Paid Advertisement

WiFi or Wireless Network Security, Detailed Coverage of This Issue.

Wireless Security and Monitoring

Here are some Questions and Concerns Raised About Wireless Security.

  1. Why is wireless security so Important?
  2. Some People Say “They Don’t Think Wireless Security Is Such A Big Issue.”

  Eye Opening Issues About Wireless Network Security.

  1. Most of Wireless Users are poor at knowledge.
  2. Attackers are always tricky and trying to find an open backdoor to attack.
  3. You don’t know who is using your Internet Connection. And what is his use.
  4. You can face serious problems if some one used your Wi-Fi or Wireless Connection for online illegal Activities.
  5. Your Bandwidth would be stolen. And you will face slow Internet Connection.
  6. Your Personal Information and confidential data can be stolen from your computers. Even a Hacker can access your computer.
  7. Hackers have a greater chance to run the attacking software.
  8. Speed of Hacking Attacks would be fast cause this would be attack with in Local Area Network.
  9. A professional Hacker can access your system with in short time, or with an attack policy of longer time period he keep attacking every day. and finally success. Or Even They can use  Offline Attack types. They collect your data once log it and then sit relax and do offline job to crack your encryption security.
  10. Your Internet Usage (Mails, Chat, Web Surfing, and other Online Tasks. ) can be monitored.
  11. Your All Network Packets could be captured to see what you are doing.
  12. Your identity, Passwords, and other Online Login information can be stolen. (This could lead to serious problems, and great losses)
  13. Your Credit Card Numbers with PINs can be stolen. By Hacking your System or by capturing your Network Traffic.
  14. You with an open wireless network could be really a dumb. As you don’t know what are major risks.
  15. Many other potentially strong threat possibilities.
Your Internet Connection is Your Property and Its Your Duty that Your Property Not To Be Used for illegal Activities.

Please stop reading! If you think nothing like this going to happen with your wireless network.

What is a possible location of an Attacker and what are most common attacks?

Attackers could be from your neighborhood or from other continent using VSAT to hack Your Wi-Fi. Means where ever your signal is enough powerful to establish a connectivity a hacker can from within those limits of area.  As I told you early this would be an attack with in Local Area Network so how terrible this could be just think a guy connected with your same router and how speedy he can access files from your system. Very common and simple attack types are Denial-of-Service, Automated Malicious Attacks, Packet Sniffing or Packet Capturing. Attackers could be totally undetectable and they can use many other ways(Their own developed Programs to attack our Wireless Networks.

Reasons for Wireless Security Threats : What are the Major Threats.

Most of wireless users are unintentional, they don’t have intentions about Wireless Security and Risks related to this. They can choose wrong network while they don’t realize it. They can type there emails, passwords and other information on that network witch is going to be captured by an Attacker.
There is a special word and specially used for wireless Hacking, Cracking, Sniffing and Attacks “ War Drive“. There are many software, programs and even Operating Systems and Hardware related to wardriving.
Low Quality Cheap Access Points with less or old security features. Wireless Spying software available online free and corporate versions. Computers infected with virus can open many connectivity ports for attackers. Malicious attack users.
Many incorrect and incomplete Installations of Access Points are open wholes for attackers. While some Access Points or Wireless Routers are cheap or old and don’t support latest security features. OR one is not to configure all required security parameters. Within network attacks are open when  you install an inexpensive Access Point, and entire network can be under threat of potential attacks from the inside.
Eavesdroppers ( Spying Persons ) who already want to harm your network or want to access your data they can install an Access Point within your network, Witch is going to be there easy backdoor for attack. They can use some latest and very advance Wireless Network Passive Monitoring Tools to Log your all Network Traffic Data without letting you know. An example of such Tools is “Kismet”.


How to Secure Your Wireless Network against all possible threats.

  1. Check the physical security of all network equipment is it well protected ?
  2. Check the Authentication, What is Authentication method you are using to Authenticate Connections..
  3. Keep an eye on your network usage, Check if any user using too many resources, And try to understand its an attack or just your network is under load.
  4. “Closed” network is a standard security feature available in all  wireless access points. And it help to stop unwanted users to connect accidently. Your network is not going to appear in Network Scan Utilities. You have to tell your users Network Name in advance. As site survey or other scan utilities do not show result for “Closed” Networks but Passive Monitoring Tools can do this job easily.
  5. Mac Filtering enable your protection to Media Access Controller level. Only those wireless devices connect to network witch are listed and allowed to connect in MAC Filtering.  You simple add the permitted devices MAC address in your Access Point Configuration. Its kind of work hard while maintaining MAC Tables. As MAC address is transmitted in a clear way in Wireless Packets (even when you are using WEP encryption),  MAC Address can be easily copied and reused with simple MAC changing Utilities.
  6. Captive Portal is a mechanism to Authenticate New Connections its is mostly used in Cafés, Hotspots, Hotels and other. Laptops with all major OS are supported for Connectivity. Captive Portals are used on Open Networks where no other Authentication Methods applied ( like WEP, MAC, WPA ). Encryption is weak so need to locked down to trusted users.  Some popular Captive Portals are Open source with support for “Basic Splash Pages” Authentication to RADIUS, Accounting, Pre-Paid Ticketing.
    1. Chillispot
    2. WiFi Dog
    3. m0n0wall
    4. NoCatSplash
  7. Encryption 101 efectively controls everthing. In some Access Points a feature about isolate client devices is helping too. Without a PKI (Public Key Infrastructure), only strong encryption is not going to protect you from such attacks. Attackers can watch unencrypted traffic they can inject packets, and completely control your connection. PKI is not completely secure.
  8. A properly implemented Unbreakable Encryption OTP is safer than others and no known cryptanalysis technique to attack on this. Simple math don’t use high CPU resources. The One-Time Pad (OTP) provides simple and completely unbreakable encryption. The Key is same length as the data to be encrypted.
  9. WEP Encryption is a part of 802.11 standard. WEP stands for Wire Equilent Privacy. WEP provides basic shared encryption at layer two. All modern devices supported. Shared Key make the connection setup easy, but lots of security bugs and shared key also easy to crack. Weak Encryption handling shared key and reuse the IV there are 16,00,000 possible IVs. Can be attacked offline in a simple way.
  10. WPA has a higher and strong protection than WEP, but WPA2(802.11i) is now a days default Security Feature for New Wi-Fi devices. It uses AES (Encryption Standards) for a Strong and Encrypted Authentication using 802.1x port Authentication. Encryption protection is only at layer two, interoperability problems from vendors, difficult to configure but still better for Office, School, Campus or Home Networks. Pass phrase having 8 to 64 char.
  11. We have a more stronger security feature WPA-PSK its stronger than WEP but with some problems. PSK stands for “Pre Shared Key”.  This is a very strong Security level with SSH(Secure Shell), SSL(Secure Socket Layer) and IPSec(Internet Protocol Security)
  12. OpenVPN PPTP (“Point To Point Tunneling Protocol”) provides a great end-to-end security with a good encryption and authentication level and key management. A very strong encryption software. As end-to-end encryption enable protection for all traffic from one end to remote end. Encrypted tunnel secure all the Wireless Traffic.  A TCP Connection on localhost with port 3128 send packets to SSH and SSH encrypt all web traffic. Web Browsing software use proxy http://localhost:3128 . A Powerfull cross platform solution for Virtual Private Network is OpenVPN. All Major OS are supported.

An other part of Wireless or WiFi security is  “Network Monitoring Tools” As I am going to explain every bit about using these tools in defensive way for your network’s security.

I’ll write this post *Network Monitoring Tools* ASAP. Keep Coming Back to Check for New High Tech Wireless Articles.

No comments:

Post a Comment