Everything about wireless networks
 

Welcome to our wireless Archive. Have fun browsing!

 

Article #63: The security risks and ways to decrease vulnerabilities in a 802.11b wireless environment

(Browse for more articles)

 
This document explains topics relating to said that, "at least 20 percent of
wireless networks. The main topics enterprises already have rouge access
discussed include, what type of points." Another type of attack would be
vulnerabilities exist today in 802.11 if, someone from outside the
networks and ways that you can help organization, enters into the workplace
prevent these vulnerabilities from and adds an Access Point by means of
happening. Wireless networks have not Social Engineering.
been around for many years. Federal Insecure Network Configurations- Many
Express has been using a type of wireless companies think that if they are using a
networks, common to the 802.11 networks firewall or a technology such as VPN,
used today, but the general public has they are automatically secure. This is
recently just started to use wireless not necessarily true because all security
networking technology. Because of weak holes, big and small, can be exploited.
security that exists in wireless Also if devices and technologies, such as
networks, companies such as Best Buy have VPNs, firewalls or routers, are
decided to postpone the roll-out of mis-configured, the network can be
wireless technology. The United States compromised.
Government has done likewise and is Accidental Associations - This can happen
suspending the use of wireless until a if a wireless network is setup using the
more universal, secure solution is same SSID as your network and within
available. range of your wireless device. You may
Background accidentally associate with their network
What is Wireless? without your knowledge. Connecting to
Wireless LANs or Wi-Fi is a technology another wireless LAN can divulge
used to connect computers and devices passwords or sensitive document to anyone
together. Wireless LANs give persons more on the neighboring network. Wireless LAN
mobility and flexibility by allowing Security - What Hackers Know That You
workers to stay connected to the Internet Don't Copyright 2002
and to the network as they roam from one Social Engineering - Social Engineering
coverage area to another. This increases is one of the most effective and scariest
efficiency by allowing data to be entered types of attacks that can be done. This
and accessed on site. type of attack really scares me and can
Besides being very simple to install, be done for many other purposes besides
WLANs are easy to understand and use. compromising security in wireless
With few exceptions, everything to do networks. A scenario: Someone dressed up
with wired LANs applies to wireless LANs. as a support person from Cisco enters the
They function like, and are commonly workplace. The secretary sees his fake
connected to, wired Ethernet networks. credentials and lets him get pass the
The Wireless Ethernet Compatibility front desk. The impersonator walks from
Alliance [WECA] is the industry cubicle to cubicle, collecting user names
organization that certifies 802.11 and passwords as he/she goes. After
products that are deemed to meet a base finding a hidden corner, which seems to
standard of interoperability. The first be lightly traveled, he plugs an insecure
family of products to be certified by Access Point into the network. At the
WECA is that based on the 802.11b same time he configures the Access Point
standard. This set of products is what we to not broadcast its SSID and modifies a
will be studying. Also more standards few other settings to make it hard for
exist such as 802.11a and 802.11g. the IT department to find this Rouge
The original 802.11 standard was Access Point. He then leaves without ever
published in 1999 and provides for data being questioned by anyone because it
rates at up to 2 Mbps at 2.4 GHz, using looks like he just fits in. Now, all he
either FHSS or DSSS. Since that time many has to do is be within 300 feet from the
task groups have been formed to create access point, (more if he added an
supplements and enhancements to the antenna), and now has access to all kinds
original 802.11 standard. of secure documents and data. This can be
The 802.11b TG created a supplement to a devastating blow to any corporation and
the original 802.11 standard, called could eventually lead to bankruptcy if
802.11b, which has become the industry the secrets of the company were revealed
standard for WLANs. It uses DSSS and to competitors.
provides data rates up to 11 Mbps at 2.4 Bruce Schneier came to my classroom and
Ghz. 802.11b will eventually be replaced said the following about Social
by standards which have better QoS Engineering, "Someone is just trying to
features, and better security. do their job, and be nice. Someone takes
Network Topology advantage of that by targeting this human
There are two main topologies in wireless nature. Social Engineering is
networks which can be configured: unsolvable."
Peer-to-peer (ad hoc mode) - This Securing Wireless Networks
configuration is identical to its wired According to Bruce Schneier and others
counterpart, except without the wires. such as Kevin Mitnick, you can never have
Two or more devices can talk to each a totally secure computing environment.
other without an AP. What is often suggested is to try and
Client/Server (infrastructure networking) control the damage which can be done if
- This configuration is identical to its security is breached. One can try many
wired counterpart, except without the different tools on the market which can
wires. This is the most common wireless help prevent security breaches.
network used today, and what most of the WEP - WEP supports both 64 and 128-bit
concepts in this paper apply to. keys. Both are vulnerable, however,
Benefits of Wireless LANs because the initialization vector is only
WLANs can be used to replace wired LANs, 24-bits long in each case. Its RC4
or as an extension of a wired algorithm, which is used securely in
infrastructure. It costs far less to other implementations, such as SSL, is
deploy a wireless LAN than to deploy a quite vulnerable in WEP. Wireless
wired one. A major cost of installing and Insecurities By Dale Gardner. Different
modifying a wired network is the expense tools exist to break WEP keys, including
to run network and power cables, all in AirSnort, which can be found at Although
accordance with local building codes. this method is not a secure solution, it
Example of additional applications where can be used to help slowdown an attacker
the decision to deploy WLANs include: if other means are not possible
Additions or moves of computers. financially or otherwise.
Installation of temporary networks VPN and IPSec- IPSec VPNs let companies
Installation of hard-to-wire locations connect remote offices or wireless
Wireless LANs give you more mobility and connections using the public Internet
flexibility by allowing you to stay rather than expensive leased lines or a
connected to the Internet and to the managed data service. Encryption and
network as you roam. authentication systems protect the data
Cons of Wireless LANs as it crosses the public network, so
Wireless LANs are a relatively new companies don't have to sacrifice data
technology which has only been around privacy and integrity for lower costs. A
since 1999. With any new technology, lot of VPN's exist on the market today.
standards are always improving, but in An important note about VPNs is,
the beginning are unreliable and interoperability does not really exist,
insecure. Wired networks send traffic and whatever you use for your server has
over a dedicated line that is physically to be the same brand as your clients most
private; WLANs send their traffic over of the time. Some VPNs include:
shared space, airwaves. This introduces Borderware
interference from other traffic and the BroadConnex Networks
need for additional security. Besides CheckPoint
interference from other wireless LAN Cisco
devices, the 2.4 GHz is also used by Computer Associates
cordless phones and microwaves. DMZ - Adding this to your network enables
Security Issues of WLANs you to put your wireless network on an
War-driving untrusted segment of your network.
War-driving is a process in which an Firewalls - Firewalls are all over the
individual uses a wireless device such as place. Firewalls range from hardware to
a laptop or PDA to drive around looking software versions. By adding a firewall
for wireless networks. Some people do between the wireless network and wired
this as a hobby and map out different network helps prevent hackers from
wireless networks which they find. Other accessing your wired network. This paper
people, who can be considered hackers, doesn't go into specifics about different
will look for wireless networks and then firewalls and how to set them up, but
break into the networks. If a wireless is there are many. Some of the firewalls
not secure, it can be fairly easy to include:
break into the network and obtain - ZoneAlarm (an inexpensive based
confidential information. Even with software firewall) - Symantec has many
security, hackers can break the security different firewalls depending what you
and hack. One of the most prevalent tools require.
used on PDAs and Microsoft windows PKI - Public-key infrastructure (PKI) is
devices is, Network Stumbler, which can the combination of software, encryption
be downloaded at Equipped with the technologies, and services that enables
software and device, a person can map out enterprises to protect the security of
wireless access points if a GPS unit is their communications and business
attached. Adding an antenna to the transactions on the Internet. What is
wireless card increases the capabilities PKI?
of Wi-Fi. More information can be found Site Surveys - Site Surveys involve using
at: and to name a few. a software package and a wireless device
War-chalking to probe your network for Access Points
War-chalking is a method of marking and security risks.
wireless networks by using chalk most Proactive Approaches
commonly. War-driving is usually the Since wireless technology is insecure,
method used to search for networks, and companies or anyone can take a proactive
then the person will mark the network approach to try and identify hackers
with chalk that gives information about trying to gain access via wireless
the network. Some of the information networks.
would include, what the network name is, Honeypots - are fake networks setup to
whether the network has security, and try and lure in hackers. This enables
possibly the contact information of who administrators to find out more about
owns the network. If your wireless what type of techniques hackers are using
network is War-chalked and you don't to gain access. One product is Mantrap
realize it, your network can be used and created by Symantec.
or broken into faster, because of "ManTrap has the unique ability to detect
information shown about your network. both host- and network-based attacks,
Eavesdropping & Espionage providing hybrid detection in a single
Because wireless communication is solution. No matter how an internal or
broadcast over radio waves, eavesdroppers external attacker tries to compromise the
who just listen over the airwaves can system, Symantec ManTrap's decoy sensors
easily pick up unencrypted messages. will deliver holistic detection and
These intruders put businesses at risk of response and provide detailed information
exposing sensitive information to through its system of data collection
corporate espionage. Wireless LAN modules."
Security - What Hackers Know That You Intrusion Detection - Intrusion Detection
Don't Copyright 2002 is software that monitors traffic on the
Internal Vulnerabilities network. It sounds out a warning if a
Within an organization network security hacker it trying to access the network.
can be compromised by ways such as, Rouge One such free product is Snort.
WLANs (or Rouge Aps), Insecure Network "Before we proceed, there are a few basic
Configuration, and Accidental concepts you should understand about
Associations to name a few. Snort. There are three main modes in
Rouge Access Points - An employee of an which Snort can be configured: sniffer,
organization might hook up an access packet logger, and network intrusion
point without the permission or even detection system. Sniffer mode simply
knowledge of IT. This is simple to do, reads the packets off of the network and
all a person has to do is plug an Access displays them for you in a continuous
point or wireless router into an existing stream on the console. Packet logger mode
live LAN jack and they are on the logs the packets to the disk.
network. One statistic in 2001 by Gartner






1 - A - B - C - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 - 21 - 22 - 23 - 24 - 25 - 26 - 27 - 28 - 29 - 30 - 31 - 32 - 33 - 34 - 35 - 36 - 37 - 38 - 39 - 40 - 41 - 42 - 43 - 44 - 45 - 46 -