Pinterest Stumbleupon Whatsapp
Ads by Google

By now wireless networks are virtually everywhere, easily accessible and often freely available. Most of us have it in our home, surfing the web anywhere inside and outside the house, reading mails in bed first thing in the morning, or listening to streaming music in the kitchen while doing the dishes.

The image to the left was graciously provided by LightFusionStudio via stock.xchng VI.

But is your wireless network safe? Did you take all the commonly recommended precautions? Did you…

  • change the default router password?
  • change the default IP subnet?
  • disable remote router access?
  • change the default SSID?
  • disable SSID broadcasting?
  • turn on the router firewall?
  • enable data encryption, preferably WPA/TKIP?
  • enable MAC filtering?

Did you or is this all Greek to you? Net-Security.org has a pretty good article explaining all relevant terminology and why it’s important to take the aforementioned steps.

Now if you did follow all of the advice, is your wireless network safe? Probably not. Even the strongest encryption can be hacked, every firewall has a hole and if someone really wants to break in, they will find a way. It’s not very likely, but it’s still possible.

What remains to be done is monitor your wireless network for suspicious activity. If you don’t find your router’s built in MAC address login and protocols convenient to use, here’s an alternative. AirSnare is a thorough network monitor for both wired and wireless networks from Windows 98 up to Windows XP. It will detect all active MAC addresses and monitor their activity. Warnings will be issued if unknown / unfriendly MAC addresses are detected.

Ads by Google

However, before you go ahead and download AirSnare, you should be aware of a few potential issues:

  • it was last updated in 2006
  • it may not support all network cards
  • it may cause problems with Windows 2k
  • it only works with WinPcap 3.1 (new version 4.0)
  • the support forum seems broken

Nevertheless, AirSnare can be a valuable tool. The main window shows three major categories on the left: Network Adapters, Unfriendly MAC Addresses and Friendly MAC Addresses. To start monitoring your network connections, double click the respective network adapter(s) or right-click and select >Start. Then watch for detection of unfriendly MAC addresses. You can manually add friendly MAC addresses by right-clicking the category and selecting >Add New or you right-click on a MAC address reported as unfriendly and select >Add to Trusted.

AirSnare optionally scans for MAC, TCP and UPD traffic, and you can track connections via the AirSnare or Ethereal protocols. DHCP requests can be shown in a separate window. Per default there is an audio alarm when potential unauthorized actions, routers, ARP Poisons, MAC Spoofs or Gateway connections are found. The audio alarm can be turned off via >Options menu >General tab >Alert section >remove checkmark infront of Play WAV Alert Sound.

The AirHorn option is a cool idea, but as of Windows XP SP2 won’t work, if the windows firewall is on and the messenger service is turned off on the receiving machine. I couldn’t get the >Send E-mail on alert option to work either.

So what do you do when you detect a questionable MAC address? If there is suspicious activity on your wireless network, you best change your network key, exclude the MAC address via your router, and eventually change your IP subnet. If the activity comes in via the wired network, you should also increase your local security, scan your system for malware, update your firewall, and lock up your network as best as you can.

How do you keep your wireless network safe? What tools are you using and what’s your experience with them? Do you know of a better, free alternative to AirSnare? Please share and leave a comment!

  1. Aibek
    May 19, 2008 at 12:50 am

    Thanks for the great post,

    Another simple program for securing wireless networks is HotSpot Shield, I have profiled it here.

  2. jagdesh
    May 18, 2008 at 12:50 am

    1 change the default router password?

    2 change the default IP subnet?

    3 disable remote router access?

    4 change the default SSID?

    5 disable SSID broadcasting?

    6 turn on the router firewall?

    7 enable data encryption, preferably WPA/TKIP?

    How do I do all this?I am not so good at all this stuff.Mind helping?

    • Tina
      May 18, 2008 at 3:06 am

      jagdesh, this greatly depends on your hardware setup. I recommend reading the router manual. And to understand what all of these things mean, read the article at Net-Security.org I linked to above.

  3. Manu
    May 17, 2008 at 7:20 pm

    AirSnar will not run on Vista as it doesn't ahve the vista does not have the COMDLG32.OCX file.

    Workaround: Download COMDLG32.OCX and copy it to C:\Windows\System32 and you're done.

  4. Manu
    May 17, 2008 at 6:50 pm

    By experience I've seen that ultimately the only thing that can truly safeguard your wireless network is a strong WPA2 based encryption setting. Go here for more.

Leave a Reply

Your email address will not be published. Required fields are marked *