Packet Rat: Rat's WiFi approach: Turn on, tune in, drop out
GCN Illustration by Michael J. Bechetti
On general principle, the Rat doesn't trust a network that sends his data bouncing around the ether. And though he has made some concessions to the wonderful world of wireless fidelity'like the 802.11b cards in his notebook PC, his Handspring and his network-enabled coffeemaker'he still treats radio packets with appropriate paranoia.
Apparently, not too many bipeds share the Rat's concern about WiFi. At least that's what the whiskered one thinks after hearing about the latest high-profile security fiasco to find its way to the Web.
The Rat was picking up essential productivity-boosting hardware'a USB joystick to be specific'at a certain national consumer electronics box store recently, when a news story caught his eye.
A vigilant, anonymous citizen had notified a security vulnerability mailing list that he had detected credit card numbers being passed in the clear over a wireless network at his local Best Buy. How? Using a wireless card he had just bought there and a Linux packet-sniffing program.
Apparently, Best Buy never enabled the Wired Equivalent Privacy security on its access points. Nor, for that matter, did it bother to turn off the service-set ID broadcasts on its access points.
To top it all off, the store runs a point-of-sale system on the WiFi LAN, passing transactions to its server and transmitting credit card data for perusal by anyone who happened to tune in.
The cyberrodent cancelled his shopping trip and circled the wagons. He could picture his oldest two offspring in the parking lot, capturing his credit card number as he completed his buy. Only ill could come of that.
The recent introduction of a couple of WiFi shareware tools'one for finding 802.11b networks and the other for breaching them'further heightened the Rat's paranoia.
The first app, the more benign of the pair, is NetStumbler. When used with a Lucent 802.11b card, it can find out nearly everything about an unsecured WiFi network, short of the password. The second, AirSnort, exposes the password. Both apps work by passively listening to wire.
To lessen his anxiety the whiskered one decided to survey the wireless landscape. He grabbed a Compaq'I mean, er, Hewlett-Packard'iPaq and an evaluation copy of Handheld Analyzer, a wireless network management package from AirMagnet Inc. of Mountain View, Calif., and started stalking his agency's campus in search of wide-open wireless ports.
He found a few. More than a few, in fact. The Rat then had his minions confiscate the offending access points and add them.
Out of curiosity he took the AirMagnet software for a walk. While wandering around the District of Columbia's office district, he picked up scores of wireless access points, many of them without security turned on.
As he turned a corner, he caught a glimpse over his shoulder of his two eldest offspring. They, too, were walking around with a wireless handheld device'and taking notes. The Rat's paranoia quickly returned. The Packet Rat once managed networks but now spends his time ferreting out bad packets in cyberspace. E-mail him at firstname.lastname@example.org.