Patrick Chen

INLS 187

5/5/03

 

System Security  Evaluation

 

The System

           This evaluation concerns the security of my home computing network.  This network consists of a desktop computer, a DSL modem, and a laptop computer.  My  Bellsouth DSL modem is directly connected to the desktop computer which broadcasts a peer to peer internet connection to the laptop.  Both systems run Windows XP, and I happen to have inside information that states that the system administrator hasn’t run any Windows updates.  The wireless network isn’t encrypted and SSID is the default that the Manufacturer programmed in.  Apparently the user was so overjoyed that it actually worked that he failed to take any security precautions.  Because the user doesn’t employ a router, he is without even the most basic of firewalls.  The only bright spot is that I’m running the corporate edition of the Norton Antivirus Suite.

 

After even a cursory analysis it is obvious that this system is very insecure.  They are numerous ways in which a red hat could break into my system.  The easiest by far would be just to come to my physical location and sniff my wireless transmissions.  In this way a red hat could access all my files.  In order to do this I decided to try my hand at war driving just to see what it would be like.  I downloaded a copy of NetStumbler and tried to see what I could find when I visited my parents house in Washington.  Interestingly I found two APs that were accessible from my bedroom.  One was an unencrypted AP with the Manufacturer’s default SSID programmed into it.  I found this one right away because my laptop immediately started using it since its similar to the one I have at home.  The other was a WEP encrypted AP with a unique SSID.  I had a look around the internet and was unable to find any free Windows software for breaking WEP security through packet sniffing, all the good stuff seems to be Linux based.  For obvious reasons I didn’t try to break into my neighbor’s computer on the unencrypted line, but I saw just how easy it would be.  In fact as soon as I realized how many of my directories were available to him/her, I immediately disabled the connection.

 

When I got home I decided to run a test on my own system.  I deleted my home SSID and tried to access my network.  I used NetStumbler and easily found my SSID.  Once that was done the rest was cake.  In order to easily move files around my home network I share a lot of my folder/drives.  So it would be very easy for someone to really jam me up.  Luckily I rent in a rich neighborhood with a lot of old people.

 

Recommendations

As on right now, I haven’t bothered to encrypt my wireless network or even change the default SSID from the Manufacturer’s default, this will have to change.  I will have to either buy or download a firewall to stop attacks over the DSL line and I should probably think about running all the latest security fixes for Windows XP.