Home LANs risk accidental hacks

Small businesses and home networkers are at risk from hackers - but some intrusions into a wireless network may be unintended
Written by Jeanne-Vida Douglas, Contributor

You are at home late one night, upgrading some software on your wireless LAN. There is no one else in the house, and the neighbour's driveway is empty.

You reboot your laptop and wait for it to come back to life. Suddenly the light on your wireless log begins flashing wildly with your laptop rebooting. There shouldn't be any traffic to register, yet it's blinking like Andromeda.

The laptop finally reboots and the green fields of XP grace your screen. The log light continues to sparkle, but the little monitors showing network activity from your laptop are blank.

Someone, somewhere close by, is hacking into your wireless LAN, but it might not be malicious. In fact, the perpetrator may be totally unaware he or she has invaded your system.

In fact a series of system defaults which encourage Bluetooth-enabled laptops to actively seek out a connection with wireless networks may make the accidental hack an annoying but increasingly prevalent phenomenon.

On the other hand, someone parked in the back lane could be using your system to download vast tracks of information from the Internet, effectively cybersquatting your bandwidth.

Either way there are some simple measures you can take to protect wireless LANs without sparking all-out urban war.

According to Ross Chiswell, chief executive of wireless networking reseller Integrity Data Systems, home users and small business or home office users often leave themselves vulnerable to an attack through a lack of awareness.

"There are some basic steps people can take to protect themselves," Chiswell said. "As well as some all-in-one security products designed for the small home office, or home wireless LAN."

According to a white paper Chiswell provides on the company Web site, protecting your wireless LAN involves the following steps:

  • Ensure basic security features are turned on and do not use default wireless network names.

  • Check that your vendor supports closed group. This enables you to turn off the beaconing or broadcasting by the access point of your wireless LAN network name. This way you have to know the name of the network to connect.
  • Check that your vendor's product includes a basic MAC address control table as part of the access point as a minimum, or that the access point can support an external Radius authentication server.
  • Check that your vendor also offers a range of products and not just an inexpensive access point that provides basic wireless connectivity.
  • If you have security concerns then use a wireless infrastructure that support non-WEP based encryption methods.
  • Chiswell also suggests wireless LAN users looking for significant protection opt for stronger encryption than the industry standard wireless encryption protocol.

    "A basic home LAN should opt for a wireless gateway with a firewall in it. However, small home offices would benefit from looking at a VPN type solution so that any link going into the network goes through a secure tunnel," Chiswell said, suggesting products from vendors such as Orinoco and Colubris.

    For the latest home networking product news, plus a full explanation of what home networking is all about, what you need to get started, and how to put it all together, see ZDNet UK's Home Networking Special.

    Have your say instantly, and see what others have said. Go to the ZDNet news forum.

    Let the editors know what you think in the Mailroom.

    Editorial standards