Introduction to wireless networks and wireless security threats


In this article, we introduce ourselves to the popular world of wireless networks by looking at some wireless network basics, setting up a wireless network and some security concerns around wireless.

Today's networks are a mix of both wired and wireless methodologies. A wireless system uses radio frequencies to transmit data over the air and gives the freedom to connect to the network, through a mobile device like laptop or phone. The radio frequencies are transmitted by a wireless access point, that may have a connection to the wired network or to another wireless access point. Devices usually connect to the access point, directly or using a password and thus, it gets access to the network and its resources. In a typical small home or office network setup, a wireless connection is provided by a router, where a mix of routers and wireless access points may be used for corporations, that are having large campuses.

Wireless concepts


A typical wireless network environment uses a wireless access point (WAP), that uses antennas, which transmit the required radio frequencies. The different types of wireless antennas are:-
1. Omni-directional: This type of antenna sends the radio signal in all directions to cover a broad range or area.

2. Semi-directional: This antenna sends signals in a single direction, but the signal will have long coverage and great strength in, that specified direction.

3. Highly directional: This antenna sends a signal in a single direction covering a small area.

Wireless network types


There are two types of wireless networks, that are Ad Hoc mode or Infrastructure mode. In ad hoc mode, a wireless device such as a laptop is connected to other wireless devices (laptops or phones) in a peer-to-peer fashion, without a central wireless access point. In Infrastructure mode, all wireless devices in an area are connected to a central wireless access point. The wireless device client sends data to the access point, which in turn sends the data to the destination device. Both modes have their pros and cons. With ad hoc mode, a separate access point need not be purchased, because with infrastructure mode, network traffic can be controlled and it can be determined as to who can connect to the access point.

Wireless standards


All wireless networking devices such as routers, laptops, phones etc. Confirm to a set of wireless standards. It is important to know what kinds of wireless standards a device supports and so we take a look at some standards below:-

1. 802.11a : This is a old standard that runs at around 5GHz radio frequency. A device using this standard will transmit data at around 54Mbps and is incompatible with newer standards like 802.11b and 802.11g.

2. 802.11b : This standard has a transfer rate of 11Mbps and uses a frequency of 2.4GHz. Devices using this standard are compatible with 802.11g/n standards.

3. 802.11g : This is a newer standard that is compatible with the 802.11b standard and adds on an increase in transfer rate up to 54Mbps, while running at the same radio frequency of 2.4GHz.

4. 802.11n : This is a new standard that is slated to increase the transfer rate up to 600 Mbps and can work with two radio frequencies of 2.4GHz and 5GHz.

Authentication and encryption for wireless networks


There are a few authentication and encryption protocols that have been developed for wireless networks. Knowledge of these is important even for setting up a secure home wireless network.
1. Wired Equivalent Privacy (WEP): This protocol was designed to give a level of security to wireless networks that could be compared to what the wired networking world has. To configure a wireless network with WEP, a shared key or a passphrase needs to be specified on the wireless access point. Any client then needs to know this key and can connect to the network using the key. The traffic over the network then is encrypted using WEP, which is actually not very secure.

2. Wi-Fi Protected Access (WPA): This protocol was designed to improve upon wireless security and to fix some of the flaws with the WEP protocol. WPA uses a 128-bit key and a protocol called the Temporal Key Integrity Protocol (TKIP) that changes the encryption keys for every packet of data sent across the network. This makes it a little harder for attackers to get access to traffic data. WPA usually works in two modes : WPA-Personal and WPA-Enterprise. WPA-Personal is also known as WPA-PSK, which means WPA Preshared Key. This mode is used by most home users and small businesses. WPA-Enterprise also known as WPA-802.1x, uses a central authentication server such as RADIUS to authenticate users onto the network. This is generally used by large companies and corporations.

3. WPA2 : WPA2 improves upon the security of WPA and is highly recommended. WPA2 uses Counter Mode with Cipher Block Chaining Message Authentication Protocol (CCMP or CCM Mode Protocol)... Yes, all the technical jargon is to cut across the point that WPA2 is technically more advanced and provides a higher level of security for wireless networks. WPA2 uses the Advanced Encryption Standard (AES) and so it supports 128-Bit, 192-Bit and 256-Bit encryption.

Security threats to wireless networks


There are certain security threats against wireless networks that everyone needs to be aware of, especially home users.

1. Data Emanation, Interference and Packet Sniffing

: Because wireless network traffic is travelling through the air, it is subject to a number of vulnerabilities like interference and packet sniffing, like so:-
Data Emanation: Electronic components always release emissions that can be collected and pieced together to form meaningful data.
Interference: Interference can be experienced on the wireless network from other electrical components. Interference can result in disruption of wireless networks.
Packet Sniffing: An attacker with a wireless card and sniffer software can easily capture wireless data. Hence, the network needs to be securely encrypted.

2. War Driving


War driving involves someone driving around with a laptop and tries to locate wireless networks that are vulnerable and to which they can connect to easily. The way to beat this is to ensure that the power levels of the wireless access point are kept to such levels that the signal does not go beyond certain boundaries.

3. War Chalking


War chalking refers to the practice of marking buildings where unsecure wireless networks are available for other War Drivers. The configurations of wireless networks are drawn out with chalk on the building walls where it would be easy to spot by someone who is war driving through that area.

4. WEP/WPA Cracking


Wireless networks that use a weak encryption protocol such as WEP or weak keys are vulnerable to attack. All three protocols, WEP, WPA and WPA2 have been cracked, but WEP is very easy to crack.

5. Rogue Access Point


Rogue access points are basically unauthorized access points that might be setup within an existing network by mistake or through malicious intent. These can be setup for malicious purposes by an attacker, who might then have employees of an organization connect to the rogue point and thus get access to all network traffic. The attacker can make the rogue point appear as a valid point, and thus this is also called as an 'Evil Twin'.

Implementing a home wireless network


A home wireless network can be implemented using a wireless router. Some steps that need to be taken for the same are:-

1. Power on the router and connect the internet network cable to the WAN port behind the router.
2. Access the router admin page in a browser by typing in 192.168.1.1 or 192.168.0.1 in the address bar, depending on the manufacturer.
3. Use the default username and password provided with the router to login to the admin interface.
4. Change the admin password to something you will remember and will be hard to guess for others.
5. Change the SSID of the router from the default to something personal to you or the organization.
6. Setup MAC address filtering to basically restrict access on who can connect to the network.
7. Implement a strong encryption method, preferably WPA2, for the network. Share the network key only with trusted clients or users.

Among the many useful things, a router can help you to monitor the web traffic and control which sites are accessible. These options can be found under the Web Filtering section of the router admin page and will differ from Manufacturer to Manufacturer.

Read Review of SpyShelter Stop-Logger: An efficient way to defend keyloggers


Related Articles

More articles: Wireless Network

Comments

No responses found. Be the first to comment...


  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name:
    Email: