Anti-theft when using Wi-Fi

In a country like 'Wi-Fi paradise' like Vietnam, it seems that Wi-Fi 'pagoda' is not a serious problem. However, the problem is not as simple as many people think. If, in the past, the use of Wi-Fi stealing only took up bandwidth to surf the Web, but now with the support of other sophisticated software and eavesdropping methods, bad guys can monitor it. Web surfing information of users, or even steal personal information on the computer.

Anti-theft when using Wi-Fi Picture 1

Not long ago, on noisy forums with rampant sale information Wi-Fi breakers. Just a pretty compact device, including a decoder, antenna with Wi-Fi reception and connecting to the computer via USB, users can use free Wi-Fi. Products are sold for about 700 thousand to 1 million with the ability to break Wi-Fi.

The convenience of this device has attracted many people, especially those who live near the area with many Wi-Fi cafes. However, the use of this device is not really strong. It only detects passwords according to WEP encryption standard, the lowest Wi-Fi encryption standard available today; And the higher standards like WPA or WPA 2 have to give up. Of course, not all Wi-Fi cafes are configured at WPA or WPA 2 standards. Therefore, these devices still have land for business.

Not just stealing

Until recently, spying on what you were doing on a laptop or smartphone connected via Wi-Fi was only for hackers with experience, time and many tools available. However, the appearance of a free program called Firesheep changed everything. Newly released since October last year, but so far millions of people have downloaded the software. Firesheep makes it easier than ever to monitor your users' use of unprotected Wi-Fi networks. This tool also helps bad guys use the victim's ID to access the websites they visit.

That means that if you use Wi-Fi to log in to Facebook, Twitter or even pages that are associated with assets or money like eBay, your login information may be exposed. Although the password is used for encrypted accounts, the Web browser, which has the function of saving information, has no encryption mechanism, and Firesheep detects that information to decrypt it. And another very dangerous thing is that Firesheep is very easy to use. That means amateurs who don't have much knowledge about computers can attack you.

In fact, there have been a lot of Wi-Fi cryptanalysis tools available online. Names like Gerix WiFi Cracker, Aircrack-ng and Wifite are all familiar. They can fake legitimate user activity to collect keys or suggest a password. These processes are fully automated and they can find the wireless router's password within seconds.

Using a combination of the above programs with high-capacity Wi-Fi antenna devices (costing about $ 90), hackers can capture signals from Wi-Fi networks 3-4 kilometers away. While the market also has Wi-Fi code-breaking devices such as WifiRobin (156USD), it is not as fast or effective as the latest free code-breaking programs. In addition, WifiRobin can only break the code of WEP network, but cannot operate with WPA or WPA 2.

How to prevent it?

As mentioned above, Wi-Fi passwords encrypted with WEP (wired equivalent privacy) standard are not as strong as WPA (Wi-Fi protected access) or WPA 2, so it is best for users to choose two encryption standards. after. However, hackers can still use the same free tools to break WPA passwords. Only the time for breaking code will be longer (possibly weekly) and more specialized knowledge must be used.

To protect yourself, you should turn off or change your network identifier (SSID). Often these SSIDs are named after the default name of the router you are using, such as Linksys or Netgear. Your job is to turn them off or name them very hard to remember and complicated. However, with some tools, hackers can still detect this hidden SSID.

The next thing you can do is set up your own virtual private network (VPN). VPN will encrypt the entire communication wirelessly delivered through the home network or hotspot. You can use common VPN software like VyprVPN, HotSpotVPN and LogMeIn Hamachi. Depending on the level of usage (calculated according to the amount of encrypted data), these software are free or not. Often the free version is only for encoding Web operations.

In addition, you can also use MAC (MAC Filtering) address filtering to increase the level of security for home Wi-Fi networks. This method is quite effective and has the ability to minimize illegal access, but hackers can still fake MAC addresses to overcome this barrier.

Finally, you can turn off Automatic IP Allocation (DHCP) to prevent those who want to detect your Wi-Fi. By default, the Wi-Fi system is configured to allocate dynamic IP addresses to computers (DHCP functions). If you turn off DHCP, you will be safer but reduce the inherent convenience of Wi-Fi networks. In addition, skilled hackers can still detect the range of IP addresses being used.