HOME

TheInfoList



OR:

Wireless security is the prevention of unauthorized access or damage to computers or data using
wireless Wireless communication (or just wireless, when the context allows) is the transfer of information between two or more points without the use of an electrical conductor, optical fiber or other continuous guided medium for the transfer. The most ...
networks, which include
Wi-Fi network Wi-Fi () is a family of wireless network Communication protocol, protocols, based on the IEEE 802.11 family of standards, which are commonly used for Wireless LAN, local area networking of devices and Internet access, allowing nearby digital d ...
s. The term may also refer to the protection of the wireless network itself from adversaries seeking to damage the confidentiality, integrity, or availability of the network. The most common type is Wi-Fi security, which includes
Wired Equivalent Privacy Wired Equivalent Privacy (WEP) was a security algorithm for 802.11 wireless networks. Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wi ...
(WEP) and
Wi-Fi Protected Access Wi-Fi Protected Access (WPA), Wi-Fi Protected Access II (WPA2), and Wi-Fi Protected Access 3 (WPA3) are the three security and security certification programs developed after 2000 by the Wi-Fi Alliance to secure wireless computer networks. The All ...
(WPA). WEP is an old IEEE 802.11 standard from 1997. It is a notoriously weak security standard: the password it uses can often be cracked in a few minutes with a basic laptop computer and widely available software tools. WEP was superseded in 2003 by WPA, a quick alternative at the time to improve security over WEP. The current standard is WPA2; some hardware cannot support WPA2 without firmware upgrade or replacement. WPA2 uses an encryption device that encrypts the network with a 256-bit key; the longer key length improves security over WEP. Enterprises often enforce security using a certificate-based system to authenticate the connecting device, following the standard 802.11X. Many laptop computers have
wireless card A wireless network interface controller (WNIC) is a network interface controller which connects to a wireless network, such as Wi-Fi or Bluetooth, rather than a wired network, such as a Token Ring or Ethernet. A WNIC, just like other NICs, wor ...
s pre-installed. The ability to enter a network while mobile has great benefits. However, wireless networking is prone to some security issues.
Hackers A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
have found wireless networks relatively easy to break into, and even use wireless technology to hack into wired networks. As a result, it is very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources. Wireless Intrusion Prevention Systems (WIPS) or
Wireless Intrusion Detection System In computing, a wireless intrusion prevention system (WIPS) is a network device that monitors the radio spectrum for the presence of unauthorized access points ''(intrusion detection)'', and can automatically take countermeasures ''(intrusion preve ...
s (WIDS) are commonly used to enforce wireless security policies. The risks to users of wireless technology have increased as the service has become more popular. There were relatively few dangers when wireless technology was first introduced. Hackers had not yet had time to latch on to the new technology, and wireless networks were not commonly found in the work place. However, there are many security risks associated with the current wireless protocols and
encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...
methods, and in the carelessness and ignorance that exists at the user and corporate IT level. Hacking methods have become much more sophisticated and innovative with wireless access. Hacking has also become much easier and more accessible with easy-to-use
Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
- or
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...
-based tools being made available on the web at no charge. Some organizations that have no
wireless access point In computer networking, a wireless access point (WAP), or more generally just access point (AP), is a networking hardware device that allows other Wi-Fi devices to connect to a wired network. As a standalone device, the AP may have a wired co ...
s installed do not feel that they need to address wireless security concerns. In-Stat MDR and META Group have estimated that 95% of all corporate laptop computers that were planned to be purchased in 2005 were equipped with wireless cards. Issues can arise in a supposedly non-wireless organization when a wireless laptop is plugged into the corporate network. A hacker could sit out in the parking lot and gather information from it through laptops and/or other devices, or even break in through this wireless card–equipped laptop and gain access to the wired network.


Background

Anyone within the geographical network range of an open, unencrypted wireless network can "
sniff Sniff may refer to: * Sniff (Moomin character), a character in the Moomin stories * ''Sniff'' (film), a 2017 Indian Bollywood film * Sniff, the action of inhaling * Sniff, odor sampling, see olfaction * Sniff (domino game) Muggins, sometimes ...
", or capture and record, the
traffic Traffic comprises pedestrians, vehicles, ridden or herded animals, trains, and other conveyances that use public ways (roads) for travel and transportation. Traffic laws govern and regulate traffic, while rules of the road include traffic ...
, gain unauthorized access to internal network resources as well as to the internet, and then use the information and resources to perform disruptive or illegal acts. Such security breaches have become important concerns for both enterprise and home networks. If router security is not activated or if the owner deactivates it for convenience, it creates a free hotspot. Since most 21st-century laptop PCs have wireless networking built in (see Intel "
Centrino Centrino is a brand name of Intel Corporation which represents its Wi-Fi and WiMAX wireless computer networking adapters. Previously the same brand name was used by the company as a platform-marketing initiative. The change of the meaning of the ...
" technology), they don't need a third-party adapter such as a
PCMCIA Card In computing, PC Card is a configuration for computer parallel communication peripheral interface, designed for laptop computers. Originally introduced as PCMCIA, the PC Card standard as well as its successors like CardBus were defined and develop ...
or
USB Universal Serial Bus (USB) is an industry standard that establishes specifications for cables, connectors and protocols for connection, communication and power supply (interfacing) between computers, peripherals and other computers. A broad ...
dongle A dongle is a small piece of computer hardware that connects to a port on another device to provide it with additional functionality, or enable a pass-through to such a device that adds functionality. In computing, the term was initially synonym ...
. Built-in wireless networking might be enabled by default, without the owner realizing it, thus broadcasting the laptop's accessibility to any computer nearby. Modern operating systems such as
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...
,
macOS macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac computers. Within the market of desktop and lapt ...
, or
Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
make it fairly easy to set up a PC as a wireless LAN "base station" using
Internet Connection Sharing Internet Connection Sharing (ICS) is a Windows service that enables one Internet-connected computer to share its Internet connection with other computers on a local area network (LAN). The computer that shares its Internet connection serves as a ...
, thus allowing all the PCs in the home to access the Internet through the "base" PC. However, lack of knowledge among users about the security issues inherent in setting up such systems often may allow others nearby access to the connection. Such "piggybacking" is usually achieved without the wireless network operator's knowledge; it may even be without the knowledge of the intruding user if their computer automatically selects a nearby unsecured wireless network to use as an access point.


The threat situation

Wireless security is just an aspect of computer security; however, organizations may be particularly vulnerable to security breaches caused by
rogue access point A rogue access point is a wireless access point that has been installed on a secure network without explicit authorization from a local network administrator, whether added by a well-meaning employee or by a malicious attacker. Dangers Although i ...
s. If an employee (trusted entity) brings in a
wireless router A wireless router is a device that performs the functions of a router and also includes the functions of a wireless access point. It is used to provide access to the Internet or a private computer network. Depending on the manufacturer and mode ...
and plugs it into an unsecured switchport, the entire network can be exposed to anyone within range of the signals. Similarly, if an employee adds a wireless interface to a networked computer using an open USB port, they may create a breach in
network security Network security consists of the policies, policies, processes and practices adopted to prevent, detect and monitor unauthorized access, Abuse, misuse, modification, or denial of a computer network and network-accessible resources. Network securi ...
that would allow access to confidential materials. However, there are effective
countermeasures A countermeasure is a measure or action taken to counter or offset another one. As a general concept, it implies precision and is any technological or tactical solution or system designed to prevent an undesirable outcome in the process. The fi ...
(like disabling open switchports during switch configuration and VLAN configuration to limit network access) that are available to protect both the network and the information it contains, but such countermeasures must be applied uniformly to all network devices.


Threats and Vulnerabilites in an industrial (M2M) context

Due to its availability and low cost, the use of wireless communication technologies increases in domains beyond the originally intended usage areas, e.g. M2M communication in industrial applications. Such industrial applications often have specific security requirements. Hence, it is important to understand the characteristics of such applications and evaluate the vulnerabilities bearing the highest risk in this context. Evaluation of these vulnerabilities and the resulting vulnerability catalogs in an industrial context when considering WLAN, NFC and ZigBee are available.


The mobility advantage

Wireless Wireless communication (or just wireless, when the context allows) is the transfer of information between two or more points without the use of an electrical conductor, optical fiber or other continuous guided medium for the transfer. The most ...
networks are very common, both for organizations and individuals. Many laptop computers have
wireless card A wireless network interface controller (WNIC) is a network interface controller which connects to a wireless network, such as Wi-Fi or Bluetooth, rather than a wired network, such as a Token Ring or Ethernet. A WNIC, just like other NICs, wor ...
s pre-installed. The ability to enter a network while mobile has great benefits. However, wireless networking is prone to some security issues.
Hackers A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
have found wireless networks relatively easy to break into, and even use wireless technology to hack into wired networks. As a result, it is very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources. Wireless Intrusion Prevention Systems (WIPS) or
Wireless Intrusion Detection System In computing, a wireless intrusion prevention system (WIPS) is a network device that monitors the radio spectrum for the presence of unauthorized access points ''(intrusion detection)'', and can automatically take countermeasures ''(intrusion preve ...
s (WIDS) are commonly used to enforce wireless security policies.


The air interface and link corruption risk

There were relatively few dangers when wireless technology was first introduced, as the effort to maintain the communication was high and the effort to intrude is always higher. The variety of risks to users of wireless technology have increased as the service has become more popular and the technology more commonly available. Today there are a great number of security risks associated with the current wireless protocols and
encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...
methods, as carelessness and ignorance exists at the user and corporate IT level. Hacking methods have become much more sophisticated and innovative with wireless.


Modes of unauthorized access

The modes of unauthorised access to links, to functions and to data is as variable as the respective entities make use of program code. There does not exist a full scope model of such threat. To some extent the prevention relies on known modes and methods of attack and relevant methods for suppression of the applied methods. However, each new mode of operation will create new options of threatening. Hence prevention requires a steady drive for improvement. The described modes of attack are just a snapshot of typical methods and scenarios where to apply.


Accidental association

Violation of the security perimeter of a corporate network can come from a number of different methods and intents. One of these methods is referred to as “accidental association”. When a user turns on a computer and it latches on to a wireless access point from a neighboring company's overlapping network, the user may not even know that this has occurred. However, it is a security breach in that proprietary company information is exposed and now there could exist a link from one company to the other. This is especially true if the laptop is also hooked to a wired network. Accidental association is a case of wireless vulnerability called as "mis-association". Mis-association can be accidental, deliberate (for example, done to bypass corporate firewall) or it can result from deliberate attempts on wireless clients to lure them into connecting to attacker's APs.


Malicious association

“Malicious associations” are when wireless devices can be actively made by attackers to connect to a company network through their laptop instead of a company access point (AP). These types of laptops are known as “soft APs” and are created when a cyber criminal runs some
software Software is a set of computer programs and associated documentation and data. This is in contrast to hardware, from which the system is built and which actually performs the work. At the lowest programming level, executable code consists ...
that makes his/her wireless network card look like a legitimate access point. Once the thief has gained access, he/she can steal passwords, launch attacks on the wired network, or plant
trojans Trojan or Trojans may refer to: * Of or from the ancient city of Troy * Trojan language, the language of the historical Trojans Arts and entertainment Music * ''Les Troyens'' ('The Trojans'), an opera by Berlioz, premiered part 1863, part 1890 ...
. Since wireless networks operate at the Layer 2 level, Layer 3 protections such as network authentication and
virtual private networks A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. The be ...
(VPNs) offer no barrier. Wireless 802.1X authentications do help with some protection but are still vulnerable to hacking. The idea behind this type of attack may not be to break into a
VPN A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. The be ...
or other security measures. Most likely the criminal is just trying to take over the client at the Layer 2 level.


Ad hoc networks

Ad hoc Ad hoc is a Latin phrase meaning literally 'to this'. In English, it typically signifies a solution for a specific purpose, problem, or task rather than a generalized solution adaptable to collateral instances. (Compare with ''a priori''.) Com ...
networks can pose a security threat. Ad hoc networks are defined as eer to peernetworks between wireless computers that do not have an access point in between them. While these types of networks usually have little protection, encryption methods can be used to provide security. The security hole provided by Ad hoc networking is not the Ad hoc network itself but the bridge it provides into other networks, usually in the corporate environment, and the unfortunate default settings in most versions of Microsoft Windows to have this feature turned on unless explicitly disabled. Thus the user may not even know they have an unsecured Ad hoc network in operation on their computer. If they are also using a wired or wireless infrastructure network at the same time, they are providing a bridge to the secured organizational network through the unsecured Ad hoc connection. Bridging is in two forms. A direct bridge, which requires the user actually configure a bridge between the two connections and is thus unlikely to be initiated unless explicitly desired, and an indirect bridge which is the shared resources on the user computer. The indirect bridge may expose private data that is shared from the user's computer to LAN connections, such as shared folders or private Network Attached Storage, making no distinction between authenticated or private connections and unauthenticated Ad-Hoc networks. This presents no threats not already familiar to open/public or unsecured wifi access points, but firewall rules may be circumvented in the case of poorly configured operating systems or local settings.


Non-traditional networks

Non-traditional networks such as personal network
Bluetooth Bluetooth is a short-range wireless technology standard that is used for exchanging data between fixed and mobile devices over short distances and building personal area networks (PANs). In the most widely used mode, transmission power is limi ...
devices are not safe from hacking and should be regarded as a security risk. Even
barcode reader A barcode reader is an optical scanner that can read printed barcodes, decode the data contained in the barcode to a computer. Like a flatbed scanner, it consists of a light source, a lens and a light sensor for translating optical impulses into e ...
s, handheld
PDA PDA may refer to: Science and technology * Patron-driven acquisition, a mechanism for libraries to purchase books *Personal digital assistant, a mobile device * Photodiode array, a type of detector * Polydiacetylenes, a family of conducting poly ...
s, and wireless printers and copiers should be secured. These non-traditional networks can be easily overlooked by IT personnel who have narrowly focused on laptops and access points.


Identity theft (MAC spoofing)

Identity theft (or
MAC spoofing MAC spoofing is a technique for changing a factory-assigned Media Access Control (MAC) address of a network interface on a networked device. The MAC address that is hard-coded on a network interface controller (NIC) cannot be changed. However ...
) occurs when a hacker is able to listen in on network traffic and identify the
MAC address A media access control address (MAC address) is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. This use is common in most IEEE 802 networking techno ...
of a computer with
network privilege In computing, privilege is defined as the delegation of authority to perform security-relevant functions on a computer system. A privilege allows a user to perform an action with security consequences. Examples of various privileges include the ab ...
s. Most wireless systems allow some kind of
MAC filtering In computer networking, MAC address filtering is a security access control method whereby the MAC address assigned to each network interface controller is used to determine access to the network. MAC addresses are uniquely assigned to each card ...
to allow only authorized computers with specific MAC IDs to gain access and utilize the network. However, programs exist that have network “ sniffing” capabilities. Combine these programs with other software that allow a computer to pretend it has any MAC address that the hacker desires, and the hacker can easily get around that hurdle. MAC filtering is effective only for small residential (SOHO) networks, since it provides protection only when the wireless device is "off the air". Any 802.11 device "on the air" freely transmits its unencrypted MAC address in its 802.11 headers, and it requires no special equipment or software to detect it. Anyone with an 802.11 receiver (laptop and wireless adapter) and a freeware wireless packet analyzer can obtain the MAC address of any transmitting 802.11 within range. In an organizational environment, where most wireless devices are "on the air" throughout the active working shift, MAC filtering provides only a false sense of security since it prevents only "casual" or unintended connections to the organizational infrastructure and does nothing to prevent a directed attack.


Man-in-the-middle attacks

A
man-in-the-middle In cryptography and computer security, a man-in-the-middle, monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle (MITM), person-in-the-middle (PITM) or adversary-in-the-middle (AiTM) ...
attacker entices computers to log into a computer which is set up as a soft AP ( Access Point). Once this is done, the hacker connects to a real access point through another wireless card offering a steady flow of traffic through the transparent hacking computer to the real network. The hacker can then sniff the traffic. One type of man-in-the-middle attack relies on security faults in challenge and handshake protocols to execute a “de-authentication attack”. This attack forces AP-connected computers to drop their connections and reconnect with the hacker's soft AP (disconnects the user from the modem so they have to connect again using their password which one can extract from the recording of the event). Man-in-the-middle attacks are enhanced by software such as LANjack and AirJack which automate multiple steps of the process, meaning what once required some skill can now be done by
script kiddie A script kiddie, skiddie, kiddie, or skid is an unskilled individual who uses scripts or programs developed by others, primarily for malicious purposes. Characteristics In a Carnegie Mellon report prepared for the U.K. Department of Defense in 2 ...
s.
Hotspots Hotspot, Hot Spot or Hot spot may refer to: Places * Hot Spot, Kentucky, a community in the United States Arts, entertainment, and media Fictional entities * Hot Spot (comics), a name for the DC Comics character Isaiah Crockett * Hot Spot (Tra ...
are particularly vulnerable to any attack since there is little to no security on these networks.


Denial of service

A
Denial-of-service attack In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connect ...
(DoS) occurs when an attacker continually bombards a targeted AP ( Access Point) or network with bogus requests, premature successful connection messages, failure messages, and/or other commands. These cause legitimate users to not be able to get on the network and may even cause the network to crash. These attacks rely on the abuse of protocols such as the
Extensible Authentication Protocol Extensible Authentication Protocol (EAP) is an authentication framework frequently used in network and internet connections. It is defined in , which made obsolete, and is updated by . EAP is an authentication framework for providing the transport ...
(EAP). The DoS attack in itself does little to expose organizational data to a malicious attacker, since the interruption of the network prevents the flow of data and actually indirectly protects data by preventing it from being transmitted. The usual reason for performing a DoS attack is to observe the recovery of the wireless network, during which all of the initial handshake codes are re-transmitted by all devices, providing an opportunity for the malicious attacker to record these codes and use various cracking tools to analyze security weaknesses and exploit them to gain unauthorized access to the system. This works best on weakly encrypted systems such as WEP, where there are a number of tools available which can launch a dictionary style attack of "possibly accepted" security keys based on the "model" security key captured during the network recovery.


Network injection

In a network injection attack, a hacker can make use of access points that are exposed to non-filtered network traffic, specifically broadcasting network traffic such as “
Spanning Tree In the mathematical field of graph theory, a spanning tree ''T'' of an undirected graph ''G'' is a subgraph that is a tree which includes all of the vertices of ''G''. In general, a graph may have several spanning trees, but a graph that is not ...
” (802.1D),
OSPF Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous sys ...
,
RIP Rest in peace (RIP), a phrase from the Latin (), is sometimes used in traditional Christian services and prayers, such as in the Catholic, Lutheran, Anglican, and Methodist denominations, to wish the soul of a decedent eternal rest and peace. ...
, and
HSRP In computer networking, the Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway. Version 1 of the protocol was described in in 1998. Version 2 of the protocol includes ...
. The hacker injects bogus networking re-configuration commands that affect routers, switches, and intelligent hubs. A whole network can be brought down in this manner and require rebooting or even reprogramming of all intelligent networking devices.


Caffe Latte attack

The Caffe Latte attack is another way to defeat WEP. It is not necessary for the attacker to be in the area of the
network Network, networking and networked may refer to: Science and technology * Network theory, the study of graphs as a representation of relations between discrete objects * Network science, an academic field that studies complex networks Mathematics ...
using this exploit. By using a process that targets the
Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
wireless stack, it is possible to obtain the WEP key from a remote client. By sending a flood of encrypted ARP requests, the assailant takes advantage of the shared key authentication and the message modification flaws in
802.11 IEEE 802.11 is part of the IEEE 802 set of local area network (LAN) technical standards, and specifies the set of media access control (MAC) and physical layer (PHY) protocols for implementing wireless local area network (WLAN) computer com ...
WEP. The attacker uses the ARP responses to obtain the WEP key in less than 6 minutes.


Wireless intrusion prevention concepts

There are three principal ways to secure a wireless network. * For closed networks (like home users and organizations) the most common way is to configure access restrictions in the access points. Those restrictions may include encryption and checks on
MAC address A media access control address (MAC address) is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. This use is common in most IEEE 802 networking techno ...
. Wireless Intrusion Prevention Systems can be used to provide wireless LAN security in this network model. * For commercial providers,
hotspots Hotspot, Hot Spot or Hot spot may refer to: Places * Hot Spot, Kentucky, a community in the United States Arts, entertainment, and media Fictional entities * Hot Spot (comics), a name for the DC Comics character Isaiah Crockett * Hot Spot (Tra ...
, and large organizations, the preferred solution is often to have an open and unencrypted, but completely isolated wireless network. The users will at first have no access to the Internet nor to any local network resources. Commercial providers usually forward all web traffic to a
captive portal A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a Wi-Fi or wired network before they are granted broader access to network resources. Captive portals are commonly used to present a landin ...
which provides for payment and/or authorization. Another solution is to require the users to connect securely to a privileged network using
VPN A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. The be ...
. * Wireless networks are less secure than wired ones; in many offices intruders can easily visit and hook up their own computer to the wired network without problems, gaining access to the network, and it is also often possible for remote intruders to gain access to the network through
backdoor A back door is a door in the rear of a building. Back door may also refer to: Arts and media * Back Door (jazz trio), a British group * Porta dos Fundos (literally “Back Door” in Portuguese) Brazilian comedy YouTube channel. * Works so title ...
s like
Back Orifice Back Orifice (often shortened to BO) is a computer program designed for remote administration, remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location.Richtel, M ...
. One general solution may be end-to-end encryption, with independent authentication on all resources that shouldn't be available to the public. There is no ready designed system to prevent from fraudulent usage of wireless communication or to protect data and functions with wirelessly communicating computers and other entities. However, there is a system of qualifying the taken measures as a whole according to a common understanding what shall be seen as state of the art. The system of qualifying is an international consensus as specified in ISO/IEC 15408.


A wireless intrusion prevention system

A Wireless Intrusion Prevention System (WIPS) is a concept for the most robust way to counteract wireless security risks. However such WIPS does not exist as a ready designed solution to implement as a software package. A WIPS is typically implemented as an overlay to an existing
Wireless LAN A wireless LAN (WLAN) is a wireless computer network A wireless network is a computer network that uses wireless data connections between network nodes. Wireless networking is a method by which homes, telecommunications networks and bus ...
infrastructure, although it may be deployed standalone to enforce no-wireless policies within an organization. WIPS is considered so important to wireless security that in July 2009, the
Payment Card Industry Security Standards Council The Payment Card Industry Security Standards Council (PCI SSC) was formed by American Express, Discover Financial Services, JCB International, MasterCard and Visa Inc. on September 7, 2006, with the goal of managing the ongoing evolution of the ...
published wireless guidelines for
PCI DSS The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard used to handle credit cards from major card scheme, card brands. The standard is administered by the Payment Card Industry Security Standards Council a ...
recommending the use of WIPS to automate wireless scanning and protection for large organizations.


Security measures

There are a range of wireless security measures, of varying effectiveness and practicality.


SSID hiding

A simple but ineffective method to attempt to secure a wireless network is to hide the SSID (Service Set Identifier). This provides very little protection against anything but the most casual intrusion efforts.


MAC ID filtering

One of the simplest techniques is to only allow access from known, pre-approved MAC addresses. Most wireless access points contain some type of MAC ID filtering. However, an attacker can simply sniff the MAC address of an authorized client and spoof this address.


Static IP addressing

Typical wireless access points provide
IP addresses An Internet Protocol address (IP address) is a numerical label such as that is connected to a computer network that uses the Internet Protocol for communication.. Updated by . An IP address serves two main functions: network interface ident ...
to clients via
DHCP The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a cli ...
. Requiring clients to set their own addresses makes it more difficult for a casual or unsophisticated intruder to log onto the network, but provides little protection against a sophisticated attacker.


802.11 security

IEEE 802.1X is the
IEEE Standard The Institute of Electrical and Electronics Engineers Standards Association (IEEE SA) is an operating unit within IEEE that develops global standards in a broad range of industries, including: power and energy, artificial intelligence systems, ...
authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicati ...
mechanisms to devices wishing to attach to a Wireless LAN.


Regular WEP

The Wired Equivalent Privacy (WEP)
encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...
standard was the original encryption standard for wireless, but since 2004 with the ratification
WPA2 Wi-Fi Protected Access (WPA), Wi-Fi Protected Access II (WPA2), and Wi-Fi Protected Access 3 (WPA3) are the three security and security certification programs developed after 2000 by the Wi-Fi Alliance to secure wireless computer networks. The All ...
the IEEE has declared it "deprecated", and while often supported, it is seldom or never the default on modern equipment. Concerns were raised about its security as early as 2001, dramatically demonstrated in 2005 by the
FBI The Federal Bureau of Investigation (FBI) is the domestic Intelligence agency, intelligence and Security agency, security service of the United States and its principal Federal law enforcement in the United States, federal law enforcement age ...
, yet in 2007
T.J. Maxx TJ Maxx (stylized as T•J•maxx) is an American department store chain, selling at prices generally lower than other major similar stores. It has more than 1,000 stores in the United States, making it one of the largest clothing retailers in ...
admitted a massive security breach due in part to a reliance on WEP and the
Payment Card Industry The payment card industry (PCI) denotes the debit, credit, prepaid, e-purse, ATM, and POS cards and associated businesses. Overview The payment card industry consists of all the organizations which store, process and transmit cardholder data, ...
took until 2008 to prohibit its use – and even then allowed existing use to continue until June 2010.


WPAv1

The
Wi-Fi Protected Access Wi-Fi Protected Access (WPA), Wi-Fi Protected Access II (WPA2), and Wi-Fi Protected Access 3 (WPA3) are the three security and security certification programs developed after 2000 by the Wi-Fi Alliance to secure wireless computer networks. The All ...
(WPA and WPA2) security protocols were later created to address the problems with WEP. If a weak password, such as a dictionary word or short character string is used, WPA and WPA2 can be cracked. Using a long enough random password (e.g. 14 random letters) or
passphrase A passphrase is a sequence of words or other text used to control access to a computer system, program or data. It is similar to a password in usage, but a passphrase is generally longer for added security. Passphrases are often used to control ...
(e.g. 5 randomly chosen words) makes
pre-shared key In cryptography, a pre-shared key (PSK) is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used. Key To build a key from shared secret, the key derivation function is typically us ...
WPA virtually uncrackable. The second generation of the WPA security protocol (WPA2) is based on the final IEEE 802.11i amendment to the
802.11 IEEE 802.11 is part of the IEEE 802 set of local area network (LAN) technical standards, and specifies the set of media access control (MAC) and physical layer (PHY) protocols for implementing wireless local area network (WLAN) computer com ...
standard and is eligible for
FIPS 140-2 The Federal Information Processing Standard Publication 140-2, (FIPS PUB 140-2), is a U.S. government computer security standard used to approve cryptographic modules. The title is ''Security Requirements for Cryptographic Modules''. Initial publ ...
compliance. With all those encryption schemes, any client in the network that knows the keys can read all the traffic. Wi-Fi Protected Access (WPA) is a software/firmware improvement over WEP. All regular WLAN-equipment that worked with WEP are able to be simply upgraded and no new equipment needs to be bought. WPA is a trimmed-down version of the
802.11i IEEE 802.11i-2004, or 802.11i for short, is an amendment to the original IEEE 802.11, implemented as Wi-Fi Protected Access II (WPA2). The draft standard was ratified on 24 June 2004. This standard specifies security mechanisms for wireless netw ...
security standard that was developed by the
IEEE 802.11 IEEE 802.11 is part of the IEEE 802 set of local area network (LAN) technical standards, and specifies the set of media access control (MAC) and physical layer (PHY) protocols for implementing wireless local area network (WLAN) computer commun ...
to replace WEP. The TKIP encryption algorithm was developed for WPA to provide improvements to WEP that could be fielded as
firmware In computing, firmware is a specific class of computer software that provides the low-level control for a device's specific hardware. Firmware, such as the BIOS of a personal computer, may contain basic functions of a device, and may provide h ...
upgrades to existing 802.11 devices. The WPA profile also provides optional support for the
AES-CCMP Counter Mode Cipher Block Chaining Message Authentication Code Protocol (Counter Mode CBC-MAC Protocol) or CCM mode Protocol (CCMP) is an encryption protocol designed for Wireless LAN products that implements the standards of the IEEE 802.11i amen ...
algorithm that is the preferred algorithm in 802.11i and WPA2. WPA Enterprise provides
RADIUS In classical geometry, a radius ( : radii) of a circle or sphere is any of the line segments from its center to its perimeter, and in more modern usage, it is also their length. The name comes from the latin ''radius'', meaning ray but also the ...
based authentication using 802.1X. WPA Personal uses a pre-shared Shared Key ( PSK) to establish the security using an 8 to 63 character passphrase. The PSK may also be entered as a 64 character hexadecimal string. Weak PSK passphrases can be broken using off-line dictionary attacks by capturing the messages in the four-way exchange when the client reconnects after being deauthenticated. Wireless suites such as
aircrack-ng Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monito ...
can crack a weak passphrase in less than a minute. Other WEP/WPA crackers are AirSnort and
Auditor Security Collection BackTrack was a Linux distribution that focused on security, based on the Knoppix Linux distribution aimed at digital forensics and penetration testing use. In March 2013, the Offensive Security team rebuilt BackTrack around the Debian distribu ...
. Still, WPA Personal is secure when used with ‘good’ passphrases or a full 64-character hexadecimal key. There was information, however, that Erik Tews (the man who created the fragmentation attack against WEP) was going to reveal a way of breaking the WPA TKIP implementation at Tokyo's PacSec security conference in November 2008, cracking the encryption on a packet in 12 to 15 minutes. Still, the announcement of this 'crack' was somewhat overblown by the media, because as of August, 2009, the best attack on WPA (the Beck-Tews attack) is only partially successful in that it only works on short data packets, it cannot decipher the WPA key, and it requires very specific WPA implementations in order to work.


Additions to WPAv1

In addition to WPAv1, TKIP, WIDS and EAP may be added alongside. Also,
VPN A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. The be ...
-networks (non-continuous secure network connections) may be set up under the 802.11-standard. VPN implementations include
PPTP The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks. PPTP has many well known security issues. PPTP uses a TCP control channel and a Generic Routing Encapsulation tunnel to encapsulate PP ...
,
L2TP In computer networking, Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It uses encryption ('hiding') only for its own control messages (using ...
,
IPsec In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...
and
SSH The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on ...
. However, this extra layer of security may also be cracked with tools such as Anger, Deceit and Ettercap for PPTP; and ike-scan, IKEProbe,
ipsectrace ipsectrace is a software tool designed by Wayne Schroeder to help profile IPsec connections in a packet capture (PCP) file. The program uses a command line interface to point at a PCP capture and informs the user about what is going on. It is somewh ...
, and IKEcrack for IPsec-connections.


=TKIP

= This stands for Temporal Key Integrity Protocol and the acronym is pronounced as tee-kip. This is part of the IEEE 802.11i standard. TKIP implements per-packet key mixing with a re-keying system and also provides a message integrity check. These avoid the problems of WEP.


=EAP

= The WPA-improvement over the
IEEE The Institute of Electrical and Electronics Engineers (IEEE) is a 501(c)(3) professional association for electronic engineering and electrical engineering (and associated disciplines) with its corporate office in New York City and its operation ...
802.1X standard already improved the authentication and authorization for access of wireless and wired LANs. In addition to this, extra measures such as the
Extensible Authentication Protocol Extensible Authentication Protocol (EAP) is an authentication framework frequently used in network and internet connections. It is defined in , which made obsolete, and is updated by . EAP is an authentication framework for providing the transport ...
(EAP) have initiated an even greater amount of security. This, as EAP uses a central authentication server. Unfortunately, during 2002 a Maryland professor discovered some shortcomings . Over the next few years these shortcomings were addressed with the use of TLS and other enhancements. This new version of EAP is now called Extended EAP and is available in several versions; these include: EAP-MD5, PEAPv0, PEAPv1, EAP-MSCHAPv2, LEAP, EAP-FAST, EAP-TLS, EAP-TTLS, MSCHAPv2, and EAP-SIM.


EAP-versions

EAP-versions include LEAP, PEAP and other EAP's. LEAP This stands for the Lightweight Extensible Authentication Protocol. This protocol is based on
802.1X IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a Local area network, LAN or Wireless ...
and helps minimize the original security flaws by using WEP and a sophisticated key management system. This EAP-version is safer than EAP-MD5. This also uses MAC address authentication. LEAP is not secure; THC-LeapCracker can be used to break
Cisco Cisco Systems, Inc., commonly known as Cisco, is an American-based multinational digital communications technology conglomerate corporation headquartered in San Jose, California. Cisco develops, manufactures, and sells networking hardware, ...
’s version of LEAP and be used against computers connected to an access point in the form of a
dictionary attack In cryptanalysis and computer security, a dictionary attack is an attack using a restricted subset of a keyspace to defeat a cipher or authentication mechanism by trying to determine its decryption key or passphrase, sometimes trying thousands o ...
. Anwrap and asleap finally are other crackers capable of breaking LEAP. PEAP This stands for Protected Extensible Authentication Protocol. This protocol allows for a secure transport of data, passwords, and encryption keys without the need of a certificate server. This was developed by Cisco, Microsoft, and
RSA Security RSA Security LLC, formerly RSA Security, Inc. and doing business as RSA, is an American computer and network security company with a focus on encryption and encryption standards. RSA was named after the initials of its co-founders, Ron Rivest, ...
. Other EAPs There are other types of Extensible Authentication Protocol implementations that are based on the EAP framework. The framework that was established supports existing EAP types as well as future authentication methods. EAP-TLS offers very good protection because of its mutual authentication. Both the client and the network are authenticated using certificates and per-session WEP keys. EAP-FAST also offers good protection. EAP-TTLS is another alternative made by Certicom and Funk Software. It is more convenient as one does not need to distribute certificates to users, yet offers slightly less protection than EAP-TLS.


Restricted access networks

Solutions include a newer system for
authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicati ...
, IEEE
802.1X IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a Local area network, LAN or Wireless ...
, that promises to enhance security on both wired and wireless networks. Wireless access points that incorporate technologies like these often also have routers built in, thus becoming
wireless gateway A wireless gateway routes packets from a wireless LAN to another network, wired or wireless WAN. It may be implemented as software or hardware or a combination of both. Wireless gateways combine the functions of a wireless access point, a router, ...
s.


End-to-end encryption

One can argue that both
layer 2 The data link layer, or layer 2, is the second layer of the seven-layer OSI model of computer networking. This layer is the protocol layer that transfers data between nodes on a network segment across the physical layer. The data link layer pr ...
and
layer 3 In the seven-layer OSI model of computer networking, the network layer is layer 3. The network layer is responsible for packet forwarding including routing through intermediate routers. Functions The network layer provides the means of transfe ...
encryption methods are not good enough for protecting valuable data like passwords and personal emails. Those technologies add encryption only to parts of the communication path, still allowing people to spy on the traffic if they have gained access to the wired network somehow. The solution may be encryption and authorization in the
application layer An application layer is an abstraction layer that specifies the shared communications protocols and Interface (computing), interface methods used by Host (network), hosts in a communications network. An ''application layer'' abstraction is speci ...
, using technologies like SSL,
SSH The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on ...
,
GnuPG GNU Privacy Guard (GnuPG or GPG) is a free-software replacement for Symantec's PGP cryptographic software suite. The software is compliant with RFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interoperabl ...
,
PGP PGP or Pgp may refer to: Science and technology * P-glycoprotein, a type of protein * Pelvic girdle pain, a pregnancy discomfort * Personal Genome Project, to sequence genomes and medical records * Pretty Good Privacy, a computer program for the ...
and similar. The disadvantage with the end-to-end method is, it may fail to cover all traffic. With encryption on the router level or VPN, a single switch encrypts all traffic, even UDP and DNS lookups. With end-to-end encryption on the other hand, each service to be secured must have its encryption "turned on", and often every connection must also be "turned on" separately. For sending emails, every recipient must support the encryption method, and must exchange keys correctly. For Web, not all web sites offer https, and even if they do, the browser sends out IP addresses in clear text. The most prized resource is often access to the Internet. An office LAN owner seeking to restrict such access will face the nontrivial enforcement task of having each user authenticate themselves for the router.


802.11i security

The newest and most rigorous security to implement into WLAN's today is the 802.11i RSN-standard. This full-fledged 802.11i standard (which uses WPAv2) however does require the newest hardware (unlike WPAv1), thus potentially requiring the purchase of new equipment. This new hardware required may be either AES-WRAP (an early version of 802.11i) or the newer and better AES-CCMP-equipment. One should make sure one needs WRAP or CCMP-equipment, as the 2 hardware standards are not compatible.


WPAv2

WPA2 Wi-Fi Protected Access (WPA), Wi-Fi Protected Access II (WPA2), and Wi-Fi Protected Access 3 (WPA3) are the three security and security certification programs developed after 2000 by the Wi-Fi Alliance to secure wireless computer networks. The All ...
is a WiFi Alliance branded version of the final 802.11i standard. The primary enhancement over WPA is the inclusion of the
AES-CCMP Counter Mode Cipher Block Chaining Message Authentication Code Protocol (Counter Mode CBC-MAC Protocol) or CCM mode Protocol (CCMP) is an encryption protocol designed for Wireless LAN products that implements the standards of the IEEE 802.11i amen ...
algorithm as a mandatory feature. Both WPA and WPA2 support EAP authentication methods using RADIUS servers and preshared key (PSK). The number of WPA and WPA2 networks are increasing, while the number of WEP networks are decreasing, because of the security vulnerabilities in WEP. WPA2 has been found to have at least one security vulnerability, nicknamed Hole196. The vulnerability uses the WPA2 Group Temporal Key (GTK), which is a shared key among all users of the same
BSSID In IEEE 802.11 wireless local area networking standards (including Wi-Fi), a service set is a group of wireless network devices which share a ''service set identifier'' (''SSID'')—typically the natural language label that users see as a network ...
, to launch attacks on other users of the same
BSSID In IEEE 802.11 wireless local area networking standards (including Wi-Fi), a service set is a group of wireless network devices which share a ''service set identifier'' (''SSID'')—typically the natural language label that users see as a network ...
. It is named after page 196 of the IEEE 802.11i specification, where the vulnerability is discussed. In order for this exploit to be performed, the GTK must be known by the attacker.


Additions to WPAv2

Unlike 802.1X, 802.11i already has most other additional security-services such as TKIP. Just as with WPAv1, WPAv2 may work in cooperation with EAP and a WIDS.


WAPI

This stands for WLAN Authentication and Privacy Infrastructure. This is a wireless security standard defined by the
Chinese Chinese can refer to: * Something related to China * Chinese people, people of Chinese nationality, citizenship, and/or ethnicity **''Zhonghua minzu'', the supra-ethnic concept of the Chinese nation ** List of ethnic groups in China, people of ...
government.


Smart cards, USB tokens, and software tokens

Security token A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to or in place of a password. It acts like an electronic key to access something. Examples of security tokens incl ...
use is a method of authentication relying upon only authorized users possessing the requisite token.
Smart cards A smart card, chip card, or integrated circuit card (ICC or IC card) is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) c ...
are physical tokens in the cards that utilize an embedded integrated circuit chip for authentication, requiring a card reader. USB Tokens are physical tokens that connect via USB port to authenticate the user.


RF shielding

It's practical in some cases to apply specialized wall paint and window film to a room or building to significantly attenuate wireless signals, which keeps the signals from propagating outside a facility. This can significantly improve wireless security because it's difficult for hackers to receive the signals beyond the controlled area of a facility, such as from a parking lot.


Denial of service defense

Most DoS attacks are easy to detect. However, a lot of them are difficult to stop even after detection. Here are three of the most common ways to stop a DoS attack.


Black holing

Black holing is one possible way of stopping a DoS attack. This is a situation where we drop all IP packets from an attacker. This is not a very good long-term strategy because attackers can change their source address very quickly. This may have negative effects if done automatically. An attacker could knowingly spoof attack packets with the IP address of a corporate partner. Automated defenses could block legitimate traffic from that partner and cause additional problems.


Validating the handshake

Validating the handshake involves creating false opens, and not setting aside resources until the sender acknowledges. Some firewalls address SYN floods by pre-validating the TCP handshake. This is done by creating false opens. Whenever a SYN segment arrives, the firewall sends back a SYN/ACK segment, without passing the SYN segment on to the target server. Only when the firewall gets back an ACK, which would happen only in a legitimate connection, would the firewall send the original SYN segment on to the server for which it was originally intended. The firewall doesn't set aside resources for a connection when a SYN segment arrives, so handling a large number of false SYN segments is only a small burden.


Rate limiting

Rate limiting can be used to reduce a certain type of traffic down to an amount the can be reasonably dealt with. Broadcasting to the internal network could still be used, but only at a limited rate for example. This is for more subtle DoS attacks. This is good if an attack is aimed at a single server because it keeps transmission lines at least partially open for other communication. Rate limiting frustrates both the attacker, and the legitimate users. This helps but does not fully solve the problem. Once DoS traffic clogs the access line going to the internet, there is nothing a border firewall can do to help the situation. Most DoS attacks are problems of the community which can only be stopped with the help of ISP's and organizations whose computers are taken over as bots and used to attack other firms.


Mobile devices

With increasing number of mobile devices with 802.1X interfaces, security of such mobile devices becomes a concern. While open standards such as Kismet are targeted towards securing laptops, access points solutions should extend towards covering mobile devices also. Host based solutions for mobile handsets and PDA's with 802.1X interface. Security within mobile devices fall under three categories: # Protecting against ad hoc networks # Connecting to rogue access points # Mutual authentication schemes such as WPA2 as described above Wireless IPS solutions now offer wireless security for mobile devices. Mobile patient monitoring devices are becoming an integral part of healthcare industry and these devices will eventually become the method of choice for accessing and implementing health checks for patients located in remote areas. For these types of patient monitoring systems, security and reliability are critical, because they can influence the condition of patients, and could leave medical professionals in the dark about the condition of the patient if compromised.


Implementing network encryption

In order to implement 802.11i, one must first make sure both that the router/access point(s), as well as all client devices are indeed equipped to support the network encryption. If this is done, a server such as
RADIUS In classical geometry, a radius ( : radii) of a circle or sphere is any of the line segments from its center to its perimeter, and in more modern usage, it is also their length. The name comes from the latin ''radius'', meaning ray but also the ...
, ADS,
NDS NDS may stand for: * Low German ( nl, Nedersaksisch, links=no, german: Niederdeutsche Sprache, links=no, ISO 639-2 language code: nds), a West Germanic language native to Northern Germany, Denmark and the Netherlands * Lower Saxony (german: Niedersa ...
, or
LDAP The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory servi ...
needs to be integrated. This server can be a computer on the local network, an access point / router with integrated authentication server, or a remote server. AP's/routers with integrated authentication servers are often very expensive and specifically an option for commercial usage like hot spots. Hosted 802.1X servers via the Internet require a monthly fee; running a private server is free yet has the disadvantage that one must set it up and that the server needs to be on continuously. To set up a server, server and client software must be installed. Server software required is an
enterprise authentication server Enterprise (or the archaic spelling Enterprize) may refer to: Business and economics Brands and enterprises * Enterprise GP Holdings, an energy holding company * Enterprise plc, a UK civil engineering and maintenance company * Enterprise ...
such as RADIUS, ADS, NDS, or LDAP. The required software can be picked from various suppliers as Microsoft, Cisco, Funk Software, Meetinghouse Data, and from some open-source projects. Software includes: * Aradial RADIUS Server * Cisco Secure Access Control Software *
freeRADIUS FreeRADIUS is a modular, high performance free RADIUS suite developed and distributed under the GNU General Public License, version 2, and is free for download and use. The FreeRADIUS Suite includes a RADIUS server, a BSD-licensed RADIUS client l ...
(open-source) * Funk Software Steel Belted RADIUS (Odyssey) * Microsoft
Internet Authentication Service Internet Authentication Service (IAS) is a component of Windows Server operating systems that provides centralized user authentication, authorization and accounting. Overview While Routing and Remote Access Service (RRAS) security is sufficient ...
* Meetinghouse Data EAGIS * SkyFriendz (free cloud solution based on freeRADIUS) Client software comes built-in with Windows XP and may be integrated into other OS's using any of following software: * AEGIS-client * Cisco ACU-client * Intel PROSet/Wireless Software * Odyssey client *
Xsupplicant Xsupplicant is a supplicant that allows a workstation to authenticate with a RADIUS server using 802.1X and the Extensible Authentication Protocol (EAP). It can be used for computers with wired or wireless LAN connections to complete a strong aut ...
(open1X)-project


RADIUS

''Remote Authentication Dial In User Service'' (RADIUS) is an AAA (authentication, authorization and accounting) protocol used for remote network access. RADIUS, developed in 1991, was originally proprietary but then published in 1997 under ISOC documents RFC 2138 and RFC 2139. The idea is to have an inside server act as a gatekeeper by verifying identities through a username and password that is already pre-determined by the user. A RADIUS server can also be configured to enforce user policies and restrictions as well as record accounting information such as connection time for purposes such as billing.


Open access points

Today, there is almost full wireless network coverage in many urban areas – the infrastructure for the
wireless community network Wireless community networks (WCNs) or wireless community projects or simply community networks, are non-centralized, self-managed and collaborative networks organized in a grassroots fashion by communities, NGO's and cooperatives in order to provi ...
(which some consider to be the future of the internet ) is already in place. One could roam around and always be connected to Internet if the nodes were open to the public, but due to security concerns, most nodes are encrypted and the users don't know how to disable encryption. Many people consider it proper etiquette to leave access points open to the public, allowing free access to Internet. Others think the default encryption provides substantial protection at small inconvenience, against dangers of open access that they fear may be substantial even on a home DSL router. The density of access points can even be a problem – there are a limited number of channels available, and they partly overlap. Each channel can handle multiple networks, but places with many private wireless networks (for example, apartment complexes), the limited number of Wi-Fi radio channels might cause slowness and other problems. According to the advocates of Open Access Points, it shouldn't involve any significant risks to open up wireless networks for the public: * The wireless network is after all confined to a small geographical area. A computer connected to the Internet and having improper configurations or other security problems can be exploited by anyone from anywhere in the world, while only clients in a small geographical range can exploit an open wireless access point. Thus the exposure is low with an open wireless access point, and the risks with having an open wireless network are small. However, one should be aware that an open wireless router will give access to the local network, often including access to file shares and printers. * The only way to keep communication truly secure is to use
end-to-end encryption End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers – including telecom providers, Internet providers, malicious actors, and even ...
. For example, when accessing an internet bank, one would almost always use strong encryption from the web browser and all the way to the bank – thus it shouldn't be risky to do banking over an unencrypted wireless network. The argument is that anyone can sniff the traffic applies to wired networks too, where system administrators and possible hackers have access to the links and can read the traffic. Also, anyone knowing the keys for an encrypted wireless network can gain access to the data being transferred over the network. * If services like file shares, access to printers etc. are available on the local net, it is advisable to have authentication (i.e. by password) for accessing it (one should never assume that the private network is not accessible from the outside). Correctly set up, it should be safe to allow access to the local network to outsiders. * With the most popular encryption algorithms today, a sniffer will usually be able to compute the network key in a few minutes. * It is very common to pay a fixed monthly fee for the Internet connection, and not for the traffic – thus extra traffic will not be detrimental. * Where Internet connections are plentiful and cheap, freeloaders will seldom be a prominent nuisance. On the other hand, in some countries including Germany, persons providing an open access point may be made (partially) liable for any illegal activity conducted via this access point. Also, many contracts with ISPs specify that the connection may not be shared with other persons.


See also

*
Aircrack-ng Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monito ...
*
Electromagnetic shielding In electrical engineering, electromagnetic shielding is the practice of reducing or blocking the electromagnetic field (EMF) in a space with barriers made of conductive or magnetic materials. It is typically applied to enclosures, for isolating ...
* Kismet *
KRACK KRACK ("Key Reinstallation Attack") is a replay attack (a type of exploitable flaw) on the Wi-Fi Protected Access protocol that secures Wi-Fi connections. It was discovered in 2016 by the Belgian researchers Mathy Vanhoef and Frank Piessens ...
*
List of router firmware projects List of software created and maintained by people other than the manufacturer of the product. The extent of support for (and testing on) particular hardware varies from project to project. Embedded Notable custom-firmware projects for wireless ro ...
*
Mobile security Mobile security, or mobile device security, is the protection of smartphones, tablets, and laptops from threats associated with wireless computing. It has become increasingly important in mobile computing. The security of personal and business ...
*
Payment Card Industry Data Security Standard The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard used to handle credit cards from major card brands. The standard is administered by the Payment Card Industry Security Standards Council and its use i ...
* Stealth wallpaper *
Tempest (codename) TEMPEST is a U.S. National Security Agency specification and a NATO certification referring to spying on information systems through leaking emanations, including unintentional radio or electrical signals, sounds, and vibrations. TEMPEST covers bot ...
* Wireless intrusion prevention system *
Wireless Public Key Infrastructure Wireless Public Key Infrastructure (WPKI) is a technology that provides public key infrastructure functionality using a mobile Secure Element such as a SIM card. It can be used for example for two-factor authentication Multi-factor authenticat ...
(WPKI) *


References

* ''Wi-Foo: The Secrets of Wireless Hacking'' (2004) – * ''Real 802.11 Security: Wi-Fi Protected Access and 802.11i'' (2003) – * ''Design and Implementation of WLAN Authentication and Security''(2010) – * * Boyle, Randall, Panko, Raymond. ''Corporate Computer Security''. Upper Saddle River, New Jersey. 2015


External links

* {{Curlie, Computers/Data_Communications/Wireless/Security, Wireless security
How to Secure Your Wireless Home Network
at
wikiHow wikiHow is an online wiki-style publication featuring how-to articles on a variety of topics. Founded in 2005 by Internet entrepreneur Jack Herrick, its aim is to create an extensive database of instructional content, using the wiki model of ope ...
Computer network security
Security Security is protection from, or resilience against, potential harm (or other unwanted coercive change) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons and social ...