Wireless networks are very common, both for organisations and
individuals. Many laptop computers have wireless cards pre-installed for
the buyer. The ability to enter a network while mobile has great
benefits. However, wireless networking has many security issues.
Crackers have found wireless networks relatively easy to break into, and
even use wireless technology to crack into non-wireless networks.
Network administrators must be aware of these risks, and stay up-to-date
on any new risks that arise. Also, users of wireless equipment must be
aware of these risks, so as to take personal protective measures.
(a) Home Wireless Threats
The need to secure traditional wired Internet connections was felt long before. However, there is a growing trend of shifting to a wireless connection at homes. This involves a process where the user connects a device to his DSL or cable modem that broadcasts the Internet connection through the air over a radio signal to his computer. If traditional wired connections are susceptible to security tribulations, there is a great risk of security breach that may arise when a user opens his Internet connection to the airwaves. An unsecured wireless network coupled with unsecured file sharing can be disastrous. There are, however, steps one can take to protect the wireless network. The following are some of the possible security steps:
(i) Make the wireless network invisible by disabling identifier broadcasting,
(ii) Rename the wireless network and change the default name.
(iii) Encrypt the network traffic,
(iv) Change administrator’s password from the default password. If the wireless network does not have a default password, create one and use it to protect the network,
(v) Use file sharing with caution. If the user does not need to share directories and files over his network, he should disable file sharing on his computers.
(vi) Keep the access point[6] software patched and up to date,
(vii) Check internet provider’s wireless security options as it may provide information about securing your home wireless network,
(viii) Do not auto-connect to open Wi-Fi (wireless fidelity) networks
(ix) Turn off the network during extended periods of non-use, etc.
(b) Public Wireless Threats
The risks to users of wireless technology have increased exponentially as the service has become more popular. There were relatively few dangers when wireless techonology was first introduced. Currently, however; there are a great number of security risks associated with wireless technology. Some issues are obvious and some are not. At a corporate level, it is the responsibility of the Information Technology (IT) department to keep up to date with the types of threats and appropriate counter measures to deploy. Security threats are growing in the wireless arena. Crackers have learned that there is much vulnerability in the current wireless protocols, encryption methods, and in the carelessness and ignorance that exists at the user and corporate IT level. Cracking methods have become much more sophisticated and innovative with wireless. Cracking has become much easier and more accessible with easy-to-use Windows-based and Linux-based tools being made available on the web at no charge. IT personnel should be somewhat familiar with what these tools can do and how to counteract the cracking that stems from them.[7]Accessing the internet via a public wireless access point involves serious security threats. These threats are compounded by the inability to control the security setup of the wireless network. The following steps can be taken to protect oneself at public places:
(a) Be careful while dealing in an online environment if the network is not properly secured. Avoid online banking, shopping, entering credit card details, etc,
(b) Connect using a virtual private network (VPN) as it allows connecting securely. VPNs encrypt connections at the sending and receiving ends, and keep out traffic that is not properly encrypted,
(c) Disable file sharing in public wireless spaces as it is more dangerous than it is on your home wireless network,
(d) Be aware of your surroundings while using a public wireless access point. If an internet connection is not essential, disable wireless networking altogether.
III. Corporate security
The network of companies are equally vulnerable to various cyber attacks and if not properly secured may cost the company tremendous loss of information and money. The following are the types of unauthorised access generally found at companies networks:
(a) Accidental Association: Unauthorised access to company wireless and wired networks can come from a number of different methods and intents. One of these methods is referred to as “accidental association”. This is when a user turns on their computer and it latches on to a wireless access point from a neighboring company’s overlapping network. The user may not even know that this has occurred. However, this is a security breach in that proprietary company information is exposed and now there could exist a link from one company to the other. This is especially true if the laptop is also hooked to a wired network.
(b) Malicious Association: “Malicious associations” are when wireless devices can be actively made by crackers to connect to a company network through their cracking laptop instead of a company access point (AP). These types of laptops are known as “soft APs” and are created when a cracker runs some software that makes his/her wireless network card look like a legitimate access point. Once the cracker has gained access, he/she can steal passwords, launch attacks on the wired network, or plant trojans.
(c) Ad-Hoc Networks: Ad-hoc networks[8] can pose a security threat. Ad-hoc networks are defined as peer to peer networks between wireless computers that do not have an access point in between them. While these types of networks usually have little security, encryption methods can be used to provide security.
(d) Non-Traditional Networks: Non-traditional networks such as personal network Bluetooth devices are not safe from cracking and should be regarded as a security risk. Even bar code scanners, handheld PDAs,[9] and wireless printers and copiers should be secured. These non-traditional networks can be easily overlooked by IT personnel that have narrowly focused on laptops.
(e) Identity Theft (MAC Spoofing): Identity theft occurs when a cracker is able to listen in on network traffic and identify the MAC[10] address of a computer with network privileges. Most wireless systems allow some kind of MAC filtering to only allow authorised computers with specific MAC IDs to gain access and utilize the network. However, a number of programs exist that have network “sniffing” capabilities. Combine these programs with capabilities. Combine these programs with other software that allow a computer to pretend it has any MAC address that the cracker desires, and the cracker can easily get around that hurdle.
(f) Man-In-The-Middle Attacks: A man-in-the-middle attack is one of the more sophisticated attacks that have been cleverly thought up by crackers. This attack revolves around the attacker enticing computers to log into his/her computer which is set up as a soft AP. Once this is done, the cracker connects to a real access point through another wireless card offering a steady flow of traffic through the transparent cracking computer to the real network. The cracker can then sniff the traffic for user names, passwords, credit card numbers...etc. One type of man-in-the-middle attack relies on security faults in challenge and handshake protocols. It is called a “de-authentication attack”. This attack forces AP-connected computers to drop their connections and reconnect with the cracker’s soft AP. Man-in-the-middle attacks are getting easier to pull off due to freeware such as LANjack and AirJack automating multiple steps of the process. What was once done by cutting edge crackers can now be done by less knowledgeable and skilled crackers sitting around public and private hotspots.[11] Hotspots are particularly vulnerable to any attack since there is little to no security on these networks.
(g) Denial of Service: A Denial-of-service attack occurs when an attacker continually bombards a targeted AP or network with bogus requests, premature successful connection messages, failure messages, and/or other commands. These cause legitimate users to not be able to get on the network and may even cause the network to crash. These attacks rely on the abuse of protocols such as the Extensible Authentication Protocol (EAP).
(h) Network Injection: The final attack to be covered is the network injection attack. A cracker can make use of AP points that are exposed to non-filtered network traffic. The cracker injects bogus networking re-configuration commands that affect routers, switches, and intelligent hubs. A whole network can be brought down in this manner and require rebooting or even reprogramming of all intelligent networking devices.
(a) Home Wireless Threats
The need to secure traditional wired Internet connections was felt long before. However, there is a growing trend of shifting to a wireless connection at homes. This involves a process where the user connects a device to his DSL or cable modem that broadcasts the Internet connection through the air over a radio signal to his computer. If traditional wired connections are susceptible to security tribulations, there is a great risk of security breach that may arise when a user opens his Internet connection to the airwaves. An unsecured wireless network coupled with unsecured file sharing can be disastrous. There are, however, steps one can take to protect the wireless network. The following are some of the possible security steps:
(i) Make the wireless network invisible by disabling identifier broadcasting,
(ii) Rename the wireless network and change the default name.
(iii) Encrypt the network traffic,
(iv) Change administrator’s password from the default password. If the wireless network does not have a default password, create one and use it to protect the network,
(v) Use file sharing with caution. If the user does not need to share directories and files over his network, he should disable file sharing on his computers.
(vi) Keep the access point[6] software patched and up to date,
(vii) Check internet provider’s wireless security options as it may provide information about securing your home wireless network,
(viii) Do not auto-connect to open Wi-Fi (wireless fidelity) networks
(ix) Turn off the network during extended periods of non-use, etc.
(b) Public Wireless Threats
The risks to users of wireless technology have increased exponentially as the service has become more popular. There were relatively few dangers when wireless techonology was first introduced. Currently, however; there are a great number of security risks associated with wireless technology. Some issues are obvious and some are not. At a corporate level, it is the responsibility of the Information Technology (IT) department to keep up to date with the types of threats and appropriate counter measures to deploy. Security threats are growing in the wireless arena. Crackers have learned that there is much vulnerability in the current wireless protocols, encryption methods, and in the carelessness and ignorance that exists at the user and corporate IT level. Cracking methods have become much more sophisticated and innovative with wireless. Cracking has become much easier and more accessible with easy-to-use Windows-based and Linux-based tools being made available on the web at no charge. IT personnel should be somewhat familiar with what these tools can do and how to counteract the cracking that stems from them.[7]Accessing the internet via a public wireless access point involves serious security threats. These threats are compounded by the inability to control the security setup of the wireless network. The following steps can be taken to protect oneself at public places:
(a) Be careful while dealing in an online environment if the network is not properly secured. Avoid online banking, shopping, entering credit card details, etc,
(b) Connect using a virtual private network (VPN) as it allows connecting securely. VPNs encrypt connections at the sending and receiving ends, and keep out traffic that is not properly encrypted,
(c) Disable file sharing in public wireless spaces as it is more dangerous than it is on your home wireless network,
(d) Be aware of your surroundings while using a public wireless access point. If an internet connection is not essential, disable wireless networking altogether.
III. Corporate security
The network of companies are equally vulnerable to various cyber attacks and if not properly secured may cost the company tremendous loss of information and money. The following are the types of unauthorised access generally found at companies networks:
(a) Accidental Association: Unauthorised access to company wireless and wired networks can come from a number of different methods and intents. One of these methods is referred to as “accidental association”. This is when a user turns on their computer and it latches on to a wireless access point from a neighboring company’s overlapping network. The user may not even know that this has occurred. However, this is a security breach in that proprietary company information is exposed and now there could exist a link from one company to the other. This is especially true if the laptop is also hooked to a wired network.
(b) Malicious Association: “Malicious associations” are when wireless devices can be actively made by crackers to connect to a company network through their cracking laptop instead of a company access point (AP). These types of laptops are known as “soft APs” and are created when a cracker runs some software that makes his/her wireless network card look like a legitimate access point. Once the cracker has gained access, he/she can steal passwords, launch attacks on the wired network, or plant trojans.
(c) Ad-Hoc Networks: Ad-hoc networks[8] can pose a security threat. Ad-hoc networks are defined as peer to peer networks between wireless computers that do not have an access point in between them. While these types of networks usually have little security, encryption methods can be used to provide security.
(d) Non-Traditional Networks: Non-traditional networks such as personal network Bluetooth devices are not safe from cracking and should be regarded as a security risk. Even bar code scanners, handheld PDAs,[9] and wireless printers and copiers should be secured. These non-traditional networks can be easily overlooked by IT personnel that have narrowly focused on laptops.
(e) Identity Theft (MAC Spoofing): Identity theft occurs when a cracker is able to listen in on network traffic and identify the MAC[10] address of a computer with network privileges. Most wireless systems allow some kind of MAC filtering to only allow authorised computers with specific MAC IDs to gain access and utilize the network. However, a number of programs exist that have network “sniffing” capabilities. Combine these programs with capabilities. Combine these programs with other software that allow a computer to pretend it has any MAC address that the cracker desires, and the cracker can easily get around that hurdle.
(f) Man-In-The-Middle Attacks: A man-in-the-middle attack is one of the more sophisticated attacks that have been cleverly thought up by crackers. This attack revolves around the attacker enticing computers to log into his/her computer which is set up as a soft AP. Once this is done, the cracker connects to a real access point through another wireless card offering a steady flow of traffic through the transparent cracking computer to the real network. The cracker can then sniff the traffic for user names, passwords, credit card numbers...etc. One type of man-in-the-middle attack relies on security faults in challenge and handshake protocols. It is called a “de-authentication attack”. This attack forces AP-connected computers to drop their connections and reconnect with the cracker’s soft AP. Man-in-the-middle attacks are getting easier to pull off due to freeware such as LANjack and AirJack automating multiple steps of the process. What was once done by cutting edge crackers can now be done by less knowledgeable and skilled crackers sitting around public and private hotspots.[11] Hotspots are particularly vulnerable to any attack since there is little to no security on these networks.
(g) Denial of Service: A Denial-of-service attack occurs when an attacker continually bombards a targeted AP or network with bogus requests, premature successful connection messages, failure messages, and/or other commands. These cause legitimate users to not be able to get on the network and may even cause the network to crash. These attacks rely on the abuse of protocols such as the Extensible Authentication Protocol (EAP).
(h) Network Injection: The final attack to be covered is the network injection attack. A cracker can make use of AP points that are exposed to non-filtered network traffic. The cracker injects bogus networking re-configuration commands that affect routers, switches, and intelligent hubs. A whole network can be brought down in this manner and require rebooting or even reprogramming of all intelligent networking devices.
