1. Home
  2. Wireless Networking
  3. Wireless security - at the PC card end.

Wireless security - at the PC card end.

Hi;

I've been running what I think is a secure network link for about twelve months; and I've just had a thought that maybe I'm all wrong ;-)

I've got a simple wireless access point connected to my cable modem in one room. In another, I've got my PC, with a wireless card in a PCI slot.

The access point is, or should be, secure. I carefully ran the setup software; and it only accepts two MAC addresses - my wireless card and my modem; and it's running the 64 bit encryption. Okay - not the best security available, but good enough to keep my neighbours at bay.

But my PC has only got Zonealarm on it. It runs the right encryption to connect to the wireless access point; but I never had to set up any specific security on the PC.

So, my question is, can someone simply bypass my access point, and connect directly to my computer? Say, while Zonealarm is booting up? Or worse, at any time at all?

Tim

Reply to
Pikey
Loading thread data ...

Not easily. Access Points can be spoofed making you think that you're connected to your access point, when in reality, you're connecting to another. In order to do that, I would need to spoof the MAC address and SSID of the access point. That's easy. If you have encryption enabled, I would need to extract the WEP key or steal the WPA key. The WEP key is fairly easy, but WPA is not. Even if I had all the aformentioned, I would still need to get through your Zonealarm firewall, which is difficult. It can sorta be done, but only with extreme difficulty.

HostAP access point spoofing software:

formatting link
Man in the middle attack:
formatting link

Reply to
Jeff Liebermann

Nope...

Reply to
DLink Guru

Many thanks, both.

WhenI first got wireless, I didn't bother to secure it until my wife pointed out that if any of our neighbours decided to download child pornography, it would me MY door the police would come knocking on! I was having shivers at the thought that I might have been fooling myself all this time!

Tim

Reply to
pike_by_nature

The program in the startup folder is the user interface. It doesn't start until you log in, so as to verify that you are authorized to make changes to the firewall. Explained in

formatting link
The firewall itself is %windows%\system\Zone Labs\vsmon.exe which is running, and blocking connections, before login. I have tested that morning. With a fresh reboot, I connected perfmon.msc from a trusted computer to the laptop under test. I was able to see vsmon.exe running. After I logged in, I could see iclient.exe running. An untrusted computer was not able to connect before or after login.

Reply to
dold

Thanks Clarence - that's always vaguely worried me, even before I had a wireless connection I wondered what might be going on while I was waiting for Zonealarm's icon to appear in my system tray.

Tim

Reply to
pike_by_nature

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.