WiFi Security in Home and Office

by Downunder35m in Circuits > Wireless

21208 Views, 416 Favorites, 0 Comments

WiFi Security in Home and Office

WiFI safety.jpg

Update 13/04/2015: Added Author's quick pick's
Update 12/04/2015: Added a step for additional security tests.
Update 05/04/2015: Added extra step with information and links about backdoors and other security risks in WiFi routers.


Update 04/04/2015: Fixed a bad typo regarding the WPA2 encryption - thanks to jpnomad for pointing this out!

Intro:

We all love our wireless devices and the constant internet access 24/7.
But what about hacking WiFi networks???
These days everyone with a smartphone, tablet or netbook can use software to spy on your network in an attempt to gain access.
I am not going into these details and available options as I simply think there is no legal reason for anyone to do it - other than actually checking your own network for security risks.
As I can't tell if someone reading this would use it for illegal purposes I won't write too much about it - sorry folks.
With so many different routers and network configurations out there I can only give genral advise on what to change but no detailed instructions for your particular router.

So is your WiFi system safe?
If you want to find out read on...

Please not the Author's quick picks are located at the end.

Basic Considerations for Added Security

You might have an older router that still serves you well - but is it safe or easy to hack?

There are websites that list default passwords for almost any router there.
Others list possible exploids to attack a router.
Doing some research on this side can help but due to the numbers of devices I can not provide a list with unsecure routers at this point.

You can avoid most troubles by keeping your firmware up to date.
Also using WPA2 instead of WPA or WEP brings higher security.
A WPA password for example can be hacked in minutes by an attacker, while a brute force attck on WPA2 can take years (a strong password).
Too many people don't bother about security or even notice if someone is using their internet.
Some bad guys even try to get around your firewall to spy on your computer files or try to activate your webcam (that is one reason why most have a light).

Check the next part for some general safety settings to improove your network.

How to Make You Router a Bit Safer

If you have not already done it change the Admin password for your router!
Using a strong password containing letters and number as well as one or two special charaters like ! $ ß is a good thing.
Having one that is longer than 8 characters will make sure brute force attacks will fail in most cases.

The same is true for your WiFi password.
As you rarely need it it makes sense to insist on the same features as above.
If you have problems remembering passwords try a simple trick:
Use a short sentence that you can remember with no problem, take the following example as a guide but don't avtually use the same password for your needs.
Example sentence: The grass is green
To make a password we can remember but that is too strong for brute force hacking we mix it up with some additions.
The1grass2is3green4!
This results in 20 characters for a "simple" password.
Of course you can mix it even more like:
The1Grass3Is3Green4!

As I said WPA2 is the way to go for your network safety, so don't use older protocols.
Next step is limiting access in general.
Most modern routers have button and function called "WPS" - this allows you to connect a new device to your network with the push of a button.
Sadly this feature can be misused by a hacker to spoof your router in sending out the WPS signal.
In return he can filter out the required information to expose your router to an attack.
In your router settings you can disable the WPS feature if it is available - I strongly recommend to do so.
We all love having it easy but by limiting the available IP addresses and assigning the manually to your devices you make it much harder to find a way into your network.
In your router settings you can set the IP range of your network.
For a big office you might need 60 addresses, but at home a handful should do - one for each device with internet access.
To avoid conflicts when switching a device on you have to assign the IP address on your device manually.
I will give you an example:

You router is set to supply the IP range from 192.168.1.45 up to 192.168.1.55
As you can see I did not start with 192.168.1.2 to avoid the most basic form of attack.
192.168.1.1 is your router, although some use a different address.
Now on your laptop you check the network settings.
Go into the settings to check/change your IP prototcol.
In there you change from an "automatically assigned" IP address to one in the range of your router:
192.168.1.45
Do the same with the other devices but without using the same IP address twice.

Hiding your router and network.
Some devices allow you connect to so called "hidden networks" if this is true for your devices you can activate this feature in your router settings after manually assigning everything on your mobile devices.
If an attacker now looks for networks he must do a bit more work for find and identify you.
Also the attack itself is a bit harder in most cases.

Using a firewall.
All good router offer a built in firewall - use it and activate it.
The settings differ from router to router by even the defaults are a really good start.
It will prevent an attacker to just continue his work or in some cases completely prevent it.
Also spamming websites or those trying to attack you will have a hard time if the firewall is active.
On your computer or mobile device you should use a firewall as well, at least if you have data that you value or if you do online banking (including Paypal).

Signs That Someone Hacked Your Router

In most cases an attacker hopes for an unlimited contract for his victim as this won't show any data usage or the owner won't care to check it.
A good way to keep track of your usage is to use data counting software.
You get little gadgets for Windows that count your in and outgoing traffic and same for mobile devices.
If your ISP provides a bill with listed usage data you have a nice indicator.
A bit difference in what your counters say to what your ISP writes on the bill is acceptable but if your normal usage is around 4GB a month and all of a sudden you see 20 or more GB usage on your bill you can be certain you got hacked.
Not so much though if you have kids or partners downloading without letting you know ;)
Many hackers today are only interested in using your internet connection for free but won't really try to steal your private files.
But this is hard enough as illegal downloads will be linked to your account if they happen.
Same for attack on other networks or websites.
In return this means you can get into real trouble without ever doing anything wrong - and proving your innocence can be tricky these days.
If you download a lot with fast speeds another indicator of a hack could be that your speeds suffer.
There are lot of other reasons for this to happen but if ruled out the one bit that is left would be a hack.

If you have a nice hacker he will simply check your router settings and use your internet connection for free.
But if he is naughty he will change your password, affectively locking you out of changing anything.
He can even block all but his own IP address so you can't even use the internet.
Providers don't want to hear about it and usually let you sffer for days if not weeks before accepting the facts!
The above advise is far from perfect but as each router and network is different I can only give general advise here.
Last but not least:
If you have really sensitive files you should consider an external backup on USB sticks or SD cards.
For added security use encryption software on the files on hard drive containing your valuable data.
An attacker might mess up everything on your system but at least he won't be able to steal your identity.

Backdoors and Firmware Hacks - the Stuff Noone Wants You to Know

We all like to think that a properly configured router and network would be safe.
We also like to think that firmware updates for our routers are intended to fix problems, especially security related ones.

If you dig a bit in the internet you will find not only all the tools a potential hacker might need (often as ready to go disk images that can boot from a USB stick) but also all the information about your routers vulnarabilities.

Eloi Vanderbeken revealed in 2013 that many routers equipped with Sercomm technology (a Taiwan manufacturer) is designed to be remotrly accassible - without any chance the user would notice it.
I am not linking the articles here or list all the details, just do a Google search for "Eloi Vanderbeken router backdoors" to get started.
The NSA also got into the firing lines after leaked documents revealed the extent of their surveillance operations.
In these documents it is claimed that the NSA compromised the hardware and firmware of CISCO router and network hardware to be able to listen to them remotely and in real time.
Again, do your own research using "NSA CISCO Greenwald" as search terms in Google and you will find plenty of links revealing it all to you.
Some hackers now even revealed information that basically all routers using a certain chip on their circuit boards can be remotely activated to provide ROOT ACCESS to the router.
This means an attacker or spy can simply spoof a legit request to your router and by injecting some nasty code into the request he gains full access.
Although there people claiming that would not be a real poblem, the fact remains that the attacker can get a full dump of your firmware, all settings and the stored passwords - quite easy to recover from the dump for the real attack on the hardware.

Another concern is that a lot of routers actually have hidden accounts.
So, not only is there the usual Admin account and maybe a restricted User account you created, but in many cases also one or two accounts you will never be able to see.
If you visit sites like Routerpasswords.com you can simply check for your manufacturer and try if the listed passwords give you access to your router.
As you can see there a lot is based on the default Admin account - this is why you should change it !
But there are often accounts that you can't see or change, unless you create a new user with the same name and give it a new password.


Sadly the story does not end here.
Another possible way of entry is the use of so called Hash passwords.
Every password you use is stored encrypted, usually as a hash code or checksum of the password.
For some weird reason almost any router out there can be accessed using the right hash code instead of the real password - considering the hash for a nice long password can be much shorter....

What can I do to protect me if I found out my router can be hacked with ease?
In most cases you don't really have to worry!
And if your router was supplied by your ISP you can inform him about the security problems you found for your model and ask for a more secure replacement.
For cheap routers or no name products I recommend upgrading to a more trustworthy model, especially if you never saw any updates for your router.
Again: In most cases the worst that can happen is that a hacker will lock you out of your router by changing the passwords, so he has control and can use your internet for free.
If you can no longer access your router with your password, check the manual for the reset procedure - some routers offer a factory reset that also deletes all passwords back to their defaults.
For your personal data it is best to activate the firewall in your router (won't help once hacked) and the firewall for your OS.
Close all ports you don't use - an open port is always a good target.

For Android and IOS you can the program "Fing" - a nice tool that lists all devices connected to your network.
With it you can see if there is someone else logged in that you don't know.
(assuming you know what and who you allowed access to your network).
Not only is your computer or tablet listed if it is currently using the network but also printers and network storage.
For Android you can also use the app "Network Scanner" by Easy Mobile, which allows you to assign nicknames to known clients of your network, making spotting an intruder much easier.

More Ways to Do Tests on Your Network

Shields up! is a great website to test your router for open ports and possible ways of attack.

Steve Gibson, the creator, has create a unique too to test your network without performing any attacks on it.

When you click on the above link you will get here, where you can read some more informations and use the "Proceed" button.
Please note that I removed my IP address from the screen shots, you will see your IP listed when you do the tests.


On the next page, after clicking on proceed it get's interesting:


Click the orange "GRC's Instant UPnP Exposure Test" first.
Once done you should see the results in green, like in this pic:


If you get a warning that the scan resulted in vulnerabilities you should check your router settings and correct them accordingly.

Now you can go back to Shields up! by using the "Services" tab on the top navigation bar.
Again click "Proceed" to get to the test screen we had before.
Click on "Common Ports", located within the blue box to do a scan and the most common ports used.
This test should also come back green:

Common fails happen for example on port 23 when you have an open Telnet port on your router.
A closed port can indicate problems with router's firewall settings and you might experience connection problems with programs using those ports.

You can do the other checks, like for File sharing :

As you can see I can do one better than green here ;)

If you click here: Port 32764 check you can do a test on the dreaded port 32764 directly.
This port came to attention due to possible attacks on a lot of routers out there.
If your router is open here it might be possible to open a backdoor to take control of your router.
Assuming your routers config page can be found under 192.168.1.1 you can test this website for your computer:

HTTP://192.168.1.1:32764

Please replace the IP address with the one of your router if different.
Your browser should return with an error that the page does not exist, can not be reached or similar - if so all is good :)

If any of the performed tests come back with red warnings you should check the corresponding router settings - this can be for example:
Remote access, like Telnet
Firewall and NAT settings
Port fowarding
Other security settings
All tests coming back with good results and you are good to go as a hacker will have a hard time hacking you.
You should still check for firmware updates from time to time and use a firewall on your computer.
If you have set up your router for remote access the corresponding tests will return a warning as it is a possible way to take over your system, just be aware of it.

Author's Quick Pick's

You might wonder why added yet another step but I thought due to the massive response to this Instructable it is worth adding.

Here I will talk and list programs that I find very useful or outstanding to increase the security of your Windows system or network.
None of programs are promoted or advertised by me, I use them for years and think they are a good and kost free addition to your safety, feel free to see it as a guide only and to use different products.

For normal users the free editions are the only thing needed, businesses and companies or people with the need for added features might consider the paid versions.

FIREWALL

First entry is the Firewall Controll by Sphinx Software not only available in free versions but also in paid versions with more features.
I use the free version for many years, in fact it was one of the first added pieces of software when I started with Win7.
As the free version offers more than enough for the normal user it should be all you need.

Why am I pointing out this product?
Most users will now have read the entire Instructable and some might have change a few things to get more security.
But security does not end with your router or modem!
There are "All in one solutions" with firewall, anti virus and more available by any company offering security, like Norton, Kaspersky, Avira to name a few.
Downside is that most of us have no clue what they need and fork out quite some money to feel safe.
In most cases this is not necessary and I will show you how to get proper protection for your Windows system for free.

What does the Firewall control do?
Windows has a really good firewall included but for most users it is neither usable nor user friendly.
Here jumps the Firwall control in.
All functions are routed through this little gadget and the user can decide if a program or task can get access to the net - at the time of access!
Please check the above link and do some reading for all features and functions.
Here is a video showing the install and detection of traffic:

In the video a pro version is used, but again, we only need the free version.

Antivirus
You guessed it, I also have a favourite free pick to protect your from nasty pieces of software.
In this case it is the free edition from Avira.
There are free versions for other systems including Android available.
Don't be tricked into buying a pro version unless you run a business.
You might also be interested in the free browser protection for Firefox but I don't feel the need for it.
Avira offers a bunch of Help videos including one for the installation of the free version (Mac users are cared for in the other videos as well).

Malicious Software
We now have a good working firewall and protection against viruses, we might still need some more though.
When you surf the net you can do a wrong click and end up with a search bar or in bad cases with an infected computer.
Although some antivirus deals also offer protection against certain forms of spam, phishing and so on I think a dedicated product is good to have.

MalwareBytes stands out for it's ability to find what others might miss.
Again, I am happy with the free version but you might think otherwise and decide buying the pro version is money well spent.
For me the combination of the above is more than enough protection as I know my way around the web.
When checking other computers, even those with different security packs installed Avira and Malwarebytes always found more suspicious programs.
Malwarebytes can not only help to prevent an infection but also to remove a lot of infections from your system.
In some cases it might not be possible to remove a very nasty bugger but you can use the information provided to do a Google search on the particular malware and how to remove it safely - I only needed this twice in over 5 years in all other cases the program either deleted the threat or provided detailed info on how to get rid of it.
You might be surprised to see how many tracking cookies you collect over the time ;)