What Hackers Know - Tip #1 - Don't Install APs with Default Configurations!

Created by Irvin Kovar (Bell Canada) on July 8, 2009

Hi All

I just wanted to remind everyone that WLAN security is specialized area and that even I remain in the learning curve on most days when it comes to the number of ways a WLAN can be compromised. The good news is that there are enterprise-based tools (along with a good set of best practices) that can mitigate most attacks and lock down your WLAN. As an example, lets look at access points.

Access points can be insecure if not pre-staged with proper policies in place, due to improper configurations and design flaws. Access points ship directly from the manufacturer with default configurations that are quite often commonly known to integrators (for their simplicity) and hence insecure. They are pre-configured with a default password, sometimes available on a support site on in the user documentation that ships with the AP; they broadcast service set identifiers (SSIDs); and they often require no encryption or authentication, again to make it easy access for the configuration for the integration team. The problem is that this is easy access for everyone else as well!! If accidentally deployed with default settings, these "default" APs become gateways that hackers use to access both the wireless and the wired network!From there, it can get worse.

From there, it can get worse. According to Motorola's "Air Defense" team, a world-class WLAN security solution that defends against the most WLAN attacks on record, "intruders can convert laptops into “soft” access points (APs) by either using a variety of software programs, such as HostAP, Hotspotter, or Airsnark, or, by simply using a USB wireless adapter. Using soft APs, a hacker can cause a legitimate user to connect to the hacker’s own laptop, compromising that user’s machine".

So be careful with those default APs!!

Cheers Irvin

Irvin's blog
Login or register to post comments
113 reads

		What Hackers Know - Tip #1 - Don't Install APs with Default Configurations! Created by Irvin Kovar (Bell Canada) on July 8, 2009 Hi All I just wanted to remind everyone that WLAN security is specialized area and that even I remain in the learning curve on most days when it comes to the number of ways a WLAN can be compromised. The good news is that there are enterprise-based tools (along with a good set of best practices) that can mitigate most attacks and lock down your WLAN. As an example, lets look at access points. Access points can be insecure if not pre-staged with proper policies in place, due to improper configurations and design flaws. Access points ship directly from the manufacturer with default configurations that are quite often commonly known to integrators (for their simplicity) and hence insecure. They are pre-configured with a default password, sometimes available on a support site on in the user documentation that ships with the AP; they broadcast service set identifiers (SSIDs); and they often require no encryption or authentication, again to make it easy access for the configuration for the integration team. The problem is that this is easy access for everyone else as well!! If accidentally deployed with default settings, these "default" APs become gateways that hackers use to access both the wireless and the wired network!From there, it can get worse. From there, it can get worse. According to Motorola's "Air Defense" team, a world-class WLAN security solution that defends against the most WLAN attacks on record, "intruders can convert laptops into “soft” access points (APs) by either using a variety of software programs, such as HostAP, Hotspotter, or Airsnark, or, by simply using a USB wireless adapter. Using soft APs, a hacker can cause a legitimate user to connect to the hacker’s own laptop, compromising that user’s machine". So be careful with those default APs!! Cheers Irvin Air Defense \| Bell Canada \| enterprise software \| hackers \| mobility \| Security \| WLAN Irvin's blog Login or register to post comments 113 reads
		© Copyright 1999-2009 EDUCAUSE Need Help? \| Feedback \| Privacy Policy
	Unless otherwise noted, EDUCAUSE holds the copyright on all materials published by the association, whether in print or electronic form. In certain cases the work remains the intellectual property of the individual author(s) (see Special Circumstances). Content from conference speeches, presentations, blogs, wikis and feeds reflect the opinions of the author, and not necessarily those of EDUCAUSE or its members.