Home Network Pro - The Site for Home Network 'Professionals'

The Security Page for May 2005

This logo designed by Jim Ferris "What is security like for most wireless networks? Pretty much what it would be if 4 out of 5 homeowners did not lock their front door." -The New York Times, May 4, 2004

All people that use the services of the global wide area network infrastructure known as the 'Internet' need to be aware of security. There are a great number of reasons for this and we will cover alot of them as this page is built and developed. Look for security information in many areas of discipline that affect the home user and small office or home office (SOHO) user. These networks are proliferating at a much higher rate than the people who are educated to use them in a secure manner. The number of security threats to your home network grows every day. These threats include many of the same threats that have been a major problem for banks, government agencies and on-line merchants.

Computers connected to a wide-area network are often connected through public networks , such as the telephone system. They can also be connected through leased lines or satellites. The largest WAN in existence is the Internet . Source: webopedia.com. This is from another page on this site, but it applies here as well. The main reason a home network is created is more about sharing access to the Internet than sharing files or providing print resources to the rest of the home. These are also reasons to establish a home network, but they are not the main reason we see a proliferation of these types of networks. We have seen a typical network illustrated elsewhere on this site, but have we really been looking at where we should be applying security practices, tools and reporting to help identify, remove and protect against security threats?

There is a lot of information available for security of the home network available. We will nto attempt to repeeat that information here. What we will do is show you where you can find the information and we will also give you a plan of action for creating a useable security policy for your home network.

Security Alert ! - Widespread DNS Poison Attack Spreads Spyware/Adware - 04/22/05

An Internet attack that hijacks a victim's Internet connection and stealthily installs a barrage of adware and spyware is targeting businesses and organizations across the U.S.

The attack has been ongoing since early March and has afflicted an estimated 20,000 computers.

It uses DNS poisoning: Domain name system servers, which guide Internet traffic, are fooled into directing anyone heading to any .com Web site to a malicious Web site that the attackers control. That Web site then installs a wide range of adware and spyware on the victim's computer without the victim's knowledge

The Internet connection for anyone using the poisoned DNS server is completely disrupted. All Web traffic and e-mail trying to go to any .com site gets hijacked for as long as the DNS server remains altered.

Even after the DNS server has been repaired, the company has to clean the adware and spyware from any affected computers. Read more about this on the news items for April 25. Either on the home page or on the news archive page.

Tools and utilities to help you test, monitor and protect your wireless network

Please browse through the links to find a host of wireless security tools. We have been looking at these pieces of free software and have found most of these to be most excellent. We would recommend that you get these tools and explore there use in your environment.


NetStumbler displays wireless access points, SSIDs, channels, whether WEP encryption is enabled and signal strength. NetStumbler can connect with GPS technology to accurately log the precise location of access points.

A smaller version of NetStumbler designed to work on PocketPC 3.0 and PocketPC 2002 platforms. It provides support for ARM, MIPS and SH3 CPU types.

WEPCrack was the first of the WEP encryption cracking utilities. WEPCrack is an open-source tool used to break 802.11 WEP keys. You can also download WEPCrack for Linux .

Airsnort is a wireless LAN (WLAN) tool which cracks WEP encryption keys. AirSnort passively monitors wireless transmissions and automatically computes the encryption key when enough packets have been gathered.

Btscanner allows you to extract as much information as possible from a Bluetooth device without the requirement to pair. It extracts HCI and SDP information, and maintains an open connection to monitor the RSSI and link quality.

The polar opposite of hiding your network by disabling SSID broadcasts- Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points. As part of a honeypot or as an instrument of your site security plan, Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other scanners.

Kismet is an 802.11 wireless network detector, sniffer, and intrusion detection system. Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and inferring the presence of nonbeaconing networks via data traffic.

Redfang v2.5 is an enhanced version from @Stake of the original Redfang application that finds non-discoverable Bluetooth devices by brute-forcing the last six bytes of the device's Bluetooth address and doing a read_remote_name().

A tool to use when looking to discover access points and save captured traffic. Comes with a configured script and supports Cisco Aironet and random prism2 based cards.

WifiScanner analyzes traffic and detects 802.11b stations and access points. It can listen alternatively on all 14 channels, write packet information in real time, search access points and associated client stations. All network traffic may be saved in the libpcap format for post analysis.


wIDS is a wireless IDS. It detects the jamming of management frames and could be used as a wireless honeypot. Data frames can also be decrypted on the fly and re-injected onto another device.


WIDZ is a proof of concept IDS system for 802.11 wireless networks. It guards access points (AP's) and monitors local frequencies for malicious activity. It detects scans, association floods, and bogus/Rogue AP's. It can also be integrated with SNORT or RealSecure.

Check back here in the next couple of weeks for updates


About Us |Privacy Policy | Contact Us | ©2005 Home Network Pro - A JNL Media Network Site sm