Security+ Topic - Wifi

Oh our love of wifi. We have all seen the funny access point names and usually it is nice to see them instead of the generic “Linksys”. Wifi has come a long way in its short history from being totally insecure to a relative state of being secure we have today. What is really crazy to me is that there are still people utilizing WEP. It makes me wonder why the manufacturers are even including WEP into their equipment when it has been cracked for a long time now.


Due to the way that WEP encrypts its data there is a weakness in the algorithm. Thankfully there has been evolutions in the way wifi is encrypted and we now have WPA and WPA2. Here is the deal though. Your data is only kind of secure. Wireless is transmitted to places you probably didn't think of someone can pick up the signal when you really didn't want them to. Do you have a shared bathroom for your workplace with another company? Someone could be sitting in the stall capturing traffic on their lunch break. Sound like it would never happen right? Wifi can go further than you may think and if someone has the time to spend sniffing your network then you could be compromised.


Another aspect to this is the rogue access point. If your company allows personal devices in the workplace they may still want to get on the internet with that device. Thing is your company doesn't allow them to connect it. Next thing you know they have brought an access point from home and connected it to your network without you knowing. In a worst case situation they even left it unsecure and now you have all sorts of people accessing your network and using your internet connection for crazy things.


On the lesser side of the scale is bluetooth. Its great for connecting small devices to your phone or laptop but is still an area of concern for security professionals. Blue jacking and bluesnarfing are the main things that come to the front when addressing bluetooth issues. Ever got some strange spam message on your phone and your not sure where it came from? That would be blue jacking. The name is a little missleading as they are not actually taking over your phone. Bluesnarfing is where they actually are able to gain access to your phone and check out your contacts, files, etc.


I was once on a forum where someone wrote their company was 99% wireless. This made me really nervous for their company. There is a common misconception that your network is secure with WPA2 and that no matter what, no one will see your data. Well I am sure that is what they said for WEP too. Here is the deal. Wifi traffic can be captured and saved forever and then decrypted later. Lets say a competitor has been logging your wifi traffic for the last 6 months. They havn't been able to see what is on it but they still have it. Tomorrow there is a crack released for WPA2 allowing an attacker to see your network key, network traffic, etc with the click of a button. Not only is the attacker able to see the traffic moving forward but they would be able to use the crack against the logged network traffic. They now have all your company secrets for the last 6 months.

-- Joe McShinsky