Altechbloggers

Wireless Security

Wireless LAN or WLAN is becoming a popular way of connecting devices like computers these days. In offices and homes, WLAN has become an alternative way of communication compared to wired LAN. The facility of connecting different devices is both cost effective and easily maintainable. Wikipedia says: “Wireless LANs have become popular due to their ease of installation in the home, and there has been an increase in providing wireless access to their customers; often for free.”

Other factors for WLAN being more acceptable are:

1. There is no need to be physically connected to each other through any medium like cables. You can move freely around the office premises, home or surroundings.

2. WLANs are cost effective. There is no need to lay cables in offices, hotels, etc. So it is cheaper and provides the same quality of service.

3. WLAN signals can reach out of reach places where cables are difficult to reach, such as large establishments like airports. Apart from this, surfing outdoors is also convenient. Just install devices called access points (APs) and you are done.

4. Less interruptions and easier troubleshooting in case of failures compared to cable networks.

5. More secure as most APs support the best encryption methods that protect them from sniffing and other attacks.

Major Issues with WLAN

Having said that, WLANs are also as vulnerable to various attacks as their counterpart wired LNA. In fact WLANs are easier to hack than wired LANs if not configured properly, as it is easier to access during installation. There is no need to be in contact with physical wires to hack, it can be done from anywhere. Its convenience can turn into a serious risk for the organization if not configured properly. The major attacks include sniffing, key cracking, DoS (denial of service), deauthentication attacks, war driving, etc. This chapter is not focused on attacks, we will mainly focus on best practices – how to install and use WLAN securely which can thwart many of the above-mentioned attacks.

Secure WLAN

Wireless security depends mainly on these 3 factors:

  • How secure is your wireless network in terms of the encryption being used.
  • Monitoring suspicious and unusual activities.
  • User awareness and education.

These are a combination of various approaches from corporate to home networks. These are also for users on how to stay safe while surfing.

Wi-Fi at Home

Using Wi-Fi at home is no longer a luxury, it has become a necessity. However, when the question of security comes up, the first thought that comes to my mind is how can you protect something that you cannot see, nor feel? Protecting a home wireless network is a completely different side of the coin compared to a wired network. Most wireless network device vendors‟sellers and Internet service providers do not provide any security settings by default and leave the customer to do his/her own thing. So make sure your network is protected from malicious use.

There is no silver bullet that will protect your wireless network infrastructure. However, listed below are some countermeasures that should be used in conjunction with each other to secure your wireless network at the highest level:

  1. Use the most secure encryption possible: The first and most essential step- use industry standard encryption. The old (though commonly used) WEP-Wired Equivalent Privacy is known to be broken. Even you use complex passwords, it can be broken and decrypted within minutes or hours. WEP uses 40 bit or 128 bit RC4 cipher to encrypt the channel. Instead use a secure protocol like WPA 2 – Wi-Fi Protected Access-2, which uses the stronger 128 bit AES cipher and is considered to be a more robust encryption strategy commonly available. Reduced attacks: WEP key breaking, sniffing, interception/eavesdropping
  2. Use a firewall: All wireless routers come with built-in firewalls. Enable them with all security features. You should block any anonymous ping requests and restrict website browsing if needed. Define additional security policies and implement them. Attack reduction: Fingerprinting, System compromise
  3. Install a monitoring system: There‟s a saying-Prevention is better than cure. If you are able to detect some suspicious activities before they enter your network, you can block them or take precautionary measures. Deploy WIPS/WIDS to monitor suspicious activities. Attack reduction: Scanning, DoS
  4. Do not use default credentials: Every wireless router comes with a set of default username/password. Sometimes people‟do not change them and keep using them for a long time. Username and password are used by computers or other devices to connect to the wireless router. If a hacker is able to guess them, he can easily connect to your network. Studies show that most users use the same combination of username/password set by the manufacturers. Some default username combinations are: admin/admin, admin/password or admin/“ “. Reduction of attacks: unauthorized access, war driving.
  5. Disable auto-connect feature: Some devices or computers/laptops have „Let this tool manage your wireless network‟ or „Automatically connect to available networks‟. Such users who enable this auto-connect feature are at risk of phishing attack or rogue AP attack. Attackers keep their APs alive and active for such unaware users. They also use catchy names like „Hotspot‟, „SecureConnect‟, ‟Government Networks‟, etc. The user will never suspect them and will happily keep surfing on the wireless network. Moreover, if you have not changed the default password of your router, the attacker will try to use this feature on his machine and connect automatically using the easily guessable default password. Attacks Reduced: Phishing, Sniffing, Rouge AP Association
  6. Do not use public Wi-Fi spots for surfing sensitive websites Do: The free and open wireless networks available at airports, cafes, railway stations are not very secure by nature. They do not use any encryption to secure the channel between your laptop and the router. So any information which is not going over HTTPS from your laptop/smart phone by default is susceptible to sniffing and more so your session can be hijacked as the unencrypted channel can leak the active session ID used by your website. Recently a researcher has developed Firesheep tool to demonstrate this type of attacks [http://codebutler.github.com/firesheep/]. The attacker just has to install this tool in Firefox and start sniffing the communication over public unencrypted Wi-Fi. Some applications like Facebook encrypt the login page [HTTPS] but the internal pages are served over unencrypted [HTTP] channel so your session ID can be leaked. Attacks to Avoid: Sniffing, Session Hijacking
  7. Change Default SSID: Although it is not possible to use HTTPS, it is not possible to use HTTPS. It won’t stop hackers from breaking into the network, but using the default SSID is a sign that the user is careless. So it might be a clear target to investigate further to see if he still uses the default password? Attack Reduction: War Campaign
  8. Restrict access by assigning static IP addresses and MAC filtering: Disable the feature of assigning automatic IPs and use private static IPs for legitimate devices you want to connect. This will help you prevent unwanted devices from connecting to your network. Also, enable MAC filtering-the router remembers the MAC of every device connected to it and saves it as a list. You can use this feature to restrict access. Only a set of trusted devices can be allowed to connect. Although MAC spoofing is still possible but it sets an additional standard for your wireless network.
  9. Turn off your router when not in use: Last but not least, this is a bit obvious but it will protect your network from all attacks during that period of time. 1.7.2.3 Due to the nature of Wi-Fi activity in corporate/enterprise networks and the seriousness of the information, it is very important that corporate/enterprise networks have a high level of security.

The following things are good

  • Defining adequate organization-wide information security policy and procedures for the wireless network
  • SSID‟s should not be associated with the organization, AP vendor or any other related information that is easy to guess or associate with the current organization
  • Enable WPA2 Enterprise encryption with the use of RADIUS authentication and EAP protocols such as EAP-TTLS, TLS etc.
  • Implementation of PKI infrastructure. CA signed certificates to authenticate server to client and vice versa
  • Filtering clients based on unique identifier like MAC address
  • Isolated „guest‟ wireless network which has no interface/connection to corporate network
  • Limiting the radius of Wi-Fi network by reducing power output of AP
  • Allocating IP address to employee and guest machines only after successful authentication
  • Changing keys and passwords from time to time
  • Use of VPN while accessing corporate information from public Wi-Fi network
  • Client side utilities like DecaffeintID can help detect changes in ARP table and work as ‟Common Man‟s IDS to protect against attacks like ‟hole196„and DoS.
  • Implementation of wireless IDS. Wireless IDS is a new concept.

The key features of wireless IDS are

• Prevention against ‟rogue AP‟ • Detection and prevention of DoS attacks • Helps in detecting the approximate physical location of the attacker • Helps in enforcing the organization‟s information security policy on the wireless network • Detects the use of scanning tools such as Kismet and NetStumbler.

Activities

1. What precautions should be taken while using Wi-Fi network in a public place? 2. How to secure home network? 3. How to secure enterprise network? 4. Know more about the terms on Internet: • IDS • DOS • Kismet • Netstumbler

Read Also:

  1. Guidelines For Safe Internet Browsing
  2. National Cyber Crime Reporting Portal Of India
  3. All About Cyber Hacking
  4. Smartphone Security
  5. Email And Social Media Security
  6. Cybersecurity Initiatives In India
  7. Some Recent Cyber Security Attacks
  8. Investigation Of Cyber Crimes: Introduction To Cyber Forensic
  9. Introduction To Cyber Space
  10. Major International Agencies And Organizations Against Cyber Crime
  11. Types Of Cyber Crime
  12. Malware And Its Types
  13. Introduction To Cyber Crime
  14. Cyber Security/Crime
  15. Cyber Crime / Part -Time Job / Pongi Scheme Scam Through Fraud / Investment
  16. What Does Intruder Means
  17. Cyber Crime Against Women And Children
  18. Fraud In Mobile Financial Services: Safety Of Consumers, Providers And Systems
  19. Disability And Pension Benefits
  20. Health Care Fraud
  21. Online Romance Scam
  22. Causes And Types Of Cyber Crimes
  23. Something About Cyber Crime
  24. Big Awareness Alert: Fraudulent Contact Numbers And Playboy Job Scams In India
  25. Cyber Crime In India
  26. Cyber Fraud And Fraud Types You Should Be Aware
  27. Fraud And Scams
  28. Prevention Of Cyber Financial Fraud Scams: Role And Responsibility Of International Organizations
  29. Fraud Scams
  30. Common Types Of Health Fraud Scams
  31. Skokka, Oklute And Locanto Platforms Sex Romance Frauds Scams Are Increasing Day By Day
  32. Real History Frauds And Scams Of BJP Government
  33. Preventive Measures From Matrimonial Fraud And Scams
  34. What Are Matrimonial Frauds and Scams
  35. Types Of Scams And Frauds
  36. Types Of Frauds And Scams
  37. What Are Fraud And Scams
  38. Immediate Requirement Of Judicial Reforms To Deal With Financial Fraud And To Ensure Compensation For Victims
  39. Bribery And Threats After Online Dating Or Romance Scams
  40. Public Warning: Beware Of Online Dating And Romance Scams Connected To These Bank Accounts
  41. Investigation Of India Digital Financial Scenario: A Comprehensive Study Of Cyber Fraud Trends And Digital Literacy In India

 

154410cookie-checkWireless Security

Hey!

I’m Bedrock. Discover the ultimate Minetest resource – your go-to guide for expert tutorials, stunning mods, and exclusive stories. Elevate your game with insider knowledge and tips from seasoned Minetest enthusiasts.

Join the club

Stay updated with our latest tips and other news by joining our newsletter.

Categories

Tags

000 499 999 Advantages And Disadvantages Of Mobile Phones Air Pollution And Your Health and How to start Blogging and Uses Artificial Intelligence In Agriculture Artificial Intelligence In Banking Bank Of Baroda Causes Of Environmental Pollution Difference between Blogging and Vlogging Difference Between hPanel and cPanel Effects Of Environmental Pollution Environmental Pollution features Foundation Of India: What Nehru Made For A Modern Nation Google Maps Google Translate History How To Avoid It How To Start Blogging Jhunjhunu MCA Course Negative Effects And Prevention Methods Oppo K13 5G Smartphone Partition And Change Rahul Gandhi's "Atom Bomb" Allegations: Is India's Election System In Danger The Long Journey Of India's Congress Party: The Story Of Power Types Types of Technology Udaipurwati Branch (333307) What is Artificial Intelligence(AI) What is Blogging What Is Cyber Crime What is Google What is Hostinger What is hPanel What is Microsoft What is Microsoft OneDrive What Is Money What is Technology What is Web Hosting With Definition and their Examples With Definition Meaning and Types

Recent Posts

Blogroll

Minetest Blog

Minetest

Translate »
error: Content is protected !!

Discover more from Altechbloggers

Subscribe now to keep reading and get access to the full archive.

Continue reading