Protect Your Wi-Fi Network From Tools Like This

Since recent events like Google versus China and the arrests in Hubei Province have brought Chinese hackers out into the limelight, now is a great time to secure your wireless network from intruders. Because your personal information and bandwidth aren’t as safe you think.

The Transcend G-Sky with Backtrack

The $10 device for sale on Taobao

A friend recently referred me to a device available for sale in China (on Taobao) that includes the hardware and software you need to crack wireless encryption. It costs 70 yuan (about $10) and is called the “All New Transcend G-Sky 8M Card King”. That’s a mouthful, but it’s actually a simple network adapter with powerful antennae that’s made for stealing information or bandwidth from neighbors or enemies. Combined with a suite of “Penetration Testing” Linux applications, it’s everything you need to break into (most) encrypted Wi-Fi networks.

How it Works:

After ordering the $10 package on Taobao, you install the wireless adapter using the included driver and USB cable. It comes with a powerful antennae that has a long range made for eavesdropping onto wireless networks near and far, which itself can be upgraded with an inexpensive attachment.

A printed guide is included with the disc

Once the hardware is installed, the included disc is used to run a Linux distribution called Backtrack, which probes and cracks nearby networks. The seller specifically mentions that he doesn’t offer tech support for the software, but refers customers to a Chinese language forum with a healthy community of users volunteering support. He’s nice enough to include an official-looking printed guide to the software written in Chinese for novices, though.

For $10 you have all the tools and instruction required to get started, which makes this an alarmingly brainless introduction to hacking wireless networks.

What’s at Risk?

The reason why we encrypt our Wi-Fi networks is two-fold: to prevent others from stealing our bandwidth and to protect our personal information from prying eyes. If your neighbor is streaming TV shows from Tudou on your Wi-Fi network while you’re trying to video chat with your family, you won’t wait long before finding a way to keep them out. At the same time, when you’re transacting money or private account information online, your data is susceptible to people armed with tools like Backtrack.

I asked a few questions of a friend of mine, Ben, who’s a computer security professional and he had the following answers for me.

What’s Backtrack?

Ben: It’s a Linux distribution for “network security testing.” It comes with all the relevant scanning, exploit, and attack software already compiled and working out of the box.

By your estimate, what percentage of wireless networks are vulnerable?

Ben: In China, I’d guess 60-70%. Most people use WEP encryption with weak keys – things like 12345, which makes you more vulnerable. WPA encryption can also be cracked, but requires more time because the software uses a brute force tactic on that.

Why is protecting yourself from this kind of attack important?

Ben:  Data sent over Wi-Fi is really susceptible to eavesdropping. For Linux there are applications available like ImageGrab and Wireshark. ImageGrab scans for specific packets and reassembles them into images of what people on the same network are looking at. Wireshark looks for a different set of packets which tells you which sites people are visiting, whether they’re using QQ or Skype, and so on. Stealing cookies from users web sessions is also possible, which can allow people access to your e-mail and bank accounts online.

3 Steps to Protect Yourself

1. Connect to your wireless router. If you can’t connect by Wi-Fi, you can plug straight into the router using an ethernet cable. Once you’re connected, you can access the routers control panel (usually 192.168.0.1 or 192.168.0.2) and adjust wireless settings, including encryption.

2. Enable encryption by selecting a type – we use WPA, which stands for Wi-Fi Protected Access. After selecting WPA you can opt for AES or TKIP encryption, we recommend AES.

3. Select an encryption key by entering any text you want. It should be at least 12 characters in length and include letters and numbers. Something like “CH3ngdUL1v1NG” would work well. Don’t worry about picking a key that you can’t remember. You enter it once in any devices that connect and they’ll store the password for the future, whether it’s your smart phone, Windows desktop, or Macbook.

For more information, read this guide published by PC Magazine.

What do you think?

Related Posts with Thumbnails
Charlie

About Charlie

Having lived in Chengdu for ten years, Charlie has traveled to every corner of China and back again, calling the Yulin neighborhood of Chengdu his adopted home.

7 Responses to “Protect Your Wi-Fi Network From Tools Like This”

  1. what is the difference between AES and TKIP?

  2. But this 8G 网卡 only seems to work if you have Linux OS, no?

    And btw, thanks for the helpful guide on how do steal other people’s wireless! Gonna be really useful back in England.

    • Charlie

      Peter,

      That wireless device doesn’t just work with Linux. The tools that it comes with boot from a Linux live CD as I mentioned.

      This is a guide to using effective encryption – I don’t know where you gleamed a “guide on how to steal wireless” since that’s simply not here.

  3. Aight Charlie!

    Let me re-phrase myself: Thanks for sharing the information of that such a tool as 8G 网卡 exists!

    Taobao here I come!

Trackbacks/Pingbacks

  1. Hao Hao Report - February 9, 2010

    Someone thinks this story is fantastic…

    This story was submitted to Hao Hao Report – a collection of China’s best stories and blog posts. If you like this story, be sure to go vote for it….

Leave a Reply