PL  |  NL  |  FR  |  ES  |  PT  |  IT  |  DE  |  DK  |  NO  |  SE  |  FI  |  GR  |  JP  |  CN  |  KR  |  RU  |  AE

  Report this article

More information

A Typical Modem Connection

How to configure NAT

Quick Tips on Networking

Frame Relay Topologies

When to Use NAT

What is Frame Relay

Frame Relay Virtual Circuits

Dialer Profiles and Dialer Rotary Group Configuration

The Difference Between Hackers and Crackers

DDR and Dialer Profiles

Network Separation

Hacking; Cracking; and Other Malicious Behavior

The use of wireless networks is spreading extremely fast globally. The various deployments of wireless technologies have mainly been around within the last decade, with the second half of the decade witnessing the phenomenal growth in local area networks (WLANs), personal area networks (WPANs), metropolitan area networks (WMANs), handheld devices and cell phones (WWANs). The reasons for the continued growth of wireless networks stem from the recognized benefits of portability, flexibility, increased productivity and lower installation costs. The various types of wireless networks have security vulnerabilities and flaws, which put the data flowing through the network at risk. Most of the risks are similar to the well-established security problems in wired networks, which compromise on the major security requirements of information confidentiality, integrity, non-repudiability, accountability and network availability. A unique security risk of wireless networks is the broadcast nature of the technologies, coupled with the use of air as the communication medium, making the network "a logical equivalent of an Ethernet port in the parking lot" [1]. Since the network is open to intruders, unauthorized users may gain access to the network and modify information, consume network bandwidth, degrade network performance, launch attacks that prevent authorized users from accessing the network, use the network resources to launch attacks on other networks, etc.

The security concerns must be addressed in order to make wireless networks more secure for any prescribed transaction or activity. Some of the major issues considered in this paper include, first, management counter-measures, which are largely based a sound and effective security policy, including security training of personnel. Operational counter-measures address issues related to physical security and covers such areas as access controls, personnel identification and external boundary protection. Finally, the paper discuses the technical countermeasures which address both hardware and software solutions.

Overview of Wireless Technologies

There is a wide range of wireless technologies, some of which are still emerging, and with varying levels of complexities and functionalities. The technologies include:

• WLANs, largely based on IEEE 802.11 standards. Computers and other network components, equipped with wireless network adapters, are connected together using an Access Point (AP) device. The APs have ranges of 100meters typically. This range can be referred to as a cell and the devices within the cell are said to belong to a Basic Service Set (BSS). APs can be linked together to allow the WLAN users "roaming" capability. There are a number of 802.11 standards such as 802.11a, 802.11b, and 802.11g.
• WPANs or ad hoc networks, such as Bluetooth, are designed to dynamically connect remote devices like cell phones, palm tops, laptops, PDAs, without need for infrastructure such as APs, etc. The range is typically limited to within a room, a maximum distance of 10 meters. The devices move within a piconet in any fashion. A master station controls a maximum of eight slave stations within a piconet.
• WMANs provide broadband last mile access to the network cloud. These networks are in many ways similar to WLANs, save for the fact that WMANs incorporate stationary connection devices. 802.16 standard outline the details for these networks.
• Wireless Wide Area Networks (WWANs) include wide area coverage such as 2G and 3G cellular, Cellular Digital Packet Data (CDPD), GSM, etc. the devices commonly used include PDAs, smart phones, etc.

Wireless security threats

Wireless networks are subject to almost all the wired network threats. In particular, wireless networks are subject to certain unique threats, including device theft, denial of service, malicious hackers, malicious code, theft of service, industrial and foreign espionage, etc [1] [2]. The salient threats and vulnerabilities of wireless networks are:

• All wired network vulnerabilities
• Malicious code such as viruses, worms, Trojans, etc which may gain access to a network through a wireless computer, or other devices, potentially bypassing any firewall protection.
• DoS attacks directed at wireless connections or devices
• Malicious codes or entities which may perform masquerade types of attacks on internal of external networks
• Sensitive data may be lost during improper synchronization
• Internal attacks via ad hoc networks

There are also several security problems associated with the early protocol, WEP

• Cryptographic keys are short, shared, and cannot be updated automatically and frequently.
• Initialization Vectors (IVs) are short and static, when coupled with RC4, which has a weak key schedule, allows easy decryption with moderate effort.
• Packet integrity is poor due to the use of a non-encrypted CRC32 error code.
• Weak authentication:
  • No user authentication, only device authentication, so that a stolen device can still access the network.
  • Authentication is not enabled, only simple SSID identification occurs. Since the signals are easy to intercept, this makes masquerade attacks fairly easy to carry out.
  • One-way device authentication, subject to man-in-the-middle type attacks
  • Client does not authenticate the AP, making it relatively easy for rogue APs to join the network.
• Loss of network availability due to relative ease of carrying out DoS attacks. A malicious code can jam the network once it gains control of a client station.
• Increased chances of connecting to untrusted third party networks. The untrusted public networks introduce three major risks:
  • Because the networks are public they provide an opening for malicious users/codes into the network
  • Provide access to the network from other networks
  • Chances of using higher-gain antennas are increased, with the potential danger of increased eaves dropping.

The various risks and vulnerabilities usually fall under the two broad classes of attacks: passive and active. Passive attacks can be either eavesdropping or network analysis, in which there is no modification of information content. Active attacks involve modification of the information, and include masquerading, replay, message modification and DoS. The consequences of these attacks can be many, as highlighted above.

Countermeasures

An organization must take steps that will minimize the effects of the various risks and vulnerabilities on the network. While it may be impossible to eradicate all the risks, but efforts must be made to minimize the effects and optimize network performance in terms of availability, confidentiality, integrity and non-repudiability. The countermeasures can be classified as management, operational and technical.

Management countermeasures

The major management efforts towards achieving maximal system security are development and compliance with network security policy and the training of staff. Security policy is often ignored, but it is essential for any successful network security effort. "Without a security policy, the availability of your network can be compromised. The policy begins with assessing the risk to the network and building a team to respond. Continuation of the policy requires implementing a security change management practice and monitoring the network for security violations. Lastly, the review process modifies the existing policy and adapts to lessons learned." [3]. A good security policy should capture the whole life cycle of a wireless network, and has a strong influence on the implementation of the network and its security components. Some of the issues that must be captured include:

• Identify which WLAN technology to implement and who may use this, together with whether Internet access is necessary.
• Specify the locations and physical security for APs, as well as the security setting s for the APs.
• Describe the type of information that is allowed over the wireless network, and limitations on the use of the wireless devices.
• Describe the allowed software and hardware configurations for all wireless devices.
• Provide guidelines on the use of encryption/decryption and the reporting of any devices loss/theft.

Another important management countermeasure is ensuring all network users are thoroughly trained on the security of wireless networks. The level and depth of training depends on the role of the individual within the network. If all users are adequately trained and made aware of the security implications in wireless devices, then the chances of security breeches will be substantially reduced.

Operational Countermeasures

Any network cannot be more logically secure than it is physically secure. Physical security of the wireless network infrastructure is critical for a successful security effort. Effective access controls, coupled with tamperproof personnel identification and external boundary protections will go a long way in ensuring an effective security system. Suitable biometric identification systems can be used, along side locked doors and surveillance cameras can provide good physical access control. Some of these actions may appear uncalled for at the initial stages, but prevention is always better than cure! APs should be sited such that the range is as close as possible to the physical boundaries of the buildings. This can minimize the eavesdropping activities of the "war-driving" intruders. The similar approach should be applied in choosing the location of wireless components like bridges and routers.

Technical countermeasures

Management and operational countermeasures are not, in themselves, adequate to achieve an acceptable level of wireless network security. Hardware and software solutions must also be incorporated.

Software countermeasures

Software solutions involve proper AP configurations, software patches and upgrades, authentication, intrusion detection systems and encryption. Some of these solutions like software patches and upgrades are often taken for granted, but if religiously followed often mean a better-protected network.

• AP configuration must be done correctly. Default settings should not be necessarily used. The configuration should be done according to the security policy document, and should include administrator passwords, encryption settings, rest functions, automatic network function, Ethernet MAC address Access Control Lists, shared keys and Simple Network Management Protocol (SNMP) agents.
• Strong administrator passwords, and /or two-factor authentication should be configured using a symmetric key algorithm to generate a new code each minute. Alternatively the user PIN is paired with smart card number for authentication purpose. SSH and SSL can be exploited to ensure transmission confidentiality is maintained.
• Encryption settings should be set for the strongest encryption available with the wireless network security protocols. Where possible, technologies with more secure encryption algorithms, such as WPA or WPA2 should be used.
• The configuration should be done to avoid the possibility of a user of intruder pressing the rest function. When pressed this function has the effect of negating any administrator configured settings and restoring the rather "open" default settings. Regular monitoring and use of strong passwords are good mitigations for the rest function.
• Configuring MAC ACLs can be useful, but must be done with caution because most systems send these addresses in clear text, leaving the system prone to spoofing attacks.
• The SSID of the AP must always be changed from the default setting. In addition it is always recommended to disable the broadcast SSID feature. Intruders can exploit this feature by scanning all APs using probe request frames and obtaining the SSIDs from the probe response.
• Other configurations include maximizing the beacon intervals, changing the default channel and using a DHCP server for allocating IP addresses to APs when traversing subnets.
• Security can be further enhanced by use of software personal firewalls during the configuration. Client-base or central options are available and choice should be dictated by the situation.
• Intrusion Detection Systems (IDS) are also useful in enhancing wireless security. These solutions help determine whether unauthorized persons are attempting access, have already accessed or have compromised the network security. The IDS for wireless network can be host-based, network-based or hybrid. The chosen IDS solution should not be same as those used for wired networks, but must have capabilities for wireless network monitoring.

Hardware countermeasures

Hardware solutions are usually available and do not function in isolation. In most situations these solutions operate along side software solutions. There are solutions that operate together with operational countermeasures mentioned above. The solutions include smart cards, Virtual Private Networks (VPNs), Public Key Infrastructure (PKI), biometrics, etc.

• Smart cards add another level of protection, but the expense of increased complexity. The cards can be used in two-factor authentication together with user password.
• VPN technologies are emerging as a secure method of transmitting information over the public Internet. These technologies employ cryptographic techniques to protect data against intruders and provide robust confidentiality, integrity, data origin authentication and traffic analysis protection. IPSec used in VPNs can be used to tunnel the weaker WEP and make it appear stronger during transmission.
• PKI provides the framework and services for the generation, production, distribution, control and accounting of public key certificates. These systems usually integrate easily with wireless network technologies to provide a secure network.

Conclusion

Wireless networks are continuing to grow in terms of deployment numbers. The security of these systems is crucial. The security of wireless networks is enhanced through various approaches, including management, operational and technical counter measures. What is suitable for one situation is not necessarily suitable for another, but components of each approach should be carefully selected to ensure compliance with the security policy.

References

[1] Karygiannis T, Owens L. (2002) "Wireless Network Security: 802.11, Bluetooth and Handheld Devices". NIST Special Publication 800-48. http://csrc.nist.gov/publications/nistpubs/index.html

[2] Symantec White Paper (SGS_300_10256537_WirelessWhitePaper.pdf) on Small Business Solutions (2005) "Secure Wireless Networking for Small Business". Available at http://www.symantec.com

[3] CISCO Network Security Policy: Best Practices White Paper http://www.cisco.com/warp/public/126/secpol.pdf