In the April 2006 issue of Today’s Farmer we discussed the risks associated with information harvesting

Wrangling wireless information
By Scot Mewbourn and John Garrison

Wireless technology requires proper setup and brings risks.

In the April 2006 issue of Today’s Farmer we discussed the risks associated with information harvesting—cases where individuals or companies try to capture information about you the consumer through a variety of methods. In this month’s issue, we want to dig a little deeper into another area along those lines, wireless technology.

On today’s farm, many people are using wireless technology and routers to allow multiple people and computer devices to access the Internet from a single point. All of the wireless technology that can be purchased today has the ability to have a level of security setup that will keep other people from using your wireless network. However, many people don’t take the small amount of time and effort necessary to make sure that only intended users can access such networks. Wireless routers all support a “Wired Equivalency Protocol,” known as WEP. This is the equivalent of your computer being required to identify itself with a secret password before it is allowed access to the network. Even if you are remotely located, your network can be tapped into, and depending on your computer’s configuration, your private data may be at risk. Now that we know the risk, let’s talk about how you can make sure only those you authorize are using your network.

Wireless networking and the security protection available for it, are comparatively the same as the lock on your front door. Locks and fences basically keep neighbors who are honest off your property and out of your things. Those who wish to break in, the dishonest people and burglars, can easily defeat these deterrents. Wireless networking basically is the same—those who want to break in and have the correct tools can gain access to your network, your Internet connection and quite possibly your computer files and personal information. All wireless routers are configurable; following the directions that are shipped with the unit will give step-by-step instructions on setting up security on your Wi-Fi router.

WEP is what is required to keep unauthorized users out of your network. There are two levels of security with this protocol, 64-bit and 128-bit. Using the 128-bit level is the highest level of this type of security available. To use 128-bit security requires the use of a 13 character password, usually a combination of letters and numbers. The password is converted into a 24 character code that is used to secure and encrypt the router’s transmissions. Referring to your Wi-Fi Router’s manual, the next step in securing the router from unauthorized access is to change the default Service Set Identifier (SSID) which is the name of your Wi-Fi router. Usually this is the manufacturer’s name (i.e. Linksys, Netgear, etc.). Once changed, this needs to be kept from being broadcast to anyone who is looking for an available wireless access to the Internet. Usually, this is just a checkbox to turn this option off.

Making changes to these settings usually requires a router reset/restart. The Wi-Fi router is now secure from any close proximity user access. Connecting your PDA or laptop to your Wi-Fi requires similar configurations, which can also be found in your wireless adapter manual. Matching what is configured on your Wi-Fi router is critical in making a connection.

There are more powerful encryption protocols available, which are found on newer Wi-Fi routers and adapters. Called Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access2 (WPA2), these newer protocols have increasing security from the basic WEP to the highest WPA2 protocol. The WPA protocols have advanced settings and could quite possibly frustrate the novice who attempts to set this level of security for the home network.

Wi-Fi Internet access is quickly becoming ubiquitous. Hotels, airports and even coffee shops now offer free Internet access to their customers. This convenience does not come without a price; the hacker element can and do monitor these types of locations to collect the transmissions between the Wi-Fi routers and the connected PDAs and laptops. Every keystroke can be seen and read because these connections are usually not encrypted by using basic WEP or WPA levels of security. Your user name and associated password can be viewed and recorded.

While recently attending a security conference in St. Louis, we actually learned the trade tools that hackers use. Many of the attendees were staying at the hotel, which, of course, offered free Internet access. Unknown to the other attendees, we each were “sniffing” the hotel’s network. It was amazing what was shared during the subsequent days in class: user names, passwords and credit card numbers! That private information, which was thought secure, wasn’t. Knowing the porosity of the hotel’s network security made retrieving e-mail a bit nightmarish. Who might be reading them?

So, convenience comes with a price. Wireless connections have become commonplace in many homes. The price of such convenience is risk that someone may be looking in. And while most of us will continue to use our computers in airports, hotels, and even out in the field for gathering crop and livestock data, at least we can be aware of the potential risks and make sure we don’t become an unwitting victim.

Scot Mewbuorn is the IT services director for MFA and John Garrison is the technical support manager for MFA Incorporated.