't taken those steps. Even worse, these hacking tools are now graphically based and so require little if any technical background or knowledge to use. It is very scary to not only see, but realize how many people put themselves at risk regularly for identity theft and other problems when someone else obtains their user-ID and password information.

The best defense against identity theft through a wireless access point or even a hotel broadband computer connection is a good offense in the form of a VPN connection. Schools should provide employees with VPN access to the school network, so they can connect in hotels and at open wireless access points through this secure "VPN tunnel." Otherwise, anyone could be watching all the messages and Internet traffic the person is sending and receiving. This includes Email usernames and passwords that are sent as clear text.

People with wireless home computer networks should not stop with the recommendations I have made previously of just changing the network ID (SSID), hiding it so others cannot browse to it, and changing the default password for router administration. What once was considered a safe technique — enabling "MAC address filtering" (a positive security measure that requires the network administrator / homeowner to add the numeric identification number of each wireless device's network card into the router) — is now actually a poor defense, since the TCP packet sent by an authorized computer contains that exact MAC address in its initial character sequence. This means a MAC address can be easily spoofed.

WEP wireless security can also be defeated relatively easily by a hacker who wants to break into your home network, but a secure WPA password can be theoretically impossible to break. The producers of the Security Now podcast offer a free web-based tool for creating theoretically unhackable WPA passwords — access it at Perfect Passwords. Users can refresh the page to obtain different, random 64 or 63 character password strings.
For more on these topics, read the “Wireless Security Recommendations for Rutgers,” and listen to the excellent recent episodes about wireless security, WEP, WPA and VPN on the “Security Now” podcast. Finally, when you are away from home, always connect to VPN before using your Email, posting to your blog, or doing anything else with a program that requires a username and password! If you don't have access to a VPN account, consider paying for and using a service like “HotSpotVPN.”

Next Tip: ePrinting Solutions

Featured

Related

New wall-mountable wireless access point

Aruba Networks, Inc. today announced the availability of the AP-93H, an indoor 802.11n access point (AP) that provides secure wired and wireless network connectivity in school and university dormitories, hotels, hospitals, classrooms and other multtenant environments.

Wireless Networks and Health Risks

Question: Do wireless networks in schools pose health risks for students and teachers? The IT Guy says: A recent court case in Illinois (http://www.op97.k12.il.us/lawsuit.html) has caught headlines and raised fears about wireless networks posing health risks. I have wondered myself about all the invisible signals

Limiting access to home wireless networks

Question: What method or methods do you recommend for limiting the access other people (like neighbors) can have to my home wireless network? The IT Guy says: The first important step is to change the default name of your wireless network to something people would not easily guess, and then turn off the

Secure Your Wireless Network

Imagine a completely wireless school, an open network in which all students and staff can roam around using laptops or handheld computers to browse the Internet, access files and applications on the school server, and communicate with each other and the world via e-mail. It's a great picture — and at some

Bulletproof Remote Access

Making school or district database and network resources available to IT employees, administrators, and teachers from remote locations can greatly improve productivity, but at what cost? Despite the vast improvements in

Wireless Issues

Listen to the podcast Question: Can you use a wireless router for a HUB? The IT Guy says: Yes, if the router is designed for that function. A hub is a device that lets more than one computer and/or peripheral connect on the same network. Virtually all wireless routers let multiple computers connect to

Image placeholder title

BYOD and Security

Last month we wrote about the evolution of one-to-one computing and how districts are allowing students to “bring your own device” (BYOD) to school.