Modernizing Authentication — What It Takes to Transform Secure Access
The three authors of the book Wi-Foo: The Secrets of Wireless Hacking write about the threats to the growing wireless community. In the book, they look at how hackers attack and what technologies and strategies are available to beat them.
Andrew Vladimirov co-authored the book along with Konstantin Gavrilenko and Andrei Mikhailovsky. All three work at Arhont Ltd., a security consultancy in the United Kingdom. Vladimirov, in an exclusive interview with eSecurityPlanet, talks about what is lacking in most wireless networks, how secure those networks are today, and what IT and security administrators should be doing to improve security.
Vladimirov also talks about who makes up the target audience for this self-described ''definitive guide to penetrating and defending wireless networks''.
We wrote it for anyone interested in wireless security. The largest part of our audience will be system administrators and network security management. When we started to write, the underground new far more than the average security administrator.
Q: On the back cover of your book, it says, ''If you're a hacker or
security auditor, this book will get you in. If you're a
netadmin, sysadmin, consultant or home user, it'll keep everyone else
out.'' Who is this book really aimed at helping?
It's more like martial arts books, in a sense. Of course, an attacker could buy the book and use the instructions in it. The attackers know this stuff anyway. They fight every day. They think martial artists know nothing. They say they grew up on the streets and they know how to fight. System administrators and managers would look at this and say, 'I didn't know these things'... We are marketing to the hacker, in a sense. There's also a large amount of war drivers who go around looking for wide open networks. They will always find them. When they read the book, our hope is they will understand a few things. That the defense could be just as interesting as the attack. Despite everything said, if a security administrator knows more than they do, they could be caught and suffer consequences... Another message is that this is not cool. They can see that there are people who know far more than they do.
Q: Are IT and security administrators quickly learning how to secure
their wireless networks?
Slowly. Too slowly. We've been war driving for years. When we started doing it around 2000 or 2001, 20 to 30 percent of networks had some protection. Now I think this number has gone up by about 10 percent. Now we see about 40 percent of networks having default protection, which doesn't require anything other than configuring the measures provided with the technology itself. It's not a huge progress, to be honest.
Q: How many companies have good layered security for their wireless
Very low... I would say it's probably about 5 percent. It's very dangerous because now all the information is on the surface and it's quite easy to obtain the data in wireless networks.
Q: You say in your book that wireless networks are wide open, how
open are they?
We have 30 percent who use some form of protection. Out of them, if an attacker takes an hour or just two hours of his or her time, two-thirds can be cracked. The rest of the networks -- those 60 to 70 percent -- are wide open. Only about 10 percent could stop most attackers.
Q: What is the one biggest thing that most IT and security
administrators don't understand about wireless security?
In my opinion, it's the first layer. People don't understand radio frequency. They can hardly imagine how far the network can spread. How far and where that attacker can position himself or herself. There are some so-called security consultants... who go around the site where the network is deployed without an external antennae or amplifier and they say your network doesn't spread very far.
Q: What is going wrong? Why don't administrators understand wireless
There is a common flaw. It's a mindset flaw. They say, ''We don't have any valuable data flashing through our network.'' Orr data is boring. Why would someone want to hack into it? This is a wrong perception. One of the first reasons people would want to do that is to hide their tracks... They could be sending spam or downloading pirated software or pornography or attacking a bank or a government network, and if an attacker is within 10 or 15 miles of your wireless network with an antennae, they can use your network to do that.