||Oracle Tips by Burleson
Chapter 9 - Self Protection on the Web
Risks of Wireless Communications
Depending on where the wireless network is
purchased, some basic instruction should be included on changing
default or factory settings during initial setup and use of the
computer. The SSID name should be changed to something that would be
as difficult as possible for a hacker to guess or determine easily
through the use of programs designed to discover such information.
Although it’s easy to remember a last name, it’s a bad idea to use
it in the identification of a wireless network.
Assuming that the person war-driving in the
neighborhood is able to get the SSID of the family wireless network
and it includes the family’s last name. It is then a simple matter
of checking the telephone book or doing a quick online search to
determine the family’s address. To add insult to injury, they can
do this while logged into the family’s own wireless network. With
name and address information in hand, the hacker is now completely
armed to steal the identity of any member of the house. Some
configuration utilities allow users to configure the wireless router
to not broadcast the name. This will make it a bit harder for the
drive-by hacker to gain access to a user’s network.
With public wireless access, anyone can see
anything that the computer sends or receives. If a user is
accessing a secure website, the information the computer is sending
is reasonably secure. If personal e-mail messages with most web
pages or applications are being sent, the user id and password,
along with the text of the messages, are available to anyone who
cares to look.
There is a risk when using wireless
connections. Users should always be aware that they are on a
wireless network and pay extra attention to the information that
they are sending and receiving. The lack of encryption probably
presents the biggest security risk when using a wireless network.
Download your Oracle scripts now:
definitive Oracle Script collection for every Oracle professional DBA