As we break free of wires at homes and offices, the threats have multiplied. Serish Nanisetti discovers fear in the wireless jungle
We are inside an apartment complex with a MacBook. Switch on the Airport and bingo we are online with the help of someone called D-link-411. We can browse, chat and send e-mails. It was a similar thing that the terrorists did when they logged into the Internet using the wi-fi router of an American in Navi Mumbai to send the e-mails to newspapers and TV channels about the impending bomb blasts in Ahmedabad. Logging into the Internet with someone else’s wi-fi is the modern equivalent of borrowing sugar from your neighbour, unless you plan to do something dirty.
This is not about discovering terrorists but how to keep your identity from being stolen. Ritwik is a network specialist with a large IT company. With scores of executives who log on to the Internet using laptops, he says there is no easy solution. “We have dozens of people logging into the network. We regularly scan the airwaves using a customised software (something like NetStumbler) to discover intruders. The other security measure we take is to log each of the MAC address on the Wi-Fi router, and access is given only to the logged address. Then, there are the firewalls and gateways that protect the network and we even programme the laptops to prevent them from logging on to unsafe networks even outside the office space,” he says.
This hi-tech security is not available to most homeowners, who just get a wi-fi router or a modem and are delighted with the plug-and-play readiness. As more and more people discover the comfort of wireless Internet, thanks to broadband speeds and cheap wi-fi routers, terrorists and other anti-social elements are discovering the sinister possibilities.
The option of saying, “I-don’t-know-I-don’t-care” is not there as the Indian IT Act-2000 specifies that the onus is on the user to prove that he is not guilty. Simply put: If a terrorist sends a mail using your network, you have to prove that it wasn’t you. It is not that security agencies don’t have aces up their sleeve. Indian security agencies have a version of FBI’s computer and Internet Protocol address verifier (CIPAV), a malware that infiltrates a suspect’s computer and sends out packets of information, ranging from MAC address to the last browsed site to the user name.
Once this information is collected, the CIPAV begins monitoring the computer’s Internet use, logging every IP address to which the machine connects. That’s the good news. The bad news is the bad guys are learning more tricks all the time.
Play safeKeep your wi-fi router away from windows Change all the default settings, including the name Enable MAC address filteringEnable WEP encryptionSwitch off the router when not in use