Wireless Router Security

In today’s consumer market people expect certain things from products, such as security. One item that keeps getting more popular is the wireless router. This is a very functional piece of equipment and needs to be optimized for security. The way a wireless router works is it takes your wired internet connection and transmits it like a radio station. Unfortunately these routers do not secure themselves and many people do not understand the risks in leaving them unsecured. I will talk about several things in this essay including, securing your router, how to secure your router, how common unsecured wireless routers are, and the different ways to make sure you keep your information private.

Many people that have purchased wireless routers simply just plug them in and go. This does work and there is no setup required to make them function. Leaving your router like this could be disastrous. This device takes the internet connection and broadcasts it through a radio frequency signal. So somewhat like a radio station does and you are able to listen in on a radio. The same thing works for a wireless router. Anyone with in a three hundred foot radius can connect to your router. This might seem harmless, but in doing so you are making it entirely too easy for someone to access you and your information from a remote location.  Think about it this way, someone connects to your router in seconds because it is unsecured and gains access to your computer and injects a virus. This whole process would be undetected by you most likely and now your computer is a spamming machine. What I mean by that is, someone was able to use you internet protocol address to do their dirty work and now when they track the spam back, it will come to you and you only. Along with doing that the attacker could copy all your data and be gone before you know it.

In routers sold today the most common two types of encryption are (WEP) or Wired Equivalency Protection and (WPA2) WiFi Protected Access 2. There are some major differences in these two encryptions and their security. WEP was released in 1997 to be used by the 802.11 protocols of wireless access points. In March 2000 there was some weakness found in this encryption. What if I said that if we can intercept a cipher text C, that we could guess the plaintext of that? Maybe this does not look like much, but let me explain further. “Let Z = RC4(key, IV) this will be the whole RC4 key stream or the encrypted output of the router. The main problem with using RC4 is, if the same key stream is used twice it can become very insecure. Since C= P+Z. We can conclude that the RC4 key stream Z is equal to Z = P + C = P + (P +Z) like I stated before this is not a problem unless the key stream is reused. To put this in to perspective an eavesdropper can decrypt intercepted cipher texts without knowing the key, this is a major risk. Now that the attacker knows these values he can (Spoof packets) and the router will accept them, because they are no different encryption wise than the others” (Wagner). What is wrong with this?  The attacker can send these packets through the access control and he can attack any computer connected to that network. WEP is better than leaving your router unencrypted, but it is very insecure and can be cracked in a matter of minutes. WPA2 a second generation of WPA, which uses a stronger encryption algorithm called AES (Advanced Encryption Standard). It also uses a preshared key that is used at both ends from the router and on the device gaining access. “WPA2 uses CBC-MAC (Cipher Block Chaining Message Authentication Code) Protocol for authentication and integrity, and CTR (Counter Mode) to encrypt the data and MIC. WPA2’s MIC is similar to a checksum and provides data integrity for the nonchangeable fields in the 802.11 header, unlike WEP and WPA. This prevents packet replay from being exploited to decrypt the packet or compromise cryptographic information” (Bulk). This is not to say that WPA2 can not be cracked, but with up to a sixty three character pass phrase the number of unique packets needed to be intercepted would be very large. Using a very strong pass phrase is very important with WPA2. Experts have stated that, for personal use WPA2 along with a strong pass phrase would be unpractical to decrypt and very timely. Knowing this you can take one more step towards making your home network more secure.

You have all this information, so how do you encrypt your wireless router? Depending on your wireless router the internet protocol address to access it will differ. You can find these in your manual or if you do not have that the information can be found with your favorite search engine. Generally searching your router brand name and internet protocol address will find this info. Now that you have found that simply type it into your browser just like a website address, for example 192.168.1.1 a box will pop up asking you to login. If you have never done this the username and password are set to default and can also be found on the internet or the manual. The username and password should be changed as well if you have not already done so. Now logged into your router there are a number of things you can do in this menu. What I will be focusing on is the encryption and how to set this up. Since routers menus differ based on brand I will do my best to give you general directions that maybe not be exact. In this menu there should be a tab that says wireless or something to that effect. You may have to look a little to find wireless security, once you have found that move on. In the wireless security tab there might be a number of choices, but I will only be discussing WPA personal and WPA2 personal. These two should be sufficient for your personal network and are more user friendly. You can choose either, but I would recommend WPA2 personal, as it is the most updated. There should be some tabs below for options to choose from, one of them being which algorithms you want to use. In my router I have the option to use both TKIP+AES together which is what I use and what I would recommend. There should also be a box to enter the shared key in to. This pass phrase is what I mentioned before and the need to have a strong one. A few keys to having strong pass phrase are to have characters types of numbers, letters, and symbols. The pass phrase will be strong if it is random and not a word from the dictionary. I mentioned before the need for a longer pass phrase. This is because the longer the pass phrase the more combinations possible. All there is left to do is to hit enter or submit.  When logging into your router you will have to enter the same pass phrase as before, normally your computer will save this and you will only have to do it once.

You now have an encrypted router so all your data is safe right? Not exactly. One attack I want to present is called The Man in the Middle Attack. An attacker is able to intercept packets and retransmit them with his own key. What is happening is that in the middle of a conversation from your computer to a server, the attack replaces the server with a fake one. One way to defeat this type of attack is not to click through error messages that pop up to alert you. When an attacker does this there maybe an error message stating that the server was not authenticated, but if you do not read your error messages you will never know this is happening and that is what the attack relies on. So many people have access to technology and do not educate themselves on it. This makes the life of a black hat hacker very easy. We have access to many defenses, but if we do not educate ourselves on how to use it properly then they can be exploited more easily.

I conducted a security survey of sixty city blocks of Taylorville, IL. This is not a very large area by any means. I found thirty one unsecured wireless access points during this survey, I find this unacceptable. Some of these were near the town square and possibly business’ or maybe government offices. This is just speculation with out doing more research on who owns these routers. I expected to find some unsecured routers during this survey, but not as many I as did find. This survey was not time consuming for me and it would not be to an attacker either. New technology is introduced on a constant basis and people do not take the time to educate themselves. Secure your wireless router and use the strongest possible security available to you.

Works Cited

Bulk, Frank. “ABCs Of WPA2 Wi-Fi Security.” Network Computing 02 Feb 2006 10 Jun 2008.

Cam-Winget, Nancy, Russ Housley, David Wagner, and Jesse Walker. “Security Flaws in 802.11 Data Link Protocols.” Communications of The ACM 46 No. 5 (May 2003): 35-39.

Chirillo, John. Hack Attacks Revealed. Second. Indianapolis, IN: Wiley Publishing, 2002.

Endorf, Carl, Eugene Schultz, and Jim Mellander. Intrusion Detection & Prevention. Emeryville, CA: McGraw Hill/ Osbourne, 2004.

Hardjono, Thomas, and Lakshminath R. Dondeti. Security in Wireless LANs and MANs. Norwood, MA: Artech House, INC, 2005.

Wagner, David. “Wireless Security.” fcc.gov. University of California, Berkley. 10 Jun 2008.

“Wireless Security.” Rutgers Computing Services. 23 Mar 2006. The State University of New Jersey.