Wireless security

src: andersontech.com

Wireless security is the prevention of unauthorized access or damage to computers using wireless networks. The most common types of wireless security are Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). WEP is a very weak security standard. The passwords used can often be cracked in minutes with basic laptop computers and widely available software. WEP is the old standard IEEE 802.11 from 1999, which is outdated in 2003 by WPA, or Wi-Fi Protected Access. WPA is a quick alternative to improve security over WEP. The current standard is WPA2; some hardware can not support WPA2 without firmware upgrade or replacement. WPA2 uses encryption devices that encrypt networks with 256-bit keys; Longer lock length increases security over WEP. Companies often enforce security using a certificate-based system to authenticate connecting devices, following the 802.1X standard.

Many laptop computers have preinstalled wireless cards. The ability to enter the network when mobile has great benefits. However, wireless networks are vulnerable to some security issues. Hackers have found wireless networks that are relatively easy to destroy, and even use wireless technology to hack into wired networks. As a result, it is imperative that the company establishes an effective wireless security policy that guards against unauthorized access to vital resources. Wireless Intrusion Prevention Systems (WIPS) or Wireless Intrusion Detection Systems (WIDS) are commonly used to enforce wireless security policies.

The risks for wireless technology users have increased as services have become more popular. There is relatively little danger when wireless technology was first introduced. Hackers do not have time to install new technology, and wireless networks are not commonly found in the workplace. However, there are many security risks associated with current wireless protocols and encryption methods, and in the user's carelessness and ignorance and corporate IT levels. Hacking methods are becoming much more sophisticated and innovative with wireless access. Hacking also becomes easier and more accessible with convenient Windows or Linux-based tools available on the web for no cost.

Some organizations that do not have a wireless access point installed do not feel that they need to resolve wireless security issues. In-Stat MDR and META Group estimate that 95% of all laptop computers the company planned to be purchased in 2005 are equipped with a wireless card. Problems can arise in organizations that should not be wireless when wireless laptops are plugged into the corporate network. A hacker can sit in the parking lot and collect information from him through his laptop and/or other devices, or even break in through a laptop with a wireless card and gain access to the wired network.

Video Wireless security

​​â € <â €

Anyone within the geographic network coverage of an open and unencrypted wireless network can "sniff", or capture and record, traffic, gain unauthorized access to internal network resources or to the Internet, and then use the information and resources to interrupt or illegal acts. Such security breaches have become an important concern both for corporate and home networks.

If router security is not enabled or if the owner disables it for convenience, it creates a free hotspot. Since most 21st century laptop PCs have wireless networks embedded in them (see Intel's "Centrino" technology), they do not require a third-party adapter such as a PCMCIA Card or USB dongle. The internal wireless network may be enabled by default, unnoticed by the owner, thus broadcasting laptop accessibility to any nearby computer.

Modern operating systems such as Linux, macOS, or Microsoft Windows make it quite easy to set up a PC as a wireless LAN "base station" using Internet Connection Sharing, allowing all PCs at home to access the Internet via a PC's "base". However, the lack of knowledge among users about security issues inherent in such system settings often allows others access closest to the connection. Such "crowds" are usually achieved without the knowledge of wireless network operators; It may even be unbeknownst to the offending user if their computer automatically selects the nearest unsecured wireless network to use as an access point.

Maps Wireless security

The threat situation

Wireless security is just another aspect of computer security; However, organizations may be particularly vulnerable to security breaches caused by rogue access points.

If an employee (trusted entity) carries a wireless router and connects it to an unsafe switchport, the entire network can be exposed to anyone within range of the signal. Similarly, if an employee adds a wireless interface to a network computer using an open USB port, they can make a breach in network security that will allow access to confidential material. However, there are effective countermeasures (such as disabling open switchports during switch configuration and VLAN configurations to restrict network access) available to protect the network and the information it contains, but such mitigation should be applied uniformly to all network devices.

Threats and Vulnerability in industry context (M2M)

Due to their availability and low cost, the use of wireless communications technology is increasing in domains outside the intended use area, e.g. M2M communication in industrial applications. Such industrial applications often have special security requirements. Therefore, it is important to understand the characteristics of the application and to evaluate vulnerabilities that contain the highest risk in this context. Evaluate these vulnerabilities and catalog vulnerabilities generated within the industry context when considering WLAN, NFC, and ZigBee are available.

src: www.emerson.com

Gain mobility

Wireless networks are very common, both for organizations and individuals. Many laptop computers have preinstalled wireless cards. The ability to enter the network when mobile has great benefits. However, wireless networks are vulnerable to some security issues. Hackers have found wireless networks that are relatively easy to destroy, and even use wireless technology to hack into wired networks. As a result, it is imperative that the company establishes an effective wireless security policy that guards against unauthorized access to vital resources. Wireless Intrusion Prevention Systems (WIPS) or Wireless Intrusion Detection Systems (WIDS) are commonly used to enforce wireless security policies.

Air interface and connect the risk of corruption

There is relatively little danger when wireless technology was first introduced, as efforts to maintain high communication and attempts to interrupt are always higher. The risks for wireless technology users have increased as services have become more popular and technology is more commonly available. Currently there are a large number of security risks associated with current wireless protocols and encryption methods, such as carelessness and ignorance exist with the user and corporate IT level. Hacking methods are becoming much more sophisticated and innovative with wireless.

src: cybertrusion.com

Invalid access mode

Unauthorized access modes to links, to functions and to data are as varied as entities that use program code. There is no full scope model of the threat. To some extent prevention depends on the known mode and method of attack and the relevant method for suppressing the applied method. However, each new operating mode creates a new, threatening option. Therefore prevention requires a steady boost for improvement. The attack mode described is just a snapshot of the typical method and scenario where it should be applied.

Accidental association

Perimeter breaches of corporate network security may come from a number of different methods and intentions. One of these methods is referred to as "unintentional association". When a user turns on a computer and links to a wireless access point from a network that overlaps with a neighboring company, the user may not know that this has happened. However, it is a security breach in proprietary company information being exposed and there may now be links from one company to another. This is especially true if the laptop is also connected to a wired network.

Unintentional association is a case of wireless vulnerability that is referred to as "incorrect association". Mis-associations can be intentional, deliberate (eg, done to bypass firewalls firms) or may result from a deliberate attempt on a wireless client to lure them to connect to the attacker's AP.

Malicious Intercourse

"Malicious associations" are when wireless devices can be actively created by attackers to connect to corporate networks through their laptops rather than company access points (APs). This type of laptop is known as a "soft AP" and is created when a cyber criminal runs some software that makes its wireless network card look like a legitimate access point. Once a thief gets access, he can steal passwords, launch attacks on a wired network, or plant a trojan. Because wireless networks operate at Layer 2 level, Layer 3 protection such as network authentication and virtual private networks (VPNs) offer no barrier. Wireless 802.1X authentication does help with some protection but is still vulnerable to hacking. The idea behind this type of attack may not be to sign in to VPN or other security measures. Most likely criminals are just trying to take over clients at Layer 2 level.

Ad hoc network

An ad hoc network may pose a security threat. An ad hoc network is defined as a peer to peer network between wireless computers that do not have an access point between them. Although this type of network usually has little protection, the encryption method can be used to provide security.

The security hole provided by the Ad hoc network is not the Ad hoc network itself but the bridge provided to other networks, usually in the enterprise environment, and the default settings that are unprofitable in most versions of Microsoft Windows to enable this feature unless explicitly disabled.. As such, users may not know that they have an unsafe Ad Hoc network operating on their computers. If they also use a wired or wireless network infrastructure at the same time, they provide a bridge to a secure organizational network via an insecure Ad hoc connection. Bridging in two forms. A direct bridge, which requires the user to completely configure the bridge between the two connections and thus impossible to start unless it is explicitly desirable, and an indirect bridge which is a shared resource on the user's computer. An indirect bridge may expose private data shared from a user's computer to a LAN connection, such as a shared folder or a Personal Network Installed Storage, does not distinguish between authenticated or private connections and unauthenticated Ad-Hoc networks. This does not present an unknown threat to open/access public or unsafe wifi access points, but firewall rules can be circumvented in the case of improperly configured operating systems or local settings.

Non-traditional network

Non-traditional networks such as Bluetooth private network devices are not safe from hacking and should be considered a security risk. Even barcode readers, handheld PDAs, and wireless printers and copiers should be secured. These non-traditional networks can be easily ignored by IT personnel who have a narrow focus on laptops and access points.

Identity theft (MAC spoofing)

Identity theft (or MAC spoofing) occurs when hackers can listen to network traffic and identify computer MAC addresses with network permissions. Most wireless systems allow multiple types of MAC filtering to allow only authorized computers with certain MAC IDs to gain access and network exploits. However, there are programs that have network capabilities of "sniffing". Combine this program with other software that allows the computer to pretend to have the MAC address the hacker wants, and the hacker can easily overcome those obstacles.

MAC filtering is only effective for small residential networks (SOHO), as it only provides protection when wireless devices are "off the air". Every 802.11 "airborne" device freely transmits unencrypted MAC addresses in the 802.11 header, and does not require any special device or software to detect them. Anyone with an 802.11 receiver (laptop and wireless adapter) and freeware wireless packet analyzer can obtain MAC addresses of all 802.11 transmissions within range. In an organizational environment, where most wireless devices are "airborne" across all active work shifts, MAC filtering only gives the wrong security because it only prevents "normal" or accidental connections to the organizational infrastructure and does nothing to prevent direct attacks.

Man-in-the-middle attack

A male attacker in the middle attacked the computer to get into a computer that is set up as a soft AP (Access Point). Once this is done, the hacker connects to a real access point via another wireless card that offers a steady flow of traffic through the computer's transparent hacking into the real network. The hacker can then sniff the traffic. One type of man-in-the-middle attack relies on security errors in challenge protocols and handshakes to execute "de-authentication attacks". This attack forces computers connected to the AP to remove their connections and reconnect with the hacker's soft AP (disconnects users from the modem so they need to connect again using their passwords that can be retrieved from the event recordings). Man-in-the-middle attacks are enhanced by software such as LANjack and AirJack that automate multiple steps of the process, which means what used to be some skills now can be done by script kiddies. Hotspots are particularly vulnerable to any attacks because there is little or no security in this network.

Service decline

Denial-of-Service (DoS) attacks occur when an attacker constantly bombardes targeted AP (Access Point) or network with false requests, premature connection connections, failure messages, and/or other commands. This causes a legitimate user can not get into the network and may even cause the network to crash. This attack relies on the misuse of protocols such as the Extensible Authentication Protocol (EAP).

DoS attacks themselves do not expose much of organizational data to malicious attackers, because network interruptions prevent data flow and indirectly protect data by preventing it from being transmitted. The usual reason for performing a DoS attack is to observe wireless network recovery, where all the initial handshake codes are re-sent by all devices, providing an opportunity for malicious attackers to record these codes and use various cracking tools to analyze security flaws and exploit them to gain access not legitimate to the system. This works best on weakly encrypted systems such as WEP, where there are a number of available tools that can launch a "possible" key dictionary security style attack based on the "model" security locks captured during network recovery.

Network injection

In network injection attacks, hackers can exploit access points exposed to unfiltered network traffic, particularly broadcasting network traffic such as "Spanning Tree" (802.1D), OSPF, RIP, and HSRP. Hackers inject a fake network configuration configuration that affects intelligent routers, switches, and hubs. The entire network can be derived in this way and requires a reboot or even reprogramming all smart network devices.

Caffe Latte Attack

Caffe Latte attack is another way to defeat WEP. There is no need for an attacker to be in a network area using this exploit. By using a process that targets the Windows wireless stack, it is possible to obtain a WEP key from a remote client. By sending a flood of encrypted ARP requests, the attacker takes advantage of shared key authentication and message modification defects in 802.11 WEP. Attackers use ARP responses to get the WEP key in less than 6 minutes.

src: globaltechconsultants.org

Wireless intrusion prevention concepts

There are three main ways to secure a wireless network.

• For closed networks (such as users and home organizations), the most common way is to configure access restrictions on the access point. Such restrictions may include encryption and checking on MAC addresses. Wireless Intrusion Prevention Systems can be used to provide wireless LAN security in this network model.
• For large commercial, hotspot, and organization providers, the preferred solution is to often have an open and unencrypted wireless network, but it is completely isolated. Users will not initially have access to the Internet or local network resources. Commercial providers typically forward all web traffic to captive portals that provide payment and/or authorization. Another solution is to require users to connect securely to a privileged network using a VPN.
• Wireless networks are less secure than wired networks; in many office intruders can easily visit and connect their own computers to the cable network without problems, gain access to the network, and it is often possible for remote intruders to gain access to the network through a backdoor such as Back Orifice. One common solution may be end to end encryption, with independent authentication on all resources that should not be publicly available.

No system is designed to prevent the use of fraudulent wireless communications or to protect data and functions by communicating computers and other entities wirelessly. However, there is a system of action qualifications taken as a whole according to the general understanding of what should be seen as state of the art. The qualification system is an international consensus as defined in ISO/IEC 15408.

Wireless intrusion prevention system

Wireless Intrusion Prevention System (WIPS) is a concept for the most powerful way to overcome wireless security risks. However WIPS does not exist as a solution that is designed ready to be applied as a software package. WIPS is usually implemented as an overlay to existing wireless LAN infrastructure, although it may be used separately to enforce non-wireless policies within an organization. WIPS is considered very important for wireless security which in July 2009, the Payment Card Industry Security Council issued a wireless guide for PCI DSS that recommends the use of WIPS to automate wireless scanning and protection for large organizations.

src: gopioneer.com

Security measure

There are various wireless security measures, of varying effectiveness and practicality.

SSID hiding

A simple but ineffective method to try to secure a wireless network is to hide the SSID (Service Set Identifier). It provides little protection against anything but the most casual intrusion attempts.

MAC ID filtering

One of the simplest techniques is to only allow access from known and approved MAC addresses. Most wireless access points contain several types of MAC filtering IDs. However, the attacker can only sniff the MAC address of the authorized client and spoof this address.

Static IP addressing

A typical wireless access point assigns IP addresses to clients via DHCP. Requiring clients to set their own addresses makes it more difficult for ordinary or unusual intruders to enter the network, but provides little protection against sophisticated attackers.

802.11 security

IEEE 802.1X is the IEEE Standard authentication mechanism for devices that want to attach to Wireless LAN.

Regular WEP

The Wired Equivalent Privacy (WEP) encryption standard is the original wireless encryption standard, but since 2004 with WPA2 ratification, IEEE has declared it "no longer valid", and although often supported, it is rarely or never a default on modern equipment.

Concerns arose about his safety in early 2001, dramatically demonstrated in 2005 by the FBI, but in 2007 T.J. Maxx acknowledged a massive security breach in part because of its reliance on WEP and Payment Card Industry taking until 2008 to ban its use - and even then allowing its existing use to continue through June 2010.

WPAv1

The Wi-Fi Protected Access (WPA and WPA2) security protocols are then created to resolve issues with WEP. If a weak password, such as a dictionary word or short character string is used, WPA and WPA2 can be solved. Using a fairly long random password (eg 14 random letters) or passphrase (eg 5 randomly selected words) renders the previously shared WPA key virtually unbreakable. The second generation of WPA security protocol (WPA2) is based on the final amendment of IEEE 802.11i to the 802.11 standard and is eligible for FIPS 140-2 compliance. With all these encryption schemes, every client in the network who knows the keys can read all the traffic.

Wi-Fi Protected Access (WPA) is software upgrades/firmware over WEP. All ordinary WLAN equipment working with WEP can be upgraded and no need to buy new equipment. WPA is a trimmed version of 802.11i security standard developed by IEEE 802.11 to replace WEP. The TKIP encryption algorithm was developed for WPA to provide improvements to WEP that can be incorporated as firmware upgrades to existing 802.11 devices. The WPA profile also provides optional support for the AES-CCMP algorithm which is the preferred algorithm in 802.11i and WPA2.

WPA Enterprise provides RADIUS-based authentication using 802.1X. WPA Personal uses a previously shared Shared Key (PSK) to assign security using a passphrase of 8 to 63 characters. The PSK can also be entered as a 64-character hexadecimal string. Weak PSK passwords can be solved using off-line dictionary attacks by capturing messages in a four-way exchange when the client re-connects after being authenticated. A wireless suite such as aircrack-ng can break a weak passphrase in less than a minute. Other WEP/WPA crackers are AirSnort and Auditor Security Collection. However, WPA Personal is safe when used with a 'good' password or a full 64-character hexadecimal key.

There is information, however, that Erik Tews (the person who created the fragmentation attack against WEP) will reveal how to violate the WPA TKIP implementation at the PacSec Tokyo security conference in November 2008, cracking encryption on packages between 12 -15 minutes. However, this 'gap' announcement is somewhat redundant by the media, because in August 2009, the best attack on WPA (Beck-Tews attacks) only partially succeeded because it only works on short data packets, can not decipher WPA keys, and it requires a WPA very specific to work.

Addition to WPAv1

In addition to WPAv1, TKIP, WIDS and EAP can be added together. Also, VPN-network (unsecured secure network connection) can be set under the 802.11 standard. VPN implementations include PPTP, L2TP, IPsec and SSH. However, these extra security layers can also be solved with tools such as Anger, Deceit and Ettercap for PPTP; and ike-scan, IKEProbe, ipsectrace, and IKEcrack for IPsec connections.

TKIP

It stands for Temporal Key Integrity Protocol and its acronym is pronounced as a tee-kip. This is part of the IEEE 802.11i standard. TKIP implements mixing key per packet with re-keying system and also provides message integrity checking. This avoids WEP issues.

EAP

WPA upgrades over the IEEE 802.1X standard have improved authentication and authorization for wireless LAN and wired access. In addition, extra measures like the Extensible Authentication Protocol (EAP) have started greater security. This is because EAP uses a central authentication server. Unfortunately, during 2002 a Maryland professor found some flaws. Over the next few years, this deficiency is addressed with the use of TLS and other improvements. This new version of EAP is now called Extended EAP and is available in several versions; These include: EAP-MD5, PEAPv0, PEAPv1, EAP-MSCHAPv2, LEAP, EAP-FAST, EAP-TLS, EAP-TTLS, MSCHAPv2, and EAP-SIM.

Version-EAP

EAP versions include LEAP, PEAP, and other EAP.

LEAP

This stands for Lighted Extended Authentication Protocol. This protocol is based on 802.1X and helps minimize the original security flaws by using WEP and a sophisticated key management system. This EAP version is safer than EAP-MD5. It also uses MAC address authentication. LEAP is not secure; THC-LeapCracker can be used to break the LEAP version of Cisco and is used against a computer connected to an access point in the form of a dictionary attack. Anwrap and asleap is another cracker capable of breaking LEAP.

PEAP

It stands for the Protected Extensible Authentication Protocol. This protocol allows for secure data transport, passwords, and encryption keys without the need for a certificate server. It was developed by Cisco, Microsoft, and RSA Security.

Other EAPs There is another type of application of the Extensible Authentication Protocol that is based on the EAP framework. The established framework supports existing EAP types as well as future authentication methods. EAP-TLS offers excellent protection because of its mutual authentication. Both the client and the network are authenticated using certificates and per-session WEP key. EAP-FAST also offers good protection. EAP-TTLS is another alternative made by Certicom and Funk Software. This is more convenient because one does not need to distribute the certificate to the user, but offers slightly less protection than EAP-TLS.

Restricted access networks

The solution includes a newer system for authentication, IEEE 802.1X, which promises to improve security on wired and wireless networks. Wireless access points that incorporate such technology often also have built-in routers, making it a wireless gateway.

End-to-end encryption

One can argue that both the layer 2 and layer 3 encryption methods are not good enough to protect valuable data like passwords and personal emails. The technology just adds encryption to the communications line section, it still allows people to spy on traffic if they get access to the cable network somehow. The solution may be encryption and authorization in the application layer, using technologies such as SSL, SSH, GnuPG, PGP and the like.

The disadvantage with the end-to-end method is, it may fail to close all traffic. With encryption at the router or VPN level, a single switch encrypts all traffic, even UDP and DNS lookups. With end-to-end encryption on the other hand, every service that needs to be secured must have "enabled" encryption, and often each connection must also be "turned on" separately. To send an email, each recipient must support the encryption method, and must exchange keys correctly. For the Web, not all websites offer https, and even if they do, the browser sends IP addresses in clear text.

The most valuable resource often is access to the Internet. An office LAN owner attempting to restrict such access will face a non-authorization enforcement task that makes each user self authenticate for the router.

802.11i security

The latest and most stringent security to be implemented into the current WLAN is the RSN-802.11i standard. This full 802.11i standard (which uses WPAv2) however requires the latest hardware (unlike WPAv1), potentially requiring the purchase of new equipment. This new hardware can be either AES-WRAP (early version 802.11i) or newer and better AES-CCMP tools. One should make sure one needs WRAP or CCMP equipment, since 2 hardware standards are not compatible.

WPAv2

WPA2 is a WiFi Alliance-branded version of the final 802.11i standard. The main improvement over WPA is the inclusion of the AES-CCMP algorithm as a mandatory feature. Both WPA and WPA2 support EAP authentication methods using RADIUS servers and preshared keys (PSK).

The number of WPA and WPA2 networks increased, while the number of WEP networks decreased, due to security vulnerabilities in WEP.

WPA2 has been found to have at least one security vulnerability, dubbed Hole196. The vulnerability uses the WPA2 Group Temporal Key (GTK), which is a shared key among all the same BSSID users, to launch attacks against other users of the same BSSID. This is named after page 196 IEEE 802.11i specification, where vulnerabilities are discussed. In order for this exploit to be done, GTK must be known by the attacker.

Addition to WPAv2

Unlike 802.1X, 802.11i already has many additional security services such as TKIP. Just like with WPAv1, WPAv2 can work with EAP and WIDS.

WAPI

It stands for WLAN Authentication and Privacy Infrastructure. This is a wireless security standard set by the Chinese government.

Smart cards, USB tokens, and software tokens

This is a very powerful form of security. When combined with some server software, the hardware or software card or token will use its internal identity code combined with a user-entered PIN to create robust algorithms that will very often generate new encryption codes. Server will be synced to card or token. This is a very safe way to do wireless transmission. Companies in this field create USB tokens, software tokens, and smart cards. They even created a hardware version that doubles as an employee's badge. Currently the safest security action is a USB smart card/token. However, this is expensive. The next safest method is WPA2 or WPA with a RADIUS server. One of the three will provide a good basic foundation for security. The third item on the list is to educate employees and contractors about security risks and personal precautions. It is also an IT task to keep the firm's knowledge base up-to-date on any new dangers they should be aware of. If employees are educated, there will be a much lower chance that anyone will inadvertently cause a security breach by not locking their laptop or bringing a wide open home access point to expand their mobile range. Employees need to be told that the security of the company's laptop also extends beyond the walls of their site. These include places like coffee shops where workers can be in the most vulnerable places. The last item on the list relates to active 24/7 defense measures to ensure that the company's network is secure and compliant. This can be to periodically view access point logs, servers, and firewalls to try to detect unusual activity. For example, if a large file passes through the access point in the early hours of the morning, a serious investigation into the incident will be requested. There are a number of software and hardware devices that can be used to complement common logs and other common security measures.

RF shielding

It's practical in some cases to apply special wall paint and window film to a room or building to significantly reduce the wireless signal, which keeps the signal from spreading outside the facility. This can significantly improve wireless security as it is difficult for hackers to receive signals outside of a company's controlled area, such as in a parking lot.

Defense service denial

Most DoS attacks are easily detected. However, many of them are difficult to stop even after detection. Here are the three most common ways to stop DoS attacks.

Black holing

Black holing is one way to stop DoS attacks. This is a situation where we discard all IP packets from attackers. This is not a very good long-term strategy because attackers can change their source address very quickly.

This may have a negative effect if it is done automatically. An attacker can intentionally spoof an attack packet with the IP address of a company partner. Automatic defenses can block legitimate traffic from these partners and cause additional issues.

Validating handshake

Validating a handshake involves making a fake opening, and not setting aside resources until the sender acknowledges it. Some firewall SYN addresses flooded with pre-validate TCP handshake. This is done by making a fake opening. Each time the SYN segment arrives, the firewall sends back the SYN/ACK segment, without passing the SYN segment to the target server.

Only when the firewall regains the ACK, which will occur only in a valid connection, will the firewall send the original SYN segment to the server originally intended. Firewall does not set aside resources for connections when the SYN segment arrives, so handling a large number of fake SYN segments is just a small load.

Rate limits

Rate limits can be used to reduce certain types of traffic down to the number that can be handled fairly. Broadcasting to the internal network can still be used, but only at a limited level for example. This is for a smoother DoS attack. This is great if the attack is aimed at one server because it makes the transmission path at least partially open for other communications.

The level of restriction frustrates the attacker, and the legitimate user. It helps but does not completely solve the problem. After DoS traffic clogs access points to the internet, nothing a border firewall can do to help the situation. Most DoS attacks are community issues that can only be stopped with the help of ISPs and organizations whose computers are taken over as bots and used to attack other companies.

src: images.techhive.com

Mobile devices

With the growing number of mobile devices with the 802.1X interface, the security of such mobile devices is a concern. While open standards such as Kismet are targeted to secure laptops, access point solutions should be expanded to include mobile devices as well. Host-based solution for mobile phones and PDAs with 802.1X interface.

Security in mobile devices fall into three categories:

1. Protects against ad hoc networks
2. Connect to a rogue access point
3. A shared authentication scheme like WPA2 as described above

The wireless IPS solution now offers wireless security for mobile devices.

Mobile patient monitoring devices become an integral part of the health care industry and these devices will ultimately be the method of choice for accessing and applying health checks for patients in remote areas. For this type of patient monitoring system, safety and reliability is essential, as they can affect the patient's condition, and may leave medical professionals in darkness about the patient's condition if compromised.

src: cdn3.volusion.com

Implementing network encryption

To implement 802.11i, it must first ensure that the router/access point (s), as well as all client devices are equipped to support network encryption. If this is done, servers such as RADIUS, ADS, NDS, or LDAP should be integrated. This server can be a computer on a local network, an access point/router with an integrated authentication server, or a remote server. AP/routers with integrated authentication servers are often very expensive and specifically preferred for commercial use such as hot spots. Hosted 802.1X servers over the Internet require a monthly fee; running a private server is free but has a disadvantage that someone should set it up and that the server should be continuous.

To manage server, server and client software must be installed. The server software required is a corporate authentication server such as RADIUS, ADS, NDS, or LDAP. The required software can be selected from various suppliers such as Microsoft, Cisco, Funk Software, Data Meetinghouse, and from several open-source projects. Software includes:

• Aradial RADIUS Server
• Cisco Secure Access Control Software
• freeRADIUS (open-source)
• The Funk Steel Belted RADIUS (Odyssey) Software
• Microsoft Internet Authentication Service
• EAGIS Meeting Data
• SkyFriendz (free cloud solution based on freeRADIUS)

The client software comes with Windows XP and can be integrated into another OS using the following software:

• AEGIS-client
• Cisco ACU-client
• Intel PROSet/Wireless Software
• Odyssey Client
• Xsupplicant (open1X) -project

RADIUS

Remote Authentication Dial In User Service (RADIUS) is an AAA protocol (authentication, authorization, and accounting) used for remote network access. RADIUS was originally proprietary but was later published under ISOC RFC 2138 and RFC 2139. The idea was to have the server inside act as a goalkeeper by verifying the identity through a user-specified username and password. The RADIUS server can also be configured to enforce user policies and restrictions as well as record accounting information such as connection time for destinations such as billing.

src: i.ytimg.com

Open access point

Currently, there is almost full coverage of wireless networks in many urban areas - the infrastructure for wireless community networks (which some consider to be the future of the internet) already exists. A person can hang around and always connect to the Internet if nodes are open to the public, but due to security issues, most nodes are encrypted and users do not know how to disable encryption. Many people think of it as a proper etiquette to let access points open to the public, allowing free access to the Internet. Others think the default encryption provides great protection on minor inconveniences, against the open access hazards they fear may be substantial even on home DSL routers.

Density of access points can even be a problem - there are a number of channels available, and they partially overlap. Each channel can handle multiple networks, but places with many private wireless networks (eg, apartment complexes), a limited number of Wi-Fi radio channels can cause slowness and other problems.

According to proponents of Open Access Points, it should not involve significant risks to open wireless networks to the public:

• The wireless network after all is confined to a small geographic area. Computers that are connected to the Internet and have incorrect configurations or other security issues can be exploited by anyone from anywhere in the world, while only clients in a small geographical range can utilize open wireless access points. Thus the low exposure with the wireless access point is open, and the risk with having a small open wireless network. However, one should be aware that an open wireless router will grant access to the local network, often including access to share files and printers.
• The only way to keep communication secure is to use end-to-end encryption. For example, when accessing an Internet bank, one almost always uses strong encryption from a web browser and all the way to a bank - so there's no need to risk banking through an unencrypted wireless network. The argument is that anyone can sniff traffic applies to wired networks as well, where system administrators and hackers may have access to links and can read traffic. Additionally, anyone who knows the keys to an encrypted wireless network can gain access to data transferred over the network.
• If services like file sharing, access to printer, etc. available on the local network, it is recommended to have authentication (ie by password) to access it (one should not assume that private network can not be accessed from outside). Set properly, it should be safe to allow access to the local network to outsiders.
• With today's most popular encryption algorithms, sniffer will usually be able to calculate network keys within minutes.
• It's common to pay a fixed monthly fee for an Internet connection, and not for traffic - so additional traffic will not hurt.
• Where Internet connections are so many and cheap, freeloaders rarely become a major distraction.

On the other hand, in some countries including Germany, people who provide an open access point can be made (partially) responsible for illegal activities conducted through this access point. Also, many contracts with ISPs specify that connections can not be shared with others.

src: readandcook.com

See also

• Aircrack-ng
• Electromagnetic Shield
• Kismet
• KRACK
• List of router software projects
• Mobile safety
• Payment Card Industry Data Standards
• Stealth Wallpapers
• Tempest (codename)
• Wireless intrusion prevention system
• Public Wireless Lock Infrastructure (WPKI)

src: images.homedepot-static.com

References

• Wi-Foo: Secrets of Hacking Wireless (2004) - ISBN 978-0-321-20217-8
• 802.11 Real Security: Wi-Fi Protected Access and 802.11i (2003) - ISBN 978-0-321-13620-6
• WLAN Authentication and Security Design and Implementation (2010) - ISBN 978-3-8383-7226-6
• "Wireless Security Evolution 802.11" (PDF) . ITFFROC. 2010-04-18.
• Boyle, Randall, Panko, Raymond. Company Computer Security. Upper Saddle River, New Jersey. 2015

src: www.annke.com

External links

• Wireless security in Curlie (based on DMOZ)
• How to Secure Your Wireless Home Network in wikiHow

Source of the article : Wikipedia