Securing your Home Network – Close the Ad-Hoc Wi-Fi® Backdoor

In an effort to make data sharing easy, many Wi-Fi® devices support both Infrastructure Mode connections and Ad-Hoc peer-to-peer connections.  Infrastructure mode is most common and is when a Wi-Fi® device connects directly to a Wi-Fi® Router or Access Point. (See my article on “Wi-Fi® – Wireless Router vs. Wireless Access Point.”)  There is another type of connection, known as an “Ad-Hoc” peer-to-peer connection which enables two Wi-Fi® capable devices to connect directly to each other without going through your Home or Office Wi-Fi® network.

Ad-Hoc peer-to-peer connections are very common with Apple Mac Computers, iPhones, and iPads.  Almost any two Apple devices will “find” each other automatically and if security permissions are not set correctly, will immediately share their resources.  This will occur regardless of if the Apple devices are connected over hard-wire Ethernet or Wi-Fi®.  Visible resources on your computer can include the entire hard drive, specific folders, external devices like printers and specifically, access to your Home or Office Wi-Fi® network – which may not be your intention – to share.

When the Ad-Hoc sharing capability of a Wi-Fi® computer or device is configured properly, it can be beneficial as it designed to allow guests to access your Printer.  In addition, Ad-Hoc peer-to-peer networking may be enabled to share a PUBLIC folder specifically to allow for the exchange of documents, photos, and files.

The security risk is that if you have a computer attached to your Home or Office network and the Wi-Fi® Ad-Hoc peer-to-peer network support is turned “On” without any security engaged, you risk unauthorized access to your files and Network.  Both Mac and Windows based Computers as well as many other Tablets, Smartphones, Printers, and Wi-Fi® enabled devices support Ad-Hoc Wi-Fi® peer-to-peer networks.  In fact, many Wi-Fi® enabled printers make Ad-Hoc connections directly to the Computer bypassing your Home or Office Wi-Fi® network completely.  Printer manufacturers do this as it eliminates the need to know your Wi-Fi® SSID (network name) and access password.  The Printer setup software takes care of creating the connection from the printer to each computer via an Ad-Hoc peer-to-peer network without any assistance from the user.

Protecting yourself and your network is easy:  Unless you specifically need Ad-Hoc peer-to-peer network support on your computer, TURN IT OFF!  The risk is not just from someone connecting to your Computer or Wi-Fi® enabled device while in your Home or Office, but anywhere.

The next time you are in a public place with many Wi-Fi® users around you, look closely at the “Available Wireless Networks” list of networks you can join.  Notice that many will say “Ad-Hoc.”  Each of these Computers or Wi-Fi® enabled devices is at risk for having almost anyone potentially access the data on the device especially if the Security options have not been properly configured.  Any network listed that has a “lock” symbol or says it is “closed” is properly secured.

To turn-off or configure Ad-Hoc peer-to-peer network, do the following:

On a Mac, go to “System Preferences” – “Sharing” and UN-CHECK all of the boxes.  If you do require sharing of resources such as Files, the DVD Drive, or Printers, then make sure to properly configure Group or User level access to these resources.

On a PC running Windows XP, go to “Network Connections” – the “Wireless Connection” – “Advanced” “Networks to Access” options and click the Radio Button “Allow Access Point – Infrastructure Networks Only.”  (This is the same general section to both create and share the Resources from your Windows XP computer via an Ad-Hoc peer-to-peer network as well as to restrict your ability to connect to one.)  For Windows 7, go to “Control Panel” and select “Manage Wireless Networks” and the instructions are similar.  Using your favorite Search Engine, use the term “ad-hoc networks Windows XP  (or Windows 7) to find numerous tutorials.

Summary:  Turn off “Ad-Hoc” peer-to-peer networking unless you absolutely need it.  If you do need it, make sure to review which resources are shared and properly secure the guest access, specific user name, or group with a strong, complex password. (See my article, “A Complex Password may not be a Strong Password.”)

Speak Your Mind

*