Wireless security

Been doing some research lately on WiFi and security of it. So I have been doing some scans and out of the 3,655 WiFi access points I have observed, here is the breakdown on the security of them:

Count Encryption Type
859 Not Encrypted
760 [WEP]
680 [WPA-PSK-TKIP+CCMP][WPA2-PSK-TKIP+CCMP]
519 [WPA-PSK-TKIP]
301 [WPA2-PSK-CCMP]
110 [WPA-PSK-CCMP][WPA2-PSK-CCMP]
101 [IBSS]
36 [WPA-PSK-TKIP][WPA2-PSK-CCMP-preauth]
31 [WPA-PSK-TKIP][WPA2-PSK-TKIP]
30 [WPA-EAP-CCMP][WPA2-EAP-CCMP]
28 [WPA-PSK-TKIP+CCMP][WPA2-PSK-TKIP+CCMP-preauth]
21 [WPA-PSK-TKIP+CCMP]
18 [WPA2-PSK-CCMP-preauth]
18 [WPA-PSK-CCMP]
18 [WPA-EAP-TKIP][WPA2-EAP-CCMP]
16 [WPA-PSK-TKIP][WPA2-PSK-TKIP+CCMP]
15 [WPA-PSK-TKIP][WPA2-PSK-CCMP]
14 [WPA-EAP-TKIP+CCMP][WPA2-EAP-CCMP]
12 [WPA2-PSK-TKIP+CCMP]
10 [WPA2-PSK-TKIP]
9 [WPA-EAP-TKIP]
8 [WPA2-EAP-CCMP]
8 [WPA2-EAP-CCMP-preauth]
8 [WPA-PSK-TKIP+CCMP][WPA2-PSK-CCMP-preauth]
8 [WPA-?]
5 [WPA-PSK-TKIP][WPA2-PSK-TKIP-preauth]
3 [WPA-PSK-WEP104+TKIP]
3 [WPA-EAP-TKIP][WPA2-EAP-TKIP]
2 [WPA2-PSK-TKIP-preauth]
1 [WPA-PSK-CCMP][WPA2-PSK-CCMP-preauth]
1 [WPA-EAP-TKIP+CCMP][WPA2-EAP-TKIP+CCMP]
1 [WPA-EAP-CCMP]
1 [WEP][IBSS]

It is amazing that nearly a quarter of them were unencrypted. What was even more interesting I saw a bunch of them on rural roads, so it was almost like “well no one lives around me, so why encrypt it”. So I would ask that everyone, no matter where you live, please enable encryption on your Wifi. In addition don’t use WEP, please use at least WPA and preferably WPA2. If I add in WEP as being basically “un-secured” you have over 44% of the WiFi access points not being “secured”. WEP just isn’t that strong, and with people doing banking and online shopping, you shouldn’t be doing any username, password or credit card info over a open or WEP encrypted WiFi connection.

Another factoid is the preference for WiFi channel:

Count Frequency (Channel)
1 2407 (??)
1 2472 (13 – Non US)
40 2457 (10)
41 2442 (7)
46 2432 (5)
52 2417 (2)
69 2447 (8)
141 2427 (4)
158 2452 (9)
229 2422 (3)
718 2462 (11)
731 2412 (1)
1428 2437 (6)

It appears that Channel 6 (aka 2437 Mhz or 2.437Ghz) is the “most popular”. Probably because that is what most routers come with as a default. It also appears that a lot of people don’t change their SSID either. I saw 214 “Linksys”, 106 “NETGEAR” and 22 “belkin54g”, which are all default SSID’s. 542 total were a combination of those 3 (spelling case and maybe a number added to it).

So in the end what does this all really mean? For one vendors need to be more proactive about helping inexperienced customers to properly secure their wireless network devices. In this day and age, routers should be sold “secure by default” and really not let the router connect to the Internet until the default admin password and ssid have been changed, and proper encryption has been set up. Why do I say this? Well there are ton’s of people who just buy a WiFi router, and don’t understand that if they don’t secure it that some one in their neighborhood could use their WiFi network, with or with out permission, and do something “bad” and the next thing you know the cops will be showing up at your door because the connection was traced back to your house, NOT your neighbor’s.

Some tips for SSID’s as well.

  1. Please don’t make the SSID your postal address, especially if you are in an apartment don’t tack on your apartment number.
  2. Don’t leave it as the default from the vendor. If you do this makes it a litter easier to guess that you haven’t done any security on it, and some one can now take control over it, because you more than likely have not changed the default password.
  3. Don’t name it your family name, or any ones name in your family. If you do, you can fall pray to some social engineering hacks
  4. Make it something that is not going to interfere with some one around you if you live in a crowded area.. Nothing like having 6 WiFi’s in a small apartment building all on channel 6 all with the SSID as Linksys and different passwords on all them, you will get horrible performance.