Technical notes index

WIRELESS NETWORKING

IP numbers.   

new airport    IP, or Internet Protocol, numbers are how information finds its way round the internet. Every computer or other device (printers etc) connected to the internet must have an address. There is a newer system under development, but I shall confine myself to talking about the current version, IPv(ersion)4.

    IP numbers consist of four 8-bit numbers separated by stops, and so run from 0.0.0.0 to 255.255.255.255. In theory this gives a possible 2564 (4,294,967,296) numbers: but certain blocks of numbers are reserved. For examples, private networks, not connected to the internet, should use the range 192.168.0.0 to 192.168.255.255. Normally such networks are connected to a router (more about that in a moment) which hides them from the internet, so that it doesn’t matter that other people are using these numbers on their networks. Even the large number still available is rapidly becoming insufficient for the number of devices in the world, which is why a new system is under development.

    If you have just one computer, you connect it to a dial-up or cable or ADSL modem, and thus to an Internet Service Provider (ISP): they allocate an IP number to your computer. Suppose you want to connect to a web site - in fact a computer somewhere hosting the site - you could type the website’s IP number into your browser, which would request that address, flagging the request as coming from your IP number. (The information goes through many stages, each with its own IP number, on route, but this is normally invisible to you and we can ignore it.) Each packet of information may come back by different routes, but as each carries your IP address it will eventually find its way to your computer.

    Obviously it is very difficult to remember IP numbers; so websites are given names, consisting of a server name at the site, the site itself, and the domain (e.g. .com, .co.uk), separated by stops: for example www.bbc.co.uk - the ‘www’ server (computer) at the BBC site, which uses the ‘co’ for commercial domain in the UK. (‘.fr’ would be France, and so on - only the USA doesn’t have a country domain, so .com, .net etc without a country identifier is the USA.)

    Every ISP has a ‘Domain Name Server’ - a computer with a database matching names to IP numbers. It receives your request for www.bbc.co.uk, looks it up and discovers that the IP number is 212.58.224.126 and uses this in the process of connecting. (If you type these numbers into your browser you get the same result).

    Obviously, the IP numbers for websites must remain the same, or chaos would result. The IP number allocated to you by your ISP normally changes - on each login if you are on dial-up, or daily if you are on broadband - precisely to prevent you running a website from your computer: if you want a static IP address you have to pay more (because it attracts more bandwidth [usage]).

MAC address

    Each Ethernet socket on any computer or any other device has a unique number in its hardware to identify it. This uses letters and numbers - an example would be 00:02:72:00:ED:AC - and so there are many more possible combinations. This address can be be used to identify and authorise a computer. (Incidentally Mac in this context has nothing to do with Macintosh - these numbers are used on all computers.)

Routers

Airport    When you have more computers things get more complicated: you can’t just connect them in parallel. You use a router: the ‘input’ of this (of course it is 2-way in fact) connects to your modem: the ‘outputs’ each connect to your computer. The router receives the IP number from the ISP: it allocates an IP number (in the local network range mentioned above) to each computer or device attached to it, either on a permanent basis or on a first-come-first-served basis each time a computer connects, it doesn’t really matter which.

    When one of the computers requests a web page or other connection (such as e-mail) the router accepts the request, noting the IP number of the computer concerned: it then passes it on to the ISP, with the IP number of the router. (It couldn’t send the computer number in any case, as computers all over the world will have the same IP number from the private network range.) When the information comes back, flagged with the router’s IP number, the router sends it on to the IP number of the computer making the request. It can easily do this with several computers at a time, sending each packet to the correct machine. (This is known as ‘Network Address Translation’, or NAT.) The individual computers’ IP numbers are invisible to the ISP, who are only aware of the request coming from the router. (This becomes important with wireless networks,  as we shall see below).

    Connection and authentication to the ISP depends on the type of connection. Dial-up, and I believe ADSL, require a username and password at the beginning of the connection. Cable systems, such as mine, don’t need this - you register the MAC address of your computer and the modem recognises this. Although my router has its own MAC address out of the box you can change it: mine now has the same address as my iMac, so that if necessary I can simply connect the iMac directly to the modem and proceed immediately.

    Wireless routers simply use a wireless connection instead of the wired outputs described above, but the process is exactly the same: however for security you can a) prevent the network from ‘announcing’ its name, effectively making it invisible to anyone who doesn’t know the name: b) encrypt all communications, requiring a password: and c) allow only specific MAC addresses to join the network. None of these is 100% protection, since a hacker might guess your password, and could, if he knew your MAC address, ‘clone’ it to pretend to be your computer. However this requires a high degree of sophistication and is unlikely to happen in a domestic environment. Unfortunately most wireless routers come with the security turned off out of the box, and most users don’t know enough to set it up. This leaves the network open to all and sundry - one of my neighbours had an unprotected network until I suggested that they secure it.

    My own network uses a wired router and a separate wireless router (the Airport) connected to it: but for the purposes of this discussion I will assume a wireless router (which comes to the same thing).

   I will now try to answer some specific questions.

What actually happens if you log on to someone’s unprotected network? What do you see?

    You don’t really ‘see’ anything: you choose the unprotected network by its name from a list and join it: you then will find that you have access to their internet connection, provided it is open (as it would be all the time if it was broadband). You can then use it to surf the internet or collect email just as if you were connected to your own connection. I did this with my neighbours network before it was protected, downloading just one small page, just to prove it could be done. A friend of mine has an agreement with his neighbour and uses his network - I don’t know whether the network is protected or not - this is probably against the rules of the neighbour’s ISP, since in effect one connection is being used by two households.

    Logging on without permission in this way is probably illegal - there has been the odd successful prosecution about it - but there is an ongoing legal discussion in the USA because it’s a new area and not covered by specific laws. In my view it’s a form of theft, since you are using a connection someone else is paying for (and some ISPs impose a monthly download limit, which you would be cutting into).

Do you arrive with full access to anything that is not password-protected?

Airport    You can access the internet connection: though if it was dial-up and off at the time I would assume that you wouldn’t be able to connect without the password. You can’t access their computer if they don’t have file sharing turned on: if they only have one computer they wouldn’t have. File sharing enables one computer to see either all or certain areas only of the hard disk of another, given the right conditions (Mac to Windows is tricky but can be done: Mac OSX to Mac OS9 doesn’t work at all with the latest version of OSX). Each computer has to be given a name - e.g. ‘iMac’, or ‘Roger’s Computer’, or whatever: and Macs have a multi-user environment which requires a username (e.g.’roger’). To get into someone’s computer over a hacked wireless connection: a) file sharing has to be on both computers, b) you have to know the computer’s name and possibly the user’s name, c) you have to know the password (though they might not have set one, or simply chosen ‘password’ - people do), and d) the computers have to be compatible. So it can be done, but it’s not simple.

Does the ‘owner’ of the unprotected network know that there is an infiltrator?

    Probably not, unless they notice their internet connection speed dropping because it’s being shared. There is as far as I know no obvious indication of it. However if they log into their wireless router’s administration pages (usually web-type pages) they may find a list of connected machines similar to the one above, and they would then see one they didn’t recognise. Anyone who has left their network open is unlikely to do this.

How would you be able to access ‘his’ internet connection?

    As described above - it just happens once you have joined the network.

Wouldn’t the ISP detect that there was an unauthorised user?

linksys    This is the crux of the problem, and the answer is no. As far as the ISP is concerned all requests are coming from the router: the router hides the actual machines from the ISP. ISPs do log requests made and the IP number requesting them (this has been evidence in child-porn trials): so if you log onto a neighbour’s open network and download porn, the ISP’s log will show them as having done it, and you can see how dangerous this is. I gather from a magazine article that there was a case of a female teacher whose network was used in this way, and she had a hell of a job proving that it hadn’t been her who had downloaded this stuff - and of course mud sticks.

    There is mounting pressure on the manufacturers of wireless routers to have security enabled by default: the problem arises because people with no technical knowledge buy this gear and won’t read manuals.

    There is a subculture growing up of people driving around looking for unprotected networks to hack into - apparently it’s called ‘wardriving’ - though quite what they do when they hack in I don’t know, I suppose just use the internet connection: and I imagine attempts are made to hack protected networks, though this is an area I know little about. There are various programs designed to help you find networks (for example you can pay a subscription to log on at some railway stations, and at London's South Bank concert halls).

   I have a program which shows the reception and noise levels of available wireless networks: it shows the MAC address of the routers, but of course no details of any connected computers. (It will also check on Bluetooth, and on ‘Bonjour’ which is a Mac-specific networking protocol useful in small businesses.)  In addition to my network, it shows a network called ‘NETGEAR’, which is the make of my neighbour’s router, and obviously the default network name. I believe this program plays nice and doesn’t show closed (invisible) networks (it can show mine because it’s legitimately connected to it): there are some programs specifically designed to aid illicit hacking - one I’ve seen mentioned specifically claims to be able (eventually) to break the encryption, though I’ve no idea whether this is true. I notice that many of these programs run in Linux rather than the more conventional systems.

Roger Wilmut.