As we break free of wires at homes and offices the threats have multiplied. Serish Nanisetti discovers fear in the wireless jungle
We are inside an apartment complex with a MacBook. Switch on the Airport and bingo we are online with the help of someone called D-link-411. We can browse, chat and send emails (at a lower speed though). It was a similar thing that the terrorists did when they logged into Internet using the wi-fi router of an American in Navi Mumbai to send the emails to newspapers and TV channels about the impending bomb blasts in Ahmedabad. Logging into Internet with someone else’s wi-fi is the modern equivalent of borrowing sugar from your neighbour (unless you plan to do something dirty).
This story is not about discovering terrorists but how to keep your identity from being stolen by crackpots.
Ritwik is a network specialist with a large IT company with scores of executives who log into Internet using laptops he says there is no easy solution. “We have dozens of people logging into the network, we regularly scan the airwaves using a customised software (something like NetStumbler) to discover intruders.
The other security measure we take is to log each of the MAC address on the Wi-Fi router and the access is given only to the logged address.
Then there are the firewalls and gateways that protect the network and we even programme the laptops that prevent them from logging into unsafe networks outside the office space,” he says. This hi-tech security is not available to most homeowners who just get a wi-fi router or a modem and are delighted with the plug-and-play readiness. And as more and more people discover the comfort of wireless internet thanks to broadband speeds and cheap wi-fi routers; terrorists and other weirdos are discovering the sinister possibilities. The option of saying I-don’t-know-I-don’t-care is not there as the Indian IT Act-2000 specifies that the onus is on the user to prove that he is not guilty.
Simply put: If a terrorist sends a mail using your network, you have to prove that it wasn’t you. It is not that security agencies don’t have aces up their sleeve.
Don’t be surprised that Indian security agencies have a version of FBI’s computer and internet protocol address verifier (CIPAV), a malware, that infiltrates a suspect’s computer and then sends out packets of information ranging from MAC address to the last browsed site to the user name.
Once this information is collected, the CIPAV begins monitoring the computer’s internet use, logging every IP address to which the machine connects.
That’s the good news. The bad news is the bad guys are learning more tricks all the time.
Play safep>■ Keep your wi-fi router away from windows.
■ Change all the default settings including the name.
■ Enable MAC address filtering.
■ Enable WEP encryption.
■ Switch off the router when not in use.