[ISN] Symantec ranks Houston high in WiFi security survey

InfoSec News isn at c4i.org
Wed Mar 1 02:48:32 EST 2006


Copyright 2006 Houston Chronicle 
Feb. 27, 2006

Wireless networking has become the dominant way in which home users
network their computers. WiFi is fast, fairly easy to set up and
relatively inexpensive.

But it's also by nature insecure. With WiFi networking, you're spewing
your data into the ether, and most wireless hardware comes with the
most basic security features turned off by default.

Understanding human nature - and acknowledging the technical
cluelessness of the average home user - you'd think that the majority
of wireless home networks would be wide open, allowing anyone with a
WiFi-enabled computer to connect to the Internet and possibly access
personal data.

But, based on a drive-by survey conducted by software maker Symantec,
not in Houston.

For two days in mid-November, Symantec security experts drove through
neighborhoods in seven areas of Houston: Galleria/Memorial, the
Heights, the Third Ward, Midtown/Montrose, Shadow Creek/Silverlake
near Pearland, the Villages off I-10 West, and parts of the
Westchase/near-Katy area.

The specific Zip codes: 77056, 77008, 77004, 77006, 77002, 77584,
77024, 77082 and 77079.

As they drove, they used WiFi "sniffing" devices to look for signals
from wireless routers, a practice known as wardriving. They checked
each one to see if it was encrypted - meaning signals between the
routers and the devices that connected to them are scrambled - and
whether the owners of the routers had changed the default network
name, or SSID.

Although the methodology was hardly foolproof, which I'll discuss in a
minute, the results are interesting:

* Symantec's researchers found a total 1,985 WiFi access points.

* More than 61 percent were using encryption.

* More than 80 percent had nondefault SSIDs.

* The more affluent neighborhoods had a higher incidence of
  nonencrypted access points, although there were far more residential
  WiFi networks in the richer areas.

* The highest percentage of nonencrypted networks was in the Villages,
  at almost 47 percent. The lowest percentage was in the Third Ward
  and West Houston, with about 30 percent.

Jonah Paransky, a senior manager for security products at Symantec,
said four other cities had been surveyed in a similar fashion - New
York, Los Angeles, Chicago and Washington, D.C. - and Houston had the
highest percentage of encrypted residential networks. Symantec would
not release the specific numbers for the other cities.

Congratulations, gang! It's good to be No. 1 at something other than
obesity and pollution - although you folks in the Villages obviously
have some work to do.

Now, while these numbers are interesting, a couple of aspects make the
survey's results less than ironclad.

The researchers primarily focused on the central and western parts of
the area, and largely ignored the far-flung suburbs. Adding those into
the mix might have produced dramatically different results.

In addition, they only looked for encrypted versus open networks. But
there are other ways to secure a WiFi network without encryption,
including a technique known as MAC filtering.

All network cards, whether wired or wireless, have a unique serial
number. You can tell a WiFi router to only accept connections from
computers with certain MAC numbers, thus locking out unknown users.  
It's possible that some of the unencrypted networks were using MAC

Paransky argued that MAC filtering isn't truly secure, because it's
possible to capture traffic between a PC and a router if it's not

He offered these tips for wireless network security, many of which
should be familiar to readers of this column:

* Turn on encryption. D'oh!

* Change the default SSID in your router, and if the router allows it,
  turn off broadcasting of the SSID. This makes your home network
  invisible to those casually looking for wireless connections,
  although it can be spotted with the right software or equipment.

* Place your wireless router as close to the middle of your house as
  possible, which decreases the chance its signal could be detected
  from the street. It also helps decrease WiFi dead spots. Newer
  routers that use range-boosting technologies such as MIMO, and the
  upcoming 802.11n routers, will blast signals for greater distances,
  so depending on your house's size, this may not have much effect.

* Use a software firewall even though your router likely has one built
  in. Paransky said if intruders manage to penetrate your network,
  firewalls on each machine may keep others protected.

And, of course, because the survey was done by Symantec — which makes
the Norton line of security software — Paransky suggested users keep
up-to-date antivirus and antispyware on all their computers.

You didn't think the Symantec people went to all this trouble out of
the goodness of their hearts, now did you?

More information about the ISN mailing list