Wireless signals seep onto streets

Warchalking on walls and sidewalks gives passersby signs that a wireless node is available. This new-age tech graffiti began with three basic icons.

During a walk along the streets of the nation's capital, lab reviewer's tablet PC detects wireless nodes

Agencies ignore the security risks of wireless networking at their peril.

I recently strolled past federal buildings along Connecticut Avenue in Washington, carrying a beta model of a new tablet PC equipped with an integrated IEEE 802.11b wireless PC Card.

In no time, it autodetected a wireless network. The tablet asked me if I wanted to connect. I declined, but as I kept walking, the tablet detected signals for three more wireless networks. (Apparently, the Secret Service is curious about these free-ranging signals, too, and has sent out teams around Washington snooping for wireless networks that are broadcasting their signals onto the street.)

I did no probing, so I don't know whether the signals my tablet PC detected came from government, corporate or home networks. Nevertheless, they're out there, just waiting for someone to exploit them.

If a wireless connection extends beyond a network's firewall, or if no firewall exists, any passerby with a wireless notebook PC can tap the network resources. Even if the network is protected, the passerby might manage to get Internet access.

Say, for example, that the wireless network assigns the intruder an IP address as many wireless networks routinely do. That makes a great starting point for hacking. The IP address lets the intruder guess at the IP scope, which could lead to probing and denial-of-service attacks.

Furthermore, passersby who have modern, helpful operating systems such as Microsoft Windows XP can learn the names of the network servers. The GCN Lab found this out during a recent review of XP Service Pack 1. We couldn't connect to the servers, but we could see them.

More insidious is stealthy monitoring of wireless networks from outside a building. Even if the network requires its users to have specific Media Access Control addresses in their hardware, a hacker could pretty easily sniff out such information from a bus stop or park nearby because MAC addresses are transmitted in plain text.

One quick spoof, and the hacker could break in as surely as if sitting at a desk inside the building.

There are two main dangers to unsecured wireless networking. The first is that an intruder can use information from the wireless connection to steal data or launch an attack on the computing infrastructure.

The second is that the intruder can use the connection for free Internet access. Hackers, and presumably terrorists, know that anonymous e-mail from services such as Hotmail.com and Yahoo.com can be traced backward. That's because information about an organization's IP address, OS and files travels along with the e-mail headers.

Say a terrorist stands outside your agency's headquarters and e-mails threats over your wireless network. The digital trail will lead back to your office. And if the terrorist stole a notebook PC to do the deed and gets rid of it afterward, the unsuspecting network administrator will be the one left holding the bag.

To add to the threat, more and more people support the 'free Internet' movement in their neighborhoods. Some are warchalking, making chalk marks on buildings to signal others what sort of free wireless access can be tapped there, similar to the hobo symbols of old.

I didn't happen to notice any chalk marks as I walked down Connecticut Avenue, but with wireless signals on the street silently screaming for clients, it's only a matter of time.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above