Wireless+Security

= =

= =

About Wireless Networks:
In 1999, technology introduced Wireless LANs to allow people to conect to things wirelessly such as computers as well as other devices. Wireless LANs gave people the freedom to go mobile with sending/recieving or retrieving data on their devices. However, wireless users have ran into a few unexpected problems with security issues concerning unwanted guest accessing network infrastuctures. Networks that are wired, opperate by sending traffic through a physically private dedicated line; unlike the wireless networks which send traffic over shared space, airwaves. Due to the networks having shared space airwaves, additional security measures must go into place to prevent interference from things like cordless phones and microwaves. Security is an important part of a home wireless network, as well as public WiFi hotspots. If a router is set to create an open hotspot, your signal is vulnerable to unwanted guests. There are a few recommended steps to ensure that unwanted guests will be unable to access your signal. = = = =

= =

Recommended Applications:

 * ===ZoneAlarm® Wireless Security===



> firewall, ZoneAlarm Wireless Security automatically detects and secures both wireless and wired network connections. Easily configure and save security settings for each wireless network you use - at home or on the road. ZoneAlarm Wireless Security also provides essential inbound and outbound e-mail protection.
 * ZoneAlarm Wireless Security is specifically designed to protect computers connected to wireless networks. Built on the award winning ZoneAlarm®


 * The SSID or Service Set Identifier, should be your first small line of defense. It helps to differentiate one network from another. Most APs all have a standard default according to the manufacturer, for instance 'lynksys' for Linksys. When creating your SSID you should treat it the same way you would treat a password, something long and not easy to guess.


 * Wardriving (Sniffers) also known as Packet Sniffers are a legitimate software used by network administrators and other security personnel to monitor network traffic. While monitoring the administrator can use in information from the packet sniffer to identify erroneous packets and pinpoint bottlenecks to help maintain network efficiency. The irony of this software that helps administrator also is exploited by others to harm networks. Packet sniffers can be set into a mode where the user can capture and analyze all network traffic. This allows the users to capture vital information about other users, such as usernames and passwords.
 * Wireless Crackers:
 * Additional Programs:

Different types of unauthorized network access:
= =
 * **Accidental Association**: This occurs when someone turns on their computer and it connects to an access point from a different network. This is often an accidental error, but is still something to look for.
 * **Malicious Association:** Malicious association is when a hacker creates a wireless device to connect to a company network through an employee's laptop. The hackers have their own laptops, which are referred to as "Soft aps" and makes their network card look like an access point. Once the hacker has gained access to the network they can do anything from plant viruses to stealing passwords.

= =

Web Resources:
= =

**Basic Terminology for Wireless Security:**
>>
 * **WEP (Wired Equivalency Protocol):** WEP data encryption is defined by the 802.11 standard to prevent access to the network by "intruders" using similar wireless LAN equipment and to capture of wireless LAN traffic through eavesdropping. This is used in addition to the security provided by SSID. WEP is designed to give wireless users the same level of security as on a wired LAN. WEP attempts to provide security for those using wireless LAN by encrypting the data as it passes as radio waves from one point to the next. This way, the information reaches the other side safely. However, WEP has been found to be not as secure as it was once believed to be. WEP is used in data link and physical layers of the OSI model. As these are the two lowest levels, WEP does not provide end-to-end security.
 * **TKIP (Temporal Key Integrity Protocol):** TKIP is a security protocol defined in IEEE 802.11i specifications for WiFi networks to replace WEP. TKIP was designed to replace WEP without replacing legacy hardware. This was necessary because the breaking of WEP left WiFi networks without viable link-layer security. The solution to this problem could not wait on the replacement of deployed hardware. For this reason, TKIP (pronounced "tee-kip"), like WEP, uses a key scheme based on RC4, but unlike WEP it encrypts every data packet sent with its own unique encryption key.
 * **AES (Advanced Encryption Standard):** AES also known as Rijndael, is a block cipher adopted as an encryption standard by the US government, and is expected to be used worldwide and analyzed extensively, as was the case with its predecessor, the Data Encryption Standard (DES). It was adopted by National Institute of Standards and Technology (NIST) as US FIPS PUB 197 in November 2001 after a 5-year standardization process.
 * **WiFi Protected Access** (WPA) is designed to improve upon the security features provided by WEP and is now part of the 802.11i wireless network security protocol. It uses temporal key integrity protocol encryption. As with WEP, WPA security involves signing on with a password. Most public hotspots are either open or use WPA or 128-bit WEP technology.
 * **Media Access Control** (MAC) address filtering is a little different from WEP or WPA. It doesn't use a password to authenticate users - it uses a computer's physical hardware. Each computer has its own unique MAC address. MAC address filtering allows only machines with specific MAC addresses to access the network. You must specify which addresses are allowed when you set up your router. This method is very secure, but if you buy a new computer or if visitors to your home want to use your network, you'll need to add the new machines' MAC addresses to the list of approved addresses.


 * [|RJ Computer Consulting]**
 * [|System ID]**
 * [|Definition of Computer Security]**
 * [|Webopedia definition of WEP]**
 * [|Webopedia definition of WPA]**

Graphics:
>> >> >> >> >> >>
 * [[image:netstumbler.jpg width="740" height="327" align="center" link="http://www.netstumbler.com/"]]
 * [[image:etherape.png width="739" height="531" align="center" link="http://www.etherape.com/"]]
 * [[image:smac20_screenshot1.gif width="741" height="528" align="center" link="http://www.klcconsulting.net/smac/"]]