InfoSec Philippines

Information Security, Technology News and Opinions

Posts Tagged ‘Local Wi-Fi Posture’

Quick Tips: Securing Your AP

Posted by Daniel Tumalad on November 15, 2009


"El Sibakero", Rollin' Down the Street...

A few years ago, a German hacker visited the Philippines and went wardriving on the streets of Ayala. He observed the lack of security in most of the wireless networks he discovered, prompting people to address the situation.

Today, many are still ignoring the importance of protecting their wireless networks. There are plenty of APs in condominiums, corporate buildings and commercial establishments that still use insecure WEP or don’t use any form of encryption at all. [results=car+laptop+airodump, office->home]

With a lot of information and software pertaining to hacking wireless networks freely available on the Internet, almost anyone can obtain illegal access to insecure wireless networks.

Protect your AP:

1. Enable Encryption
With both WEP and WPA-TKIP having security flaws, your best bet is WPA2-CCMP. Make sure you choose a difficult-to-guess passphrase (alpha-numeric+special characters) and “try hard” to change your key every 3 months.

2. Configure AP Administration
Change the default AP admin password, disable remote administration and restrict AP management to local encrypted access (SSL) only. If you are feeling the need to overkill then also disable the wireless LAN access, make the administration console accessible only through the wire.

3. Security through Obscurity
Replace the default SSID and disable SSID broadcast.

4. White-list the MAC-Addresses of your Users
If all else fails, this can possibly make it hard for attackers to join the wireless network.

Internal Links:
Wireless Hacking
Using Nmap to Detect Rogue APs
Password Tips


Posted in El Sibakero, Wireless | Tagged: , | 2 Comments »