Help!! Feel "lost" as parent of a WIFI college student

Discussion in 'Wireless Internet' started by Ed Paul, Dec 3, 2003.

  1. Ed Paul

    Ed Paul Guest

    Any help or direction will be greatly appreciated! My son, who is away in
    college and lives in his fraternity house, just informed me the frat house
    went wireless in their effort to provide every resident's room with personal
    internet access. Fine. It's been working well, so far...

    All of a sudden, the local newspaper did a Sunday story on "wardrivers" and
    illustrated how easy it is to plug into any PC using wireless internet
    connections. Now my son, as well as many of his house mates, are in fear
    their PC's can be easily compromised and he has asked me what he can do
    about it as an individual, since not all internet users in the house feel as
    "exposed" or otherwise concerned enough to want to do anything at the
    "house" level.

    What can he do with his own PC and internet connection to ensure as much
    privacy as possible and secure his system from anyone "breaking in"? I've
    run searches on PC wireless security, LAN, etc., but, quite frankly, I'm
    lost in all the tech jargon and not sure what's available for the casual PC
    user. Any help will be really appreciated!

    Ed Paul
     
    Ed Paul, Dec 3, 2003
    #1
    1. Advertisements

  2. Ed Paul

    Ian Stirling Guest

    Basically it's due to idiots.
    The various companies supply the routers/... with no passwords set, and
    don't include the fact that you need to setup passwords and encryption
    in 72 point bright orange lettering on the outside of the box, so most
    people don't.

    If WEP/WPA is not enabled, then basically anyone can read anything on your
    network, and in some common circumstances impersonate any PC, and do anything
    it could.
    If WEP is enabled, then it's much harder to crack, but given a few hours or
    days (maybe only minutes in some cases where the network is highly used) the
    encryption can be cracked, and all is as above.

    WPA is the next generation, which is supposed to be secure.
     
    Ian Stirling, Dec 3, 2003
    #2
    1. Advertisements

  3. Ed Paul

    Guest Guest

    Many ways to secure a wireless network.

    1) WAP - check router docs
    2) WEP - check router docs
    3) Filtering - ip address, mac address, etc. - check router docs
    4) Firewall on local computer - many different products, this would
    probably give a high degree of security to the individual computer but
    not the network. Search internet for more info.
    5) Google search
    http://www.google.com/search?q=secure+wireless+network

    I guess your real question is what is the best way to secure a
    wireless network? Turn the wireless network off and use real wire with
    a real firewall (something like iptables) designed to protect a secure
    network. Make sure the firewall has all services turned off and all
    incoming new connection ports closed. That should make it really secure.

    For the real paranoid just disconnect from the internet and lock your
    computer in a safe. ;-)

    Really these college kids should ask someone in the computer lab
    how to do this. That is what all that tuition pays for.

    Later

    Ed> Any help or direction will be greatly appreciated! My son, who is
    Ed> away in college and lives in his fraternity house, just informed
    Ed> me the frat house went wireless in their effort to provide every
    Ed> resident's room with personal internet access. Fine. It's been
    Ed> working well, so far...

    Ed> All of a sudden, the local newspaper did a Sunday story on
    Ed> "wardrivers" and illustrated how easy it is to plug into any PC
    Ed> using wireless internet connections. Now my son, as well as many
    Ed> of his house mates, are in fear their PC's can be easily
    Ed> compromised and he has asked me what he can do about it as an
    Ed> individual, since not all internet users in the house feel as
    Ed> "exposed" or otherwise concerned enough to want to do anything at
    Ed> the "house" level.

    Ed> What can he do with his own PC and internet connection to ensure
    Ed> as much privacy as possible and secure his system from anyone
    Ed> "breaking in"? I've run searches on PC wireless security, LAN,
    Ed> etc., but, quite frankly, I'm lost in all the tech jargon and not
    Ed> sure what's available for the casual PC user. Any help will be
    Ed> really appreciated!

    Ed> Ed Paul
     
    Guest, Dec 3, 2003
    #3
  4. Ed Paul

    Ian Stirling Guest

    Without one of the first two, the third is essentially useless.
    It may stop quite a lot of people, but forging MAC and IP address is trivial.
    If you ever switch a node off, then the attacker can perfectly simulate it.
     
    Ian Stirling, Dec 3, 2003
    #4
  5. Ed Paul

    Guest Guest

    Ian> Without one of the first two, the third is essentially useless.
    Ian> It may stop quite a lot of people, but forging MAC and IP
    Ian> address is trivial. If you ever switch a node off, then the
    Ian> attacker can perfectly simulate it.

    Very true, and concur completely with that last statement.

    Securing a wireless network is an interesting topic. For more
    information check out this url:


    http://www.cs.umd.edu/~waa/wireless.pdf

    Interesting reading to the say the least.

    Good luck
     
    Guest, Dec 3, 2003
    #5
  6. Ed Paul

    Happy Canuck Guest

    Best thing for him to do is get a Firewall and Antivirus, that should
    protect HIM from outside interference.

    You can look at http://www.symantec.com/sabu/nis/nis_pe/index.html for
    Norton Internet Security 2004.

    Bill

    p.s. next step is to get the frat's wireless network secure
     
    Happy Canuck, Dec 3, 2003
    #6
  7. Ed Paul

    Kevin Smart Guest

    The advice I've read on this thread is all good,
    but no-one has suggested that the biggest danger in these circumstances
    is likely to come from inside the frat house,
    rather than someone lurkng on the highway.

    IMHO a college environment should be treated as hostile by default.
    On personal systems
    services should be locked down if not removed,
    packet filtering in place at all times,
    regardless of the network medium.

    A college mindful of the value of a student's work
    should be ready to advise, I agree

    Kevin
     
    Kevin Smart, Dec 3, 2003
    #7
  8. Ed Paul

    Joe Hayes Guest

    The first thing your son needs to do is speak with the person(s) who set up
    the wireless network at the frat house and discuss his security concerns.
    Perhaps they've already implemented encryption and firewall technology. If
    not, maybe he and the other concerned students could get together and set up
    their own private secure network within the house. I'm sure that would get
    someone's attention and quickly resolve the issue.
     
    Joe Hayes, Dec 3, 2003
    #8
  9. Ed Paul

    timewilltell Guest

    Your son lives on a college campus. Surely someone there easily accessible
    to him is an expert on this subject. Every college campus has a compute
    science department. Don't understand why he'd be asking his parents to
    figure this out for him...

    What are all the frats in this house majoring in? English lit?
     
    timewilltell, Dec 3, 2003
    #9
  10. Ed Paul

    Joe Hayes Guest

    So you think all college campuses just happen to come with their own
    resident
    wireless LAN technology expert who has nothing better to do with his or her
    time than to consult with lowly students? And you also think the computer
    science department has something to do with networking? Please. They teach
    programming and software development, not infrastructure.
     
    Joe Hayes, Dec 3, 2003
    #10
  11. Ed Paul

    gary Guest

    Everybody's made good suggestions. I'd just like to point out that WEP and
    WPA preshared key involve everybody sharing a common secret. If there is a
    concern about attacks from within the frat house, these methods will not
    address it. Nothing short of full-blown WPA with authentication server will.
    Or VPN, which would still require another local server.

    For Ed's benefit: WEP, and WPA preshared key, use a predetermined key which
    must be configured into the router and each wifi client. Therefore everyone
    knows the key, and you don't need cracking tools to get complete access to
    everyone's connection.

    In addition to securing access to the router by strong encryption and
    authentication, everyone should run a firewall on their host (do not rely on
    the router firewall - attacks could come from within). Each host should have
    resource sharing of all types disabled by default when on the wireless net.
    If files must be shared, at least use password protection. Install
    antivirus protection on every host, and keep it up to date.
     
    gary, Dec 3, 2003
    #11
  12. :So you think all college campuses just happen to come with their own
    :resident
    :wireless LAN technology expert who has nothing better to do with his or her
    :time than to consult with lowly students? And you also think the computer
    :science department has something to do with networking? Please. They teach
    :programming and software development, not infrastructure.

    At the local university, there is a course Faculty of Computer Science
    course 074.430 "Computer Networks". There is also Electrical and
    Computer Engineering's 024.370 "Telecommunications Network Engineering"
    and 024.426 "Communication Systems".
     
    Walter Roberson, Dec 3, 2003
    #12
  13. Ed Paul

    Ross Evans Guest


    Does he also have a webcam?
    http://people.ece.cornell.edu/schuh/hacked/index.php
     
    Ross Evans, Dec 4, 2003
    #13
  14. Ed Paul

    Miguel Cruz Guest

    They should go down the street and make friends with the nerdy frat where
    all the brothers are working on science experiments and building robots with
    boobs. In exchange for a 6-week wedgie moratorium, I am sure they could get
    some assistance.

    Seriously, I don't understand why they don't just ask the local computer
    nerds. They are not hard to find on a college campus.

    miguel
     
    Miguel Cruz, Dec 4, 2003
    #14
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.