http://www.freenewmexican.com/news/32642.html By Wendy Brown The New Mexican September 18, 2005 The Bull Ring restaurant in downtown Santa Fe has an outside patio that is perfect for having lunch -- and it might be an equally fine place for some leisurely hacking into wireless computer networks. Eric Padilla and Chris Ernst of AirNet Security of Santa Fe used a laptop computer Thursday to demonstrate how easy it would be to break into many wireless computer networks in downtown Santa Fe. Standing outside The Bull Ring, Padilla and Ernst did a quick search for networks and found six in the area. At least half of them were businesses, and without naming any names, some were definitely the type of enterprises that would have sensitive information about their clients. None of the networks was totally open, but all but one of them used WEP, or Wired Equivalency Privacy, as a security measure. Ernst and Padilla said using WEP is like having a paper door on your home -- someone could blast through it with little time and effort. Ernst and Padilla used a regular Microsoft program for a wireless laptop computer to determine the security on the networks. They didn't do any hacking. Ernst said free WEP-cracking programs are available on the Internet that also include step-by-step instructions on how to use them. Most people could get through WEP security in 10 to 20 minutes, he said. One network used TKIP, which stands for Temporal Key Integrity Protocol. TKIP is the next generation of WEP security, Padilla said, but tools are also available to break into that security measure as well. The only security measure that isn't breakable yet is Advanced Encryption Standard, or AES, Padilla said, but even systems using AES are vulnerable at the point where people log on to the system. "Nowadays, really no network is safe," Ernst said. Padilla and Ernst said one reason hacking has become so easy is because many hacking tools are free and available on the Internet. The Remote Exploit Web site is one that makes many of them available, Ernst said. For example, anyone can download the Auditor Security Collection from that site and put it on a compact disc, he said. The collection is a kind of "greatest hits" of wired- and wireless-hacking programs, Ernst said, and it also contains easy-to-use directions for the programs. Hackers usually use wireless-hacking programs to gain access to a network and then attack the wired portion, he said. The top of the Remote Exploit Web site says: "We are just a group of people that like to experiment with computers. We hope that we can provide some information back to the public and support the ongoing process of learning." Max Moser, who founded the Remote Exploit Web site in 2001, said in an e-mail that he doesn't support hackers at all, but thinks of the site as a place to keep security-minded people up to date on what hackers are capable of doing. He said he lives in Switzerland. Moser said he believes the security on wireless networks is always as good as its encryption, but many computer configurations are weak and contain security holes. Attacks "can overcome most protections with ease," he said. Padilla said the Remote Exploit site is good for security people like himself, but the downside is that it can help hackers find new ways to break into networks. And most hackers don't need any encouragement, Padilla and Ernst said. "Hackers have nothing better to do," Ernst said. "Instead of hanging out at the bar, they're hanging out at their buddy's house creating a new hacking tool at 3 o'clock in the morning." The hacking community constantly has the security community on the defense, Ernst said. Not everyone, however, agrees that wireless networks are that easy to penetrate. Al Catanach, owner of Computer Network Service Professionals, a company that provides wireless-Internet service in Santa Fe, said his system is secure because it uses AES and Data Encryption Standard and a radio system that is hardwired to a customer's computer. The radio authenticates to the CNSP network without requiring the user to provide a user name and password, so the wireless portion is seamless, Catanach said. Catanach said he was a computer-security manager for the Army National Guard for three years and is familiar with ways to keep networks secure. That said, even he admits that if a hacker really wants to get in, it's possible to find a way. "You're never going to have a fool-proof system," Catanach said. Thankfully, most hackers are kids who are more interested in seeing if they can crack a network than stealing anything or doing any damage, he said. Josh Dennis, who is in charge of security at Grappa Wireless of Santa Fe, said his network uses three layers of security -- DES, a user name and password that the radio authenticates automatically (without the customer having to type anything into the computer) and a color-code number. Dennis said the government has phased out DES for secret documents because extremely powerful computers can penetrate it, but the average hacker with a laptop would never be able to get through. And Gabriel Garcia, a member of Best Buy's "Geek Squad" of computer-security technicians, said he believes 64-bit WEP is secure. "It's extremely difficult to get into if it's set up correctly," he said. Another sign that wireless-security awareness is up is that the WorldWide WarDrive has come to an end, according to the organization's Web site. The drive started in 2002 and encouraged people all over the world to test the security measures of wireless systems, frequently showing that people weren't even using basic security measures like WEP. "By ending the project we aren't implying that WLANs (wireless local-area networks) are now secure," a person who signed in as "Roamer" said on the WarDrive site. "In fact they are far from it, but organized efforts to raise further awareness are no longer necessary. The message is getting out in a number of ways, and we have done our part." Even though security awareness is up, it also appears so is wireless hacking -- even if it's now more difficult. According to the Computer Security Institute/FBI 2005 Computer Security Survey, 55 percent of businesses surveyed reported that someone had used the company's computer network without authorization in the last year. Of those, about 18 percent reported abuse of a wireless network, up from zero percent in 2003 and every preceding year. Abuse of a wireless network cost 639 surveyed businesses more than $500,000, and the cost for all unauthorized access was more than $31 million, according to the survey. Ernst and Padilla said they recommend that people, and particularly businesses, get the strongest security measures available and then install a monitoring system so they know if someone hacks into the system and can figure out how to stop it from happening again. Systems for households start at $99 for a year's worth of monitoring, and business systems cost about $500 to start and $350 a month to run, Ernst said. "It's a small price to pay," he said. _________________________________________ Attend ToorCon Sept 16-18th, 2005 Convention Center San Diego, California www.toorcon.org
This archive was generated by hypermail 2.1.3 : Sun Sep 18 2005 - 23:25:49 PDT