that the packets travel inside the router.
Electronic Intelligence and Signals Intelligence
143
Computers can be connected to the router either with a wire called an
Ethernet cable or without wires, in the case of a wireless router. Some wireless routers have two antennas; most have at least one. The antennas can be unscrewed and replaced by bigger, more powerful antennas. Data from
the Internet will travel through the router and then transmitted through
the antenna(s) and broadcast to the wireless adaptor on the computer, laptop, or any other wireless adaptor in range (whether it is yours or not). So the wireless signals are radio waves from a wireless router at between 2.4
and 2.5 GHz.
Other electric devices known to clash with your wireless signals are
digital phones, baby cot monitors, Bluetooth devices, other wireless routers, etc. To solve this problem, change the frequency of the radio waves by changing the channels. The changes you are permitted to make are from
2.4 to 2.5 GHz. You make these changes from the router’s control panel
(called the configuration page). So Channel 1 will mean 2.41 GHz, Channel 2
will mean 2.42 GHz, Channel 3 will mean 2.43 GHz, and so on.
The first step in setting up a router is usually to set up the router with a direct cable connection, that is, an Ethernet or network cable. The setup or installation wizard should then take you through the steps to get you connected to the router and onto the Internet. Before you do this, contact your ISP and get any router setting they may have. You will need your broadband user name and password. Once you have a wired connection set up, you can
then set up a wireless connection, and when you have your wireless connection up and running, you can unplug the network cable.
External networks are an important part of the overall security strategy.
Separate from the router may be a firewall or VPN handling device, or the router may include these and other security functions. Many companies produced security-oriented routers, including Cisco Systems’ PIX and ASA5500
series, Juniper’s Netscreen, WatchGuard’s Firebox, and Barracuda’s variety of mail-oriented devices.
A lot of wireless routers don’t have security turned on by default. Your
configuration pages will allow you to turn it on, and there is usually a Help menu that explains the various security settings. You may need to go into the config pages to set up wireless security. If you don’t have security switched on, anyone within range of your wireless router will be able to connect to it. There are two types of security that most wireless routers use: Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA), which encrypt your signals with a key. With the wireless security turned on, the router needs your key before it will allow access and any traffic through it.
WEP is an older form of security and is not as safe as WPA. There are programs around that hackers can download to crack WEP. Once they
have WEP cracking software, they may be able to gain access to your router and get a free ride on the Internet or worse. The WEP key will be either
144
Advanced Criminal Investigations and Intelligence Operations
64 bits or 128 bits in length (128 bits is 26 characters and will be mixture of the numbers 0–9 and the letters A–F.) When setting up the router for a wireless connection, you have to type out all 26 characters correctly or it won’t connect.
WPA security is really an updated WEP, using different and stronger encryption that is harder to crack. It is easier to set up because you only need to set up a short pass phrase instead of typing out 26 letters and numbers.
WPA is better than WEP.
Here are a few steps you can take to make your home network a less
inviting target: (1) In your router security settings, make sure you’ve changed any default user names and passwords. These will be the first things any hacker tries, much the way a burglar jiggles a doorknob to see if it’s unlocked.
(2) Disable wireless access to your router’s management console, which allows you to manage its settings by pointing a web browser to an address such as 192.168.1.1. Disabling wireless access means you will have to be physically plugged into the router in order to manage it, making it far more difficult to hack. (3) Consider replacing your router’s internal software with an open-source alternative such as DD-WRT, Tomato, or OpenWRT. While these
options aren’t particularly consumer friendly, their firmware is less likely to contain obvious vulnerabilities. (4) If you haven’t already done so, you should consider enabling your wireless router’s built-in firewall. Enabling the firewall can help to make your network less visible to hackers looking for targets on the Internet. Many router-based firewalls have a stealth mode that you can enable to help reduce your network’s visibility.
Routers and Wi-Fi: How to Access Router Settings
A router is a device that forwards data packets between computer networks, creating an overlay internetwork (a computer network that is built on the top of another network). A router is connected to two or more data lines
from different networks. When a data packet comes in one of the lines, the router reads the address information in the packet to determine its ultimate destination. Then, using information in its routing table (a table that lists the routes to particular network destinations) or routing policy (decisions based on policies set by the network administrator), it directs the packet to the next network along its route.
Routers perform the traffic directing functions on the Internet. A data packet is typically forwarded from one router to another through the networks that constitute the internetwork until it reaches its destination node.
Small home and office routers simply pass data, such as web pages, e-mail, IM, and videos between the computers and the Internet. An example of such
Electronic Intelligence and Signals Intelligence
145
routers is the owners’ cable or DSL modem that connects to the Internet
through an ISP. More sophisticated routers, such as enterprise routers, connect large business or ISP networks to powerful core routers that forward data at high speed along the fiber-optic lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers is increasingly more common.
The IP address is the address used for identifying a device on the Internet.
The correct router default IP address (IP address) is the one specific to the router manufacturer that is connected to the computer being used. The internal router settings can only be accessed if the computer that is searching the IP is connected to that router. To access router settings (security, firewall, passwords, etc.), enter the correct default IP address into the address bar on any search engine (see Figure 8.18). Different brands have different default addresses that apply to those specifically, for example,
• Belkin: 192.168.2.1
• Linksys: 192.168.1.1
• Netgear: 192.168.0.1
To get to Command Prompt, go to Start (on your computer), then use the search bar for “search programs and files” to search for “command prompt”
or just “cmd.” Under Command Prompt (cmd), enter “ipconfig.” This shows a user all of the current IP configurations on his computer (Figure 8.19).
Figure 8.18 Router setup.
146
Advanced Criminal Investigations and Intelligence Operations
Figure 8.19 IP configuration.
Using Wi-Fi Technology
Wi-Fi technology allows an electronic device to exchange data wirelessly, by any WLAN. A device that can use Wi-Fi, such as a personal computer, video game, smartphone, tablet, and digital audio player, can connect to a network resource such as the Internet by a wireless network access point or hotspot, having a range of about 20 m (65 feet) indoors and a greater range outdoors.
Hotspot coverage can involv
e an area as small as a single room with walls that block radio waves or as large as several square miles, using multiple overlapping access points. They transmit at frequencies of 2.4 or 5 GHz. The higher frequency allows the signal to carry more data.
802.11a transmits at 5 GHz and can move up to 54 megabits of data per second. It also uses orthogonal frequency-division multiplexing (OFDM), a more efficient coding technique that splits that radio signal into several sub-signals before they reach a receiver. This greatly reduces interference. 802.11b is the slowest and least expensive standard and transmits in the 2.4 GHz
frequency band of the radio spectrum. It can handle up to 11 megabits of
data per second and it uses complementary code keying (CCK) modulation to improve speeds. 802.11g also transmits at 2.4 GHz like 802.11b, but it is faster and can handle up to 54 megabits of data per second, because it uses the same OFDM coding as 802.11a. 802.11n is the most widely available of the standards and is backward compatible with a, b, and g. 802.11n can achieve
Electronic Intelligence and Signals Intelligence
147
speeds as high as 140 megabits per second and transmit up to four streams of data, each at a maximum of 150 megabits per second, but most routers only allow for two or three streams.
802.11ac is the newest standard as of early 2013 but has yet to be widely adopted. 802.11ac is also backward compatible with 802.11n (and therefore the others, too), with n on the 2.4 GHz band and ac on the 5 GHz band.
It is sometimes called 5G Wi-Fi because of its frequency band, sometimes Gigabit Wi-Fi because of its potential to exceed a gigabit per second on multiple streams, and sometimes very high throughput ( VHT) for the same reason. Wi-Fi radios can transmit on any of three frequency bands. Or they can frequency hop rapidly between the different bands. Frequency hopping helps reduce interference and lets multiple devices use the same wireless connection simultaneously (Tables 8.1 and 8.2).
Public Wi-Fi hotspots normally require a paid subscription. The sign-
up process involves providing credit card information online or by phone
and choosing a service plan. Some service providers offer plans that work at thousands of hotspots throughout the country. A few pieces of technical information are also required to access Wi-Fi hotspots. The network name
(also called service set identifier [SSID]) distinguishes hotspot networks from each other. Encryption keys (a long series of letters and numbers) scramble the network traffic to and from hotspots and businesses. Service providers supply this profile information for their hotspots.
Computers can scan for hotspots within range of their wireless signal
and identify the network name (SSID) of the hotspot allowing the computer to initiate a connection. Users can also use a small Wi-Fi finder device, used Table 8.1 Wi-Fi Frequencies 2.4G Band
Channel
Lower Frequency
Center Frequency
Upper Frequency
1
2.401
2.412
2.423
2
2.406
2.417
2.428
3
2.411
2.422
2.433
4
2.416
2.427
2.438
5
2.421
2.432
2.443
6
2.426
2.437
2.448
7
2.431
2.442
2.453
8
2.436
2.447
2.458
9
2.441
2.452
2.463
10
2.451
2.457
2.468
11
2.451
2.462
2.473
Note: In the United States and Canada, there are 11 channels available for use in the 802.11b 2.4 GHz Wi-Fi frequency range. This standard is
defined by the IEEE.
148
Advanced Criminal Investigations and Intelligence Operations
Table 8.2 Wi-Fi Frequencies 5G Band (5.180–5.825 GHz)
Frequency
U.S.
Europe
Channel U-NII Band
(MHz)
(40/20 MHz) (40/20 MHz)
36
1
5180
Yes
Yes
38
1
5190
No
No
40
1
5200
Yes
Yes
42
1
5210
No
No
44
1
5220
Yes
Yes
46
1
5230
No
No
48
1
5240
Yes
Yes
52
2
5260
Yes
Yes
56
2
5280
Yes
Yes
60
2
5300
Yes
Yes
64
2
5320
Yes
Yes
100
2e
5500
Yes
Yes
104
2e
5520
Yes
Yes
108
2e
5540
Yes
Yes
112
2e
5560
Yes
Yes
116
2e
5580
Yes
Yes
120
2e
5600
No
Yes
124
2e
5620
No
Yes
128
2e
5640
No
Yes
132
2e
5660
No
Yes
136
2e
5680
Yes
Yes
140
2e
5700
Yes
No
149
3
5745
Yes
No
153
3
5765
Yes
No
157
3
5785
Yes
No
161
3
5805
Yes
No
165
3
5825
Yes
No
scan for hotspot signals, and many provide an indication of signal strength to help pinpoint their exact location. Before traveling, the location of Wi-Fi hotspots can be found using online wireless hotspot finder services. With the profile (network name and encryption settings) applied on the wireless network adapter, you initiate the connection from your computer operating system (or software that was supplied with the network adapter). Paid or restricted hotspot services will require you to log in with a user name and password the first time you access the Internet.
Taking basic precautions help ensure reasonable safety when using Wi-Fi
hotspots. First, choose only reputable public hotspot service providers and ones who use strong security settings on their networks. Second, be aware of your surroundings and watch for suspicious individuals in the vicinity
Electronic Intelligence and Signals
Intelligence
149
who may be reading your screen or planning to steal your computer. Third, ensure you do not accidentally connect to nonpreferred hotspots by checking your computer’s settings. Although not normally enabled, most computers
have a setting available allowing these connections to happen automatically without notifying the user. This setting should not be enabled except in temporary situations with the user’s awareness. To verify whether automatic
connections to open Wi-Fi networks are allowed, check the computer’s wireless configuration settings. For example, for Windows XP:
1. From the Start menu, open Windows Control Panel.
2. Inside Control Panel, click the “Network Connections” option if it
exists; otherwise, first click “Network and Internet Connections”
and then click “Network Connections.”
3. Right-click “Wireless Network Connection” and choose “Properties.”
4. Click the “Wireless Networks” tab on the Properties page.
5. Click the “Advanced” button in this tab.
6. Find the “Automatically connect to nonpreferred networks” setting.
If checked, this setting is enabled; otherwise, it is disabled.
Wi-Fi can be less secure than wired connections (such as Ethernet) because an intruder does not need a physical connection. Web pages that use SSL or its successor, transport layer security ( TLS), to encrypt the data of network connections are more secure, but unencrypted Internet access can easily be detected by intruders. Because of this, Wi-Fi has adopted various encryption technologies. Because the early encryption, WEP (a security algorithm for wireless networks), was proven easy to break, higher-quality security protocols and security certification programs WPA and WPA II ( WPA2) were added later.
The man-in-the-middle attack (abbreviated MITM, MitM, MIM, MiM, MITMA) in cryptography and computer security is a method of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, to make them believe that they are talking directly to each other over a private connection, when the entire conversation is actually controlled by the attacker. The attacker is able to intercept messages going between the two victims and inject new ones (e.g., an attacker within reception range of an unencrypted Wi-Fi access point).
A man-in-the-middle attack can succeed only when the attacker can
impersonate each endpoint user by attacking mutual authentication or
lack thereof. Most cryptographic protocols include some form of endpoint
authentication to prevent MITM attacks. SSL can authenticate one or both
parties using a mutually trusted certification authority.