Q&A - From The Labs

Malware Trivia: Episode 1

The weekly batch of questions and answers on security

Hey there. If you’re one of the loyal readers of MalwareCity, then you probably know who I am and what I’m doing at BitDefender. If you’ve just stumbled upon our blog, then here I am in a nutshell: I’m one of BitDefender’s Communication Specialists and, for the past two years and some since I joined the MalwareCity initiative, I’ve dealt with malware, spam and phishing. This is the first article of the question and answer series, a (hopefully) interactive session between you and me. The rules of this game are simple: you ask a question that concerns you and I’ll give you the answer, as long as it is related to computer security.

I’ll dedicate this week’s episode of the Malware Trivia to answering questions you have left as comments in our articles. Without further ado, let’s hit the road with the questions and answers. Silviucu had, for instance, a few interesting questions:

1.  Why does everyone recommend WPA or WPA2 encryption instead of WEP encryption? – Question asked by Silviucu

The WEP encryption protocol dates back in 1997. Over time, it has been proven to have a couple of design flaws that allow an attacker to crack its key within minutes. WPA and WPA2 are much safer than the now deprecated WEP, which is currently kept alive just because of the backward compatibility issues. Bottom line: if your hardware supports it, make sure you’re using WPA or WPA2. Also, make sure you’ve read my full guide on how to secure your wireless network.

2.  How can multiple wireless networks exist in the same room and still be secure? – Question asked by Silviucu

Wireless communication is somewhat similar to the way wired networks work, except for the fact that signals are transported via radio waves, rather than through copper wires. In order to exchange information, the devices need to be paired in a network, a step that is conditioned by the level of authentication of the network.

What you see displayed in the network connection manager is the network’s SSID that broadcasts as a beacon to let users know there is a network they can connect to. However, you will only be able to exchange data with the network after you have successfully joined it.  Of course, all the other wireless networks that are visible to the computer broadcast in the same physical space, which means that the computer’s wireless card can “see” them. However, since the computer is not in the same network as the other routers broadcasting signals, it will not be a valid destination for the broadcast. What prevents the data from leaking is the fact that it is encrypted. The encryption key ensures you’re not sniffing traffic between two legitimate clients (such as your neighbor’s router and his computer). Even if you can physically intercept it, it won’t reveal the information to prying eyes.

3.  How can i keep my computer safe in an unsecured wireless network? – Question asked by Silviucu

If you’re using an unsecure network, such as the one in your campus, library or coffee shop, we’d like to advise you to avoid logging into any of your accounts. A good firewall will help you restrict access to your computer by refusing communications on critical ports. The BitDefender firewall has a Public mode that not only filters network communication, but also disables network shares that might expose your data to a malicious user connected to the same network as you.

4.   What's the best practice to keep people away from my own private wireless network? – Question asked by Silviucu

The short answer is to use WPA/WPA2 encryption and secure your administrative area of the router with a complex password. The Wireless Network Security guide we published last week is a good start if you plan to deploy a wireless network or if you’d like to re-enforce the security of your existing one.

That is all for today. If you’d like to get a response to your security-related questions, don’t hesitate to drop me a few lines via the contact form below this article.

About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.