Legality & security of wireless networks

Having just obtained a wireless laptop for use in my home, as well as a
wireless router, I have found that there are about half a dozen
wireless networks around the area to which I can connect. I've heard
it's illegal to use other people's networks, but firstly how can they
find out if I'm using them, and secondly what's to stop other people
using mine? Also, what sort of data is available to the owner of the
network on which other people are piggybacking - can they see the web
pages viewed, emails sent/received, etc?

Thanks
TC

On 4 Mar 2006 , "(E-Mail Removed)" wrote:

> firstly how can they find out if I'm using them,

assuming you connect to a nearby unit, and it allocates an IP
address from a built-in DHCP server, then the status page on
that equipment may show a new connection (yours) with the
IP address and MAC (interface id)

>and secondly what's to stop other people using mine?

Nothing, unless you take steps to prevent it, using encryption
and possibly restricting access to known MACs (from your kit)


>Also, what sort of data is available to the owner of the
>network on which other people are piggybacking - can
>they see the web pages viewed, emails sent/received, etc?

potentially everything you transmit and receive via someone's
network could be logged, using either (a) a PC sniffing all the
traffic and logging it, or (b) a PC acting as a router, with two
ethernet interfaces, one for the internet side, the other for a
wireless/LAN connection, again logging all packets, or if
not all, selecting packets of unknown connections.

In the past, I've read of security firms setting up a wireless
unit, with a directional aerial, as a 'honey trap' to give any
'hackers' (even drive-by users) a set of PCs with various
unimportant documents, to log what is done/learned by
those 'hackers'. In some caes, no internet link was set
up, so only wireless users would be watched, in other
cases, an internet connection was available, so the
security firm could see more of what the hacker did
via that link.

poster wrote:
> On 4 Mar 2006 , "(E-Mail Removed)" wrote:
>
>> firstly how can they find out if I'm using them,
>
> assuming you connect to a nearby unit, and it allocates an IP
> address from a built-in DHCP server, then the status page on
> that equipment may show a new connection (yours) with the
> IP address and MAC (interface id)

Unless you spoof their MAC address and use it when they're not.
>
>> and secondly what's to stop other people using mine?
>
> Nothing, unless you take steps to prevent it, using encryption
> and possibly restricting access to known MACs (from your kit)

WEP is now broken, but will keep out casual/accidental intruders. Use
WPA if you want to keep out serious hackers. Restricting by MAC address
won't deter in the slightest someone who seriously wants in.
>
>
>> Also, what sort of data is available to the owner of the
>> network on which other people are piggybacking - can
>> they see the web pages viewed, emails sent/received, etc?
>
> potentially everything you transmit and receive via someone's
> network could be logged, using either (a) a PC sniffing all the

Worse perhaps, someone could download illegal material and you get to
carry the can if it's discovered. Try proving it wasn't you.....

There are several wireless networks around here with the default SSID
and no encryption. The temptation is almost overwhelming :-)

--
Please use the corrected version of the address below for replies.
Replies to the header address will be junked, as will mail from
various domains listed at www.scottsonline.org.uk
Mike Scott Harlow Essex England.(unet -a-t- scottsonline.org.uk)

On Sat, 4 Mar 2006, poster wrote:

> On 4 Mar 2006 , "(E-Mail Removed)" wrote:
>
> >and secondly what's to stop other people using mine?
>
> Nothing, unless you take steps to prevent it, using encryption

Don't confuse encryption with authentication. Encryption is good for
preventing your confidential traffic from being monitored - and
incidentally it also prevents any authentication information from
being overheard, although there are ways of doing secure
authentication over an unencrypted channel. In theory you could have
an encrypted channel which needed no authentication (I wouldn't advise
it, of course).

(In the dept we have an unencrypted network - done that way for
simplicity - and anyone in range can connect to it; but it'll get you
precisely nowhere until you've authenticated to the software on the
associated NAT router.)

> and possibly restricting access to known MACs (from your kit)

Be aware that restriction by MAC address, although possibly a useful
extra twiddle against casual intruders, is useless against a
determined attacker. Don't let it give you a false sense of security.

FWIW, I'm currently using WPA-PSK with TKIP. Works fine with a
cheapie PCMCIA card (DABSvalue/Edimax 11g, rt2500-based, originally
cost around £15, it's even cheaper now) and the Win32 driver
downloaded from ralinktech for it.

I don't *suppose* that using WEP would be a risk - how many determined
hackers are there likely to be within wireless range of a typical
house? - but as WPA-PSK is known to be better, and it works for me, I
thought I may as well use it.

regards

Thanks for the comments, although a lot of this goes way over my head.
In very basic terms, what software/hardware do I need to stop other
people being able to use my connection and/or monitor my web usage etc?

Thanks
TC

TC wrote:

> Thanks for the comments, although a lot of this goes way over my head.
> In very basic terms, what software/hardware do I need to stop other
> people being able to use my connection and/or monitor my web usage etc?

Configure your wireless router to use WEP or WPA encryption. Remember the
key. You will need it when you try to connect to your router from your
laptop. Also, it might be wise to keep a cat5 patch cable handy in case you
screw up!

--
<http://ale.cx/> (AIM:troffasky) ((E-Mail Removed))
23:33:00 up 38 days, 3:52, 4 users, load average: 1.20, 1.58, 1.59
This is my BOOOOOOOOOOOOOOOOOOOOOMSTICK

alexd <(E-Mail Removed)> wrote:
> TC wrote:
>
>> Thanks for the comments, although a lot of this goes way over my head.
>> In very basic terms, what software/hardware do I need to stop other
>> people being able to use my connection and/or monitor my web usage etc?
>
> Configure your wireless router to use WEP or WPA encryption. Remember the
> key. You will need it when you try to connect to your router from your
> laptop. Also, it might be wise to keep a cat5 patch cable handy in case you
> screw up!

WEP is almost trivially crackable, for anyone willing to do the
googling.

WPA is not - if you choose a reasonably long password.
Say two unrelated words, and three numbers.

In message <440ac020$0$6992$(E-Mail Removed)>, Ian
Stirling <(E-Mail Removed)> writes
>alexd <(E-Mail Removed)> wrote:
>WEP is almost trivially crackable, for anyone willing to do the
>googling.
It's only included for compatibility with older kit IMHO.
>
>WPA is not - if you choose a reasonably long password.
>Say two unrelated words, and three numbers.
Use a password with the maximum characters, use random letters, numbers,
case and punctuation, carry it on a small flash pen or floppy to the
machines you need to connect. Google WPA password generator.



--
Clint Sharp

I went through the Atheros instructions for setting the WPA passphrase,
but in my list of available wireless networks mine is still showing up
as "unsecured". I tried rebooting (both laptop & router - well, I
turned the latter on & off again) but no change. What to do?

Thanks
TC

TC wrote:
> I went through the Atheros instructions for setting the WPA passphrase,
> but in my list of available wireless networks mine is still showing up
> as "unsecured". I tried rebooting (both laptop & router - well, I
> turned the latter on & off again) but no change. What to do?

Contact Atheros support.