Embed Size (px)
DESCRIPTION
Wireless Lan Security
Citation preview
IndexContents Page No.1 Introduction 12 Types Of Wireless Lans 13 Wireless Fidelity 24 Wlan Components 34.1 Access Points 34.2 Network Interface Cards (Nics)/Client Adapters 45 Wlan Architecture 45.1 Independent Wlan 45.2 Infrastructure Wlan 55.3 Microcells And Roaming 56 Ieee 802.11 Architectures 66.1 Basic Wlan Architecture 77 Benefits Of Wireless Lans 87.1 Simplified Implementation And Maintenance 87.2 Extended Reach 87.3 Increased Worker Mobility 87.4 Reduced Total Cost Of Ownership And Operation 88 Wireless Lan Topology 98.1 Wi-Fi Channels 99 Threats To Wlan Environments 109.1 Type Of Attacks 1110 Security Features Of Wireless Lans 1210.1 Authentication 1310.2 Association 1410.3 Encryption And Decryption-The Wep Protocol 1411 Wireless Lan Monitoring Tool 1611.1 How It Works 1611.2 Use Wifi Manager Tool 1612 Features 1713 New Standards For Improving Wlan Security 1813.1 Advanced Encryption Standard (Aes) 1814 Temporal Key Integrity Protocol (Tkip) 1915 Tools For Protecting Wlan 2016 Conclusion 2217 References 23
1 INTRODUCTION1
Wireless local area networks (WLANs) based on the Wi-Fi (wireless fidelity) standards are
one of today's fastest growing technologies in businesses, schools, and homes, for good
reasons. They provide mobile access to the Internet and to enterprise networks so users can
remain connected away from their desks. These networks can be up and running quickly
when there is no available wired Ethernet infrastructure. They can be made to work with a
minimum of effort without relying on specialized corporate installers.
Wireless LANs are a boon for organizations that don't have time to setup wired LANs, make
networked temporary offices a reality and remove the wire work that goes on in setting
LANs. They are reported to reduce setting up costs by 15%. But, with these benefits come the
security concerns. One doesn't need to have physical access to your wires to get into your
LANs now. Any attacker, even though sitting in your parking lot, or in your neighboring
building, can make a mockery of the security mechanisms of your WLAN. If you don't care
about security, then go ahead; buy those WLAN cards/ Access Points. But, if you do, watch
out for the developments on the security front of 802.11. As this report and many such others
tell, contrary to 802.11's claims, WLANs have very little security. An attacker can listen to
you, take control of your laptops/desktops and forge him to be you. He can cancel your
orders, make changes into your databases, or empty your credit cards.
Think like an attacker and take proper countermeasures. Have dynamic system
administrators. Those attackers won't be lucky every time! The key is, be informed! Wireless
LANs (WLANs) are quickly gaining popularity due to their ease of installation and higher
employee mobility. Together with PDAs and other mobility devices, they go on to improve
the quality of life
2 TYPES OF WIRELESS LANS
The part of success behind the popularity of WLANs is due to the availability of the 802.11
standard from IEEE. The standard specifies operation of WLANs in three ways:
Infrastructure Mode: Every WLAN workstation (WS) communicates to any machine
through an access point (AP). The machine can be in the same WLAN or connected to
the outside world through the AP.
Ad Hoc Network Mode: Every WS talks to another WS directly.
2
Mixed Network Mode: Every WS can work in the above two modes simultaneously.
This is also called the Extended Basic Service Set (EBSS)
FIG.1 TYPE OF WIRELESS LAN
3 WIRELESS FIDELITY
Wi-Fi, or Wireless Fidelity is freedom : it allows you to connect to the internet from your
couch at home, in a hotel room or a conference room at work without wires . Wi-Fi is a
wireless technology like a cell phone. Wi-Fi enabled computers send and receive data indoors
and out; anywhere within the range of a base station. And the best thing of all, it is fast.
However you only have true freedom to be connected any where if your computer is
configured with a Wi-Fi CERTIFIED radio (a PC card or similar device). Wi-Fi certification
means that you will be able to connect anywhere there are other Wi-Fi CERTIFIED products
- whether you are at home , office , airports, coffee shops and other public areas equipped
with a Wi-Fi access availability. Wi-Fi will be a major face behind hotspots , to a much
greater extent. More than 400 airports and hotels in the US are targeted as Wi-Fi hotspots.
3
The Wi-Fi CERTIFIED logo is your only assurance that the product has met rigorous
interoperability testing requirements to assure products from different vendors will work
together. The Wi-Fi CERTIFIED logo means that it is a "safe" buy.
Wi-Fi certification comes from the Wi-Fi Alliance, a non profit international trade
organisation that tests 802.11 based wireless equipment to make sure that it meets the Wi-Fi
standard and works with all other manufacturer's Wi-Fi equipment on the market. The Wi-Fi
Alliance (WELA) also has a Wi-Fi certification program for Wi-Fi products that meet
interoperability standards. It is an international organisation devoted to certifying
interoperability of 802.11 products and to promoting 802.11as the global wireless LAN std
across all market segment.
• Wi-Fi (short for “Wireless Fidelity") is the popular term for a high-frequency
wireless local area network (WLAN) -Promoted by the Wi-Fi Alliance (Formerly
WECA - Wireless Ethernet Carriers Association)
• Used generically when referring to any type of 802.11 network, whether 802.11a,
802.11b, 802.11g, dual-band, etc. The term is promulgated by the Wi-Fi Alliance
4 WLAN COMPONENTS
One important advantage of WLAN is the simplicity of its installation. Installing a wireless
LAN system is easy and can eliminate the needs to pull cable through walls and ceilings. The
physical architecture of WLAN is quite simple. Basic components of a WLAN are access
points (APs) and Network Interface Cards (NICs)/client adapters.
4.1 Access Points
Access Point (AP) is essentially the wireless equivalent of a LAN hub. It is typically
connected with the wired backbone through a standard Ethernet cable, and communicates
with wireless devices by means of an antenna. An AP operates within a specific frequency
spectrum and uses 802.11 standard specified modulation techniques. It also informs the
wireless clients of its availability, and authenticates and associates wireless clients to the
wireless network.
4.2 Network Interface Cards (NICs)/client adapters
4
Wireless client adapters connect PC or workstation to a wireless network either in ad hoc
peer-to-peer mode or in infrastructure mode with APs (will be discussed in the following
section). Available in PCMCIA (Personal Computer Memory Card International Association)
card and PCI (Peripheral Component Interconnect), it connects desktop and mobile
computing devices wirelessly to all network resources. The NIC scans the available
frequency spectrum for connectivity and associates it to an access point or another wireless
client. It is coupled to the PC/workstation operating system using a software driver. The NIC
enables new employees to be connected instantly to the network and enable Internet access in
conference rooms.
5 WLAN ARCHITECTURE
The WLAN components mentioned above are connected in certain configurations. There are
three main types of WLAN architecture: Independent, Infrastructure, and Microcells and
Roaming.
5.1 Independent WLAN
The simplest WLAN configuration is an independent (or peer-to-peer) WLAN. It is a group
of computers, each equipped with one wireless LAN NIC/client adapter. In this type of
configuration, no access point is necessary and each computer in the LAN is configured at the
same radio channel to enable peer-to-peer networking. Independent networks can be set up
whenever two or more wireless adapters are within range of each other.
FIG.2 INDEPENDENT WLAN
5.2 Infrastructure WLAN
5
Infrastructure WLAN consists of wireless stations and access points.
Access Points combined with a distribution system (such as Ethernet) support the creation of
multiple radio cells that enable roaming throughout a facility. The access points not only
provide communications with the wired network but also mediate wireless network traffic in
the immediate neighborhood. This network configuration satisfies the need of large-scale
networks arbitrary coverage size and complexities.
FIG. 3 INFRASTRUCTURE WLAN CONSISTS OF WIRELESS STATIONS AND ACCESS POINTS.
5.3 Microcells and Roaming
The area of coverage for an access point is called a "microcell’. The installation of multiple
access points is required in order to extend the WLAN range beyond the coverage of a single
access. One of the main benefits of WLAN is user mobility. Therefore, it is very important to
ensure that users can move seamlessly between access points without having to log in again
and restart their applications. Seamless roaming is only possible if the access points have a
way of exchanging information as a user connection is handed off from one access point to
another. In a setting with overlapping microcells, wireless nodes and access points frequently
check the strength and quality of transmission. The WLAN system hands off roaming users
to the access point with the strongest and highest quality signal, in accommodating roaming
from one microcell to another.
6
FIG. 4 MICROCELLS AND ROAMING
6 IEEE 802.11 ARCHITECTURES
In IEEE's proposed standard for wireless LANs (IEEE 802.11), there are two different ways
to configure a network: ad-hoc and infrastructure. In the ad-hoc network, computers are
brought together to form a network "on the fly." As shown in Figure 1, there is no structure to
the network; there are no fixed points; and usually every node is able to communicate with
every other node. A good example of this is the aforementioned meeting where employees
bring laptop computers together to communicate and share design or financial information.
Although it seems that order would be difficult to maintain in this type of network,
algorithms such as the spokesman election algorithm (SEA) [4] have been designed to "elect"
one machine as the base station (master) of the network with the others being slaves. Another
7
algorithm in ad-hoc network architectures uses a broadcast and flooding method to all other
nodes to establish who's who.
6.1 Basic WLAN Architecture
FIG. 5 BASIC WLAN
Some of the business advantages of WLANs include
" Mobile workers can be continuously connected to their crucial applications and data;
" New applications based on continuous mobile connectivity can be deployed;
" Intermittently mobile workers can be more productive if they have continuous access to
email, instant messaging, and other applications;
" Impromptu interconnections among arbitrary numbers of participants become possible.
" But having provided these attractive benefits, most existing WLANs have not effectively
addressed security-related issues.
7 BENEFITS OF WIRELESS LANS
8
A traditionally wired 10/100 BaseT Ethernet LAN infrastructure for 100 people costs about
US$15,000 and requires several days to install (see Figure 1). Enterprises that use such an
arrangement also incur additional costs and disruptions with every change to the physical
office. (Expenses vary according to the physical layout and the quality of the equipment
used.) Conversely, wireless LANs are less expensive and less intrusive to implement and
maintain, as user needs change.
7.1 Simplified Implementation And Maintenance
Wireless APs can be placed in the ceiling, where they can accommodate a virtually endless
variety of office configurations (see Figure 2). Wired LANs, in contrast, consume time and
resources to run cables from a network closet to user’s desktops and to difficult-to-service
areas such as conference room tables and common areas. With a wired LAN, each additional
user or modification to the floor plan necessitates adjustments to the cabling system.
7.2 Extended Reach
Wireless LANs enable employees to access company resources from any location within an
AP’s transmission range. This flexibility and convenience can directly improve employee
productivity.
7.3 Increased Worker Mobility
The roaming benefits of wireless LANs extend across all industries and disciplines. The shop
foreman can manage logistics from the warehouse as easily as office-based employees move
about the building with their laptops or PDAs. And field sales employees can connect to
public wireless LANs in coffee shops and airport lounges.
7.4 Reduced Total Cost Of Ownership And Operation
The cumulative benefits of simplified implementation and maintenance, an extended LAN
reach, and the freedom to roam minimize expenses and improve organizational and employee
productivity. The result is reduced total cost of ownership and operation.9
8 WIRELESS LAN TOPOLOGY
• Wireless LAN is typically deployed as an extension of an existing wired network as
shown below.
FIG.6 LAN TOPOLOGY
8.1 Wi-Fi Channels
• Wireless LAN communications are based on the use of radio signals to exchange
information through an association between a wireless LAN card and a nearby access
point.
• Each access point in an 802.11b/g network is configured to use one radio frequency
(RF) channel.
• Although the 802.11b/g specifications indicate that there are fourteen (14) channels
that can be utilized for wireless communications, in the U.S., there are only eleven
channels allowed for AP use. In addition, since there is frequency overlap among
many of the channels, there must be 22 MHz separation between any two channels in
use.
• In a multi-access point installation, where overlapping channels can cause
interference, dead-spots and other problems, Channels 1, 6 and 11 are generally
10
regarded as the only safe channels to use. Since there are 5 5MHz channels between 1
and 6, and between 6 and 11, or 25MHz of total bandwidth, that leaves three MHz of
buffer zone between channels.
• In practice, this constraint limits the number of useable channels to three (channels 1,
6, and 11). 802.11a wireless networks have eight non-overlapping channels which
provide more flexibility in terms of channel assignment.
• For example, 802.11a - An extension to the IEEE 802.11 standard that applies to
wireless LANs and provides up to 54 Mbps in the 5GHz band.
• For the North American users, equipment available today operates between
5.15 and 5.35GHz.
• This bandwidth supports eight separate, non-overlapping 200 MHz channels.
• These channels allow users to install up to eight access points set to different channels
without interference, making access point channel assignment much easier and
significantly increasing the level of throughput the wireless LAN can deliver within a
given area.
• If two access points that use the same RF channel are too close, the overlap in their
signals will cause interference, possibly confusing wireless cards in the overlapping
area.
• To avoid this potential scenario, it is important that wireless deployments be carefully
designed and coordinated.
• It is also critical to make sure that deployment does not cause conflicts with other pre-
existing wireless implementations.
9 THREATS TO WLAN ENVIRONMENTS
All wireless computer systems face security threats that can compromise its systems and
services. Unlike the wired network, the intruder does not need physical access in order to
pose the following security threats:
Eavesdropping This involves attacks against the confidentiality of the data that is being
transmitted across the network. In the wireless network, eavesdropping is the most significant
threat because the attacker can intercept the transmission over the air from a distance away
from the premise of the company.
11
FIG.7 WLAN ENVIRONMENT
Tampering The attacker can modify the content of the intercepted packets from the wireless
network and this results in a loss of data integrity.
Unauthorized access and spoofing The attacker could gain access to privileged data and
resources in the network by assuming the identity of a valid user. This kind of attack is
known as spoofing. To overcome this attack, proper authentication and access control
mechanisms need to be put up in the wireless network.
Denial of Service In this attack, the intruder floods the network with either valid or invalid
messages affecting the availability of the network resources. The attacker could also flood a
receiving wireless station thereby forcing to use up its valuable battery power.
Other security threats The other threats come from the weakness in the network
administration and vulnerabilities of the wireless LAN standards, e.g. the vulnerabilities of
the Wired Equivalent Privacy (WEP), which is supported in the IEEE 802.11 wireless LAN
standard.
9.1 Type of Attacks
The following known attacks are known to be effective:
• Passive Attacks
1 Dictionary based attacks
2 Cracking the WEP key
• Active attacks12
1 Authentication Spoofing
2 Message Injection
3 Message Modification
4 Message Decryption
5 Man in the Middle Attack
As with other networks, the active attacks are riskier but provide greater powers to the
attacker.
Passive Attacks Active attacks
No risk involved
No need to be the part of networks, because
the WLAN cards support monitor mode,
whereby one can listen to the
communication without being a part of the
network
The attacker can only listen to whatever is
going on. He can not fiddle with the
network
Riskier
The attacker has to first get into the
network, before doing damages
The attacker can interrupt, hijack and
control
the network at his will
10 SECURITY FEATURES OF WIRELESS LANS
A message traveling by air can be intercepted without physical access to the wiring of an
organization. Any person, sitting in the vicinity of a WLAN with a transceiver with a
capability to listen/talk, can pose a threat. Unfortunately, the same hardware that is used for
WLAN communication can be employed for such attacks.
To make the WLANs reliable the following security goals were considered:
• Confidentiality
• Data Integrity
• Access Control
The following security measures are a part of the 802.11 IEEE protocol:
13
• Authentication
• Association
• Encryption
The need of a client to be mobile brought in the separation of authentication and association
processes. Since a client frequently changes AP boundaries, he can be authenticated to
various AP at a given point, yet remains associated to his chosen one. Before a client gets
associated to other, he must be first authenticated.
FIG: 8 AUTHENTICATION & ASSOCIATION
10.1 Authentication
802.11 specify two authentication mechanisms:
1 Open system authentication
2 Shared key authentication
• Open system authentication
A client needs an SSID for successful Association. Any new client that comes in an EBSS
area is provided with an SSID. This is equivalent to no security.
14
FIG : 9 OPEN SYSTEM AUTHENTICATION
• Shared system authentication
The client cannot authenticate himself if he doesn't have the WEP shared secret key. WEP
protocol is used for encryption.
FIG : 9 SHARED KEY AUTHENTICATION
10.2 Association
An SSID is used to differentiate two networks logically. To successfully associate to a WS,
one must have the SSID of the other WS. This was not intended to be a security feature, and
in fact SSID is sent in open in the beacon frame of the AP.
10.3 Encryption and Decryption-The WEP Protocol
The WLAN administrator has an option (if the administrator decides to send the packets
unencrypted) to make all the communication over the air encrypted, i.e. every frame that is
below the Ethernet Header is encrypted using the WEP protocol. The WEP protocol has
three components:
• A shared secret key, k (40bit /104 bit): The fact that the secret key is shared helps reduce
the load on AP, while simultaneously assuming that whoever is given the secret key is a
trusted person. This shared key is never sent over the air.802.11 doesn't discuss the
deployment of this key onto Work Stations. It has to be installed manually at each WS/AP.
Most APs can handle up to four shared secret keys.
• Initialization vector, IV (24 bit): IV is a per-packet number that is sent in clear over the air.
This number is most effective if generated randomly, because it is used as one of the inputs to
the RC4 algorithm. 802.11 don’t specify generation of IV. Infact, many cards generate IVs in
linear fashion, i.e., 1,2,3…
15
• RC4 algorithm, RC4 (IV, k): This algorithm is used to generate a key stream K, length
equal to that of the message to be transmitted by the data-link layer. It takes the IV and k as
inputs.
FIG :10 ENCRYPTION & DECRYPTION ON WEP
FIG :11 ENCRYPTION
11 WIRELESS LAN MONITORING TOOL
Manage Engine WiFi Manager is an integrated and centralized management and security
solution for wireless networks (WLANs) for enterprises. It enhances the availability and 16
security of your WLANs by continuously monitoring the network as well as the airspace.
WiFi Manager offers wireless device monitoring, one-click configuration, access point
firmware management, wireless security management and a variety of reports that remove the
complexity of wireless network management. WiFi Manager can detect almost all major
wireless threats including rogue attacks, intrusions, sniffers, DoS attacks, and vulnerabilities.
With WiFi Manager you'll have complete control over your wireless devices as well as your
airspace, and more time to focus on core IT operations.
11.1 How It Works
WiFi Manager comprises of 2 components:
WiFi Manager Server
RF Sensors
Administrators can download the WiFi Manager server from our website and install it in the
LAN to perform integrated wireless and wired network management. RF sensors are optional
hardware components that are distributed throughout the physical environment, providing
WLAN protection wherever needed. The WiFi Manager server aggregates, analyzes, and
persists the data fed by the sensors. WiFi Manager presents a neat Web-based user interface
that can be accessed from anywhere using a standard HTML browser.
11.2 Use WiFi Manager Tool
Identify rogue wireless devices
Know who is using your WLAN
Know what access points are connected to your WLAN
Monitor your WLAN devices
Monitor Access Point bandwidth utilization
Configure your WLAN Access Points
Enhance and enforce wireless LAN security.
Proactively manage the network problems before they impact the network.
Identify network bottlenecks, reduce downtime, and to improve network health and
performance.
Troubleshoot network problems.
17
Capture and decode wireless traffic for testing and troubleshooting.
Upgrade firmware, schedule upgrades, and audit them.
Enforce no WLAN policy.
FIG.12 USE WIFI MANAGER
12 FEATURES
Continuous RF Monitoring
Using integrated RF sensors WiFi Manager analyses the RF spectrum for all 802.11
conversations and identifies intrusions, attacks, vulnerabilities, and policy violations. Local
analysis and intelligent data forwarding ensures low bandwidth consumption between sensors
and the software. These sensors require zero configurations making it truly plugand- play.
Rogue Detection & Blocking
Multiple techniques involving RF and wired side inputs are employed to detect rogue access
points. Once detected, WiFi Manager provides details such as nearest sensor and switch port
mapping for the administrators to locate and block the rogue AP from the network.
Attack Mitigation
WiFi Manager reduces the impact of wireless attacks by detecting them before hand. It
detects all major attacks including RF jamming attack, AirJack attack,
ASLEAP attack, Fata-jack attack, EAPoL logoff Storm, EAPoL Start Storm etc.
12.4Access Point Configuration
18
Using WiFi Manager administrators can configure access point for basic settings, radio
settings, access control settings, security settings, and services settings. Administrators can
either fill in predefined configuration templates and push the values to select access points or
group access points based on model, firmware version etc., and configure them in bulk.
Firmware Upgrade
WiFi Manager facilitates remote firmware upgrade of access points. Upgrades can also be
scheduled for later execution.
Wired & Wireless Network Monitoring
WiFi Manager monitors access points and other network devices for availability, SNMP
reachability, traffic, and utilization. It generates specific reports for WLANs including radio
reports, error reports, association reports, and security reports.
Troubleshooting
Web-based GUI enables quick access to alarms, reports, configuration history etc.,
facilitating easy troubleshooting
13 NEW STANDARDS FOR IMPROVING WLAN SECURITY
Apart from all of the actions in minimizing attacks to WLAN mentioned in the previous
section, we will also look at some new standards that intend to improve the security of
WLAN
13.1 Advanced encryption Standard (AES)
Advanced Encryption Standard is gaining acceptance as appropriate replacement for RC4
algorithm in WEP. AES uses the Rijandale Algorithm and supports the following key lengths
" 128 bit key
" 192 bit key
" 256 bit key
AES is considered to be un-crackable by most Cryptographers. NIST has chosen AES for
Federal Information Processing Standard (FIPS). In order to improve wireless LAN security
the 802.11i is considering inclusion of AES in WEPv2.
19
14 TEMPORAL KEY INTEGRITY PROTOCOL (TKIP)
The temporal key integrity protocol (TKIP), initially referred to as WEP2, is an interim
solution that fixes the key reuse problem of WEP, that is, periodically using the same key to
encrypt data. The TKIP process begins with a 128-bit "temporal key" shared among clients
and access points. TKIP combines the temporal key with the client's MAC address and then
adds a relatively large 16-octet initialization vector to produce the key that will encrypt the
data. This procedure ensures that each station uses different key streams to encrypt the data.
TKIP also prevents the passive snooping attack by hashing the IV.
TKIP uses RC4 to perform the encryption, which is the same as WEP. A major difference
from WEP, however, is that TKIP changes temporal keys every 10,000 packets. This
provides a dynamic distribution method that significantly enhances the security of the
network.
The Temporal Key Integrity Protocol is part of the IEEE 802.11i encryption standard for
wireless LANs. TKIP is the next generation of WEP, the Wired Equivalency Protocol, which
is used to secure 802.11 wireless LANs. TKIP provides per-packet key mixing, a message
integrity check and a re-keying mechanism, thus fixing the flaws of WEP.
FIG.13 TEMPORAL KEY INTEGRITY PROTOCOL
An advantage of using TKIP is that companies having existing WEP-based access points and
radio NICs can upgrade to TKIP through relatively simple firmware patches. In addition,
WEPonly equipment will still interoperate with TKIP-enabled devices using WEP. TKIP is a
temporary solution, and most experts believe that stronger encryption is still needed.
20
The temporal key integrity protocol (TKIP) which initially referred to as WEP2, was
designed to address all the known attacks and deficiencies in the WEP algorithm. According
to 802.11 Planet [6], the TKIP security process begins with a 128-bit temporal-key, which is
shared among clients and access points. TKIP combines the temporal key with the client
machine's MAC address and then adds a relatively large 16-octet initialization vector to
produce the key that will encrypt the data. Similar to WEP, TKIP also uses RC4 to perform
the encryption. However, TKIP changes temporal keys every 10,000 packets. This difference
provides a dynamic distribution method that significantly enhances the security of the
network. TKIP is seen as a method that can quickly overcome the weaknesses in WEP
security, especially the reuse of encryption keys. The following are four new algorithms and
their function that TKIP adds to WEP:
i. A cryptographic message integrity code, or MIC, called Michael, to defeat forgeries.
ii. A new IV sequencing discipline, to remove replay attacks from the attacker’s arsenal.
iii. A per-packet key mixing function, to de-correlate the public from weak keys.
iv. A re-keying mechanism, to provide fresh encryption and integrity keys, undoing the threat
of attacks stemming from key reuse.
15 TOOLS FOR PROTECTING WLAN
There are some products that can minimize the security threats of WLAN such as:
AirDefense It is a commercial wireless LAN intrusion protection and management system
that discovers network vulnerabilities, detects and protects a WLAN from intruders and
attacks, and assists in the management of a WLAN. AirDefense also has the capability to
discover vulnerabilities and threats in a WLAN such as rogue APs and ad hoc networks.
Apart from securing a WLAN from all the threats, it also provides a robust WLAN
management functionality that allows users to understand their network, monitor network
performance and enforce network policies [1].
Isomair Wireless Sentry This product from Isomair Ltd. automatically monitors the air
space of the enterprise continuously using unique and sophisticated analysis technology to
identify insecure access points, security threats and wireless network problems. This is a
dedicated appliance employing an Intelligent Conveyor Engine (ICE) to passively monitor
wireless networks for threats and inform the security managers when these occur. It is a
21
completely automated system, centrally managed, and will integrate seamlessly with existing
security infrastructure. No additional man-time is required to operate the system.
Wireless Security Auditor (WSA) It is an IBM research prototype of an 802.11 wireless
LAN security auditor, running on Linux on an iPAQ PDA (Personal Digital Assistant). WSA
helps network administrators to close any vulnerabilities by automatically audits a wireless
network for proper security configuration. While there are other 802.11 network analyzers
such as Ethereal, Sniffer and Wlandump, WSA aims at protocol experts who want to capture
wireless packets for detailed analysis. Moreover, it is intended for the more general audience
of network installers and administrators, who want a way to easily and quickly verify the
security configuration of their networks, without having to understand any of the details of
the 802.11 protocols.
16 CONCLUSION
22
The general idea of WLAN was basically to provide a wireless network infrastructure
comparable to the wired Ethernet networks in use. It has since evolved and is still currently
evolving very rapidly towards offering fast connection capabilities within larger areas.
However, this extension of physical boundaries provides expanded access to both authorized
and unauthorized users that make it inherently less secure than wired networks.
WLAN vulnerabilities are mainly caused by WEP as its security protocol.
However, these problems can be solved with the new standards, such as 802.11i, which is
planned to be released later this year. For the time being, WLAN users can protect their
networks by practicing the suggested actions that are mentioned in this paper based on the
cost and the level of security that they wish.
Wireless LAN security has a long way to go. Current Implementation of WEP has proved to
be flawed. Further initiatives to come up with a standard that is robust and provides adequate
security are urgently needed. The 802.1x and EAP are just mid points in a long journey. Till
new security standard for WLAN comes up third party and proprietary methods need to be
implemented.
While there are serious vulnerabilities when using WLANs. Taking certain precautions to
safeguard the confidentiality and integrity of your data can make your WLAN as safe as the
wired equivalent. Although these precautions may cost more effort and money, they are
necessary if you have an existing WLAN or intend to implement one. The 802.11 Tgi group
is working on new ways to replace WEP with schemes such as replacing the RC4 with AES
and adding sequence numbers to packets to prevent replay attacks. Until such schemes are
finalized and available as the 802.11i standard, there will be no complete fix for these
existing vulnerabilities. Like most advances, wireless LANs pose both opportunities and
risks. The technology can represent a powerful complement to an organization’s networking
capabilities, enabling increased employee productivity and reducing IT costs. To minimize
the attendant risks, IT administrators can implement a range of measures, including
establishment of wireless security policies and practices, as well as implementation of various
LAN design and implementation measures. Achieving this balance of opportunity and risk
allows enterprises to confidently implement wireless LANs and realize the benefits this
increasingly viable technology offers.
17 REFERENCES
Nikita Borisov, Ian Goldberg, and David Wagner, UC Berkeley, “Security of the WE
23
Algorithm,” (http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html)
Wayne Caswell, “Wireless Home Networks: Disconnected Connectivity,” Home
Toys,
April 2000 (http://www.hometoys.com/mentors/caswell/apr00/wireless.htm)
Joel Conover, “Wireless LANs Work Their Magic,” Networking Computing, July
2000 (http://www.networkcomputing.com/1113/1113f2full.html)
Joel Conover, “First Things First—Top 10 Things to Know About Wireless,”
Networking Computing, July 2000
(http://www.networkcomputing.com/1113/1113f2side2.html)
John Cox, “LAN Services Set to Go Wireless,” Network World, August 20, 2001
(http://www.nwfusion.com/news/2001/0820wireless.html)
o Andy Dornan, “Emerging Technology: Wireless LAN Standards,” 2/6/02,
NetworkMagazine.com
(http://networkmagazine.com/article/NMG20020206S0006)
o Dale Gardner, “Wireless Insecurities,” Information Security magazine,
January 2002
(http://www.infosecuritymag.com/articles/january02/cover.shtml)
o IEEE Working Group for WLAN Standards
(http://grouper.ieee.org/groups/802/11/index.html)
o Dave Molta, “The Road Ahead for Wireless,” Network Computing, July 9,
2001
(http://www.networkcomputing.com/1214/1214colmolta.html)
Practically Networked, “Wireless Encryption Help”
(http://www.practicallynetworked.com/ support/wireless_encrypt.htm)
Practically Networked, “Securing Your Wireless Network”
(http://www.practicallynetworked.com/ support/wireless_secure.htm)
Practically Networked, “Mixing WEP Encryption Levels”
(http://www.practicallynetworked.com/ support/mixed_wep.htm)
Practically Networked, “Should I Use NetBeui?”
(http://www.practicallynetworked.com/ sharing/netbeui.htm)
24
