• How To Check To See If My Network Is Secure

If you’re wondering just how secure your home network is, here’s an easy way to find out. Pure Networks, makers of the popular Network Magic management tool for home networks, has a that will deliver a scorecard on your network’s security status.The tool, which works only with Internet Explorer 6 or later, is clearly bait for Network Magic.

Mar 13, 2008 - If you're wondering just how secure your home network is, here's an easy way to find out. I tested my home network and scored 98 percent.

But it’s a fun download that can provide insight into your network security in just a few minutes.Run the scan, and the resulting scorecard provides a summary status of network devices, the router and network, wireless security, and the computer on which you ran the scan. It advises you of the number of issues tested for each category, alerts you to any worrisome issues found. Click View and it gives you a detailed look within each category.Some of the items it tests under Router and Network include whether you are running a hardware firewall, if your password is strong (and, of course, changed from the factory default), and whether your router firmware is up to date. Under the Wireless Security tab, the scan checks to ensure that you have changed the factory SSID, tells you what kind of wireless security you’re using, and whether there are any SSID name conflicts.

It’s a fun test to run, as long as you ignore all the suggestions to download Network Magic. But if you like the interface, you might consider the downloading the networking tool. I’ve played with it a bit and the software seems intuitive and helpful. It’s a free download for a seven-day trial period, and the full version of will cost you $49.99. If you have Macs mixed in with Windows PCs, opt for the $64.99, which enables you to easily share printers and files between Windows machines and Macs.Related Topics.

By registering you become a member of the CBS Interactive family of sites and you have read and agree to the,. You agree to receive updates, alerts and promotions from CBS and that CBS may share information about you with our marketing partners so that they may contact you by email or otherwise about their products or services.You will also receive a complimentary subscription to the ZDNet's Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe from these newsletters at any time.ACCEPT & CLOSE.

Wi-Fi stumblers can detect nearby APs and their details, like the signal level, security type, and MAC address. You might find APs set with weak WEP security, which can be easily cracked, or possibly rogue APs setup by employees or others that could be opening your network up to attack. You can use wireless sniffers to capture raw network packets sent over the air. You could import the captured traffic into other tools, such as to crack encryption. Vistumbler is an open source Windows application that displays the basic AP details, including the exact authentication and encryption methods, and can even speak the SSID and RSSI.

It also displays graphs of signal levels. It's highly customizable and offers flexible configuration options.

It supports AP names to help distinguish them, also helping to detect rogue APs. Kismet is an open source Wi-Fi stumbler, packet sniffer, and intrusion-detection system that can run on Windows, Mac OS X, Linux, and BSD. It shows the AP details, including the SSID of 'hidden' networks. It can also capture the raw wireless packets, which you can then import into Wireshark, TCPdump, and other tools. In Windows, Kismet only works with CACE AirPcap wireless adapters due to the limitation of Windows drivers. It does, however, support a variety of wireless adapters in Mac OS X and Linux.

There are many tools out there that can crack Wi-Fi encryption, either taking advantage of WEP weaknesses or using brute-force dictionary-based attacks on WPA/WPA2-Personal (PSK). Thus you should never use WEP security. WPA2 security with AES/CCMP encryption is the most secure. And if you use the Personal or Pre-shared key (PSK) mode, use a long 13+ character passphrase with mixed-case letters, numbers, and special characters — any ASCII characters will do. You can use these tools to understand the Wi-Fi encryption weaknesses or to test your current passwords: Aircrack-ng is an open source suite of tools to perform WEP and WPA/WPA2-Personal key cracking, which runs on Windows, Mac OS X, Linux, and OpenBSD. It’s also downloadable as a VMware image and Live CD. Though the Enterprise mode of WPA/WPA2 security with 802.1X authentication is more secure than the Personal (PSK) mode, it still has vulnerabilities.

How To Check To See If My Network Is Secure

Here’s a tool to help you better understand these attacks, how you can protect your network, and test your security: FreeRadius-WPE is a patch for the open source FreeRADIUS server designed to perform man-in-the-middle attacks against users of wireless networks using 802.1X authentication. It modifies the server to accept all NAS devices and EAP types and logs the username and challenge/response from the unsuspecting users that connect to the fake wireless network. Then the challenge/response can be inputted into another Linux program, asleap, to crack the encrypted password. If you have a wireless router instead of or in addition to APs, you should be aware of a vulnerability publicly discovered in December. It involves the Wi-Fi Protected Setup (WPS) feature found on most wireless routers and usually activated by default when using WPA/WPA2-Personal (PSK)security.

The WPS PIN, which can be used to connect to the wireless router, can be easily cracked within hours. Here’s one tool you can use to test your wireless routers against the WPS PIN weakness: Reaver is Linux program that performs brute force attacks against wireless routers to reveal their WPS PIN and WPA/WPA2 PSK within 4 - 10 hours. They also offer an easy-to-use hardware solution, Reaver Pro, with a graphical web interface. One technique Wi-Fi hackers can use is by setting up a fake AP, aka an evil twin AP or wireless honey pot. Once someone connects to the AP the hacker can then capture any email or FTP connections or possibly access the user’s file shares.

They could also use a captive portal or spoofed DNS caching to display a fake website mirroring a hotspot or website login page in order to capture the user’s login credentials. WiFish Finder is an open source Linux program that passively captures wireless traffic and performs active probing to help identify wireless clients vulnerable toattacks. It builds a list of network names that wireless clients are sending probe requests for and detects the security type of that desired network.

Jasager (based on KARMA) is Linux-based firmware offering a set of Linux tools to identify vulnerable wireless clients, like WiFish Finder, but can also perform evil twin or honey pot attacks. It can run on FON or WiFi Pineapple routers. It can create a soft AP set with the SSIDs nearby wireless adapters are probing for and run a DHCP, DNS, and HTTP server so clients can connect. The HTTP server can then redirect all requests to a website. It can also capture and display anyclear-text POP, FTP, or HTTP login performed by the victim.

Jasager features a web-based and command-line interface. Here are a few tools to demonstrate eavesdropping and attacks that we’ve seen on wired networks for years, which also can work via Wi-Fi: Nmap (as in Network Mapper) is an open source TCP/IP scanner you can use to identify hosts and clients on the network, available on Linux, Windows, and Mac OS X with a GUI or a command-line. It reports what OS they’re using, services they’re using or offering, what type of packet filters or firewalls they’re using, and many other characteristics. This can help you find insecure hosts and ports that may be susceptible to hacking.

If you’re serious about penetration testing, consider using a Linux distribution dedicated to it. One of the most popular is BackTrack, which offers over 320 preinstalled penetration testing tools you can use for playing around with networks, web servers, and more. You can install BackTrack to a hard drive or boot it from a Live DVD or USB flash drive.Eric Geier is a freelance tech writer.

He’s also the founder of NoWiresSecurity that helps businesses protect their Wi-Fi with enterprise (802.1X) security and On Spot Techs that provides on-site computer services.