Wireless Lan Security


Threats To Wireless Security:
Wireless network faces some threats. They are:-
Unauthorized Access
Security should be a priority for anyone who uses or administers networks. The difficulties in keeping a wired network secure are amplified with a wireless network. A WLAN is open to anyone within range of an access point and the appropriate credentials to associate to it. With a wireless NIC and knowledge of cracking techniques, an attacker may not have to physically enter the workplace to gain access to a WLAN.
In this first topic of this section, we describe how wireless security threats have evolved. These security concerns are even more significant when dealing with business networks, because the livelihood of the business relies on the protection of its information. Security breaches for a business can have major repercussions, especially if the business maintains financial information associated with its customers.
There are three major categories of threat that lead to unauthorized access:
War drivers
Hackers (Crackers)
Employees
"War driving" originally referred to using a scanning device to find cellular phone numbers to exploit. War driving now also means driving around a neighborhood with a laptop and an 802.11b/g client card looking for an unsecured 802.11b/g system to exploit.
The term hacker originally meant someone who delved deeply into computer systems to understand, and perhaps exploit for creative reasons, the structure and complexity of a system. Today, the terms hacker and cracker have come to mean malicious intruders who enter systems as criminals and steal data or deliberately harm systems.Hackers intent on doing harm are able to exploit weak security measures.
Most wireless devices sold today are WLAN-ready. In other words, the devices have default settings and can be installed and used with little or no configuration by users. Often, end users do not change default settings, leaving client authentication open, or they may only implement standard WEP security. Unfortunately, as mentioned before, shared WEP keys are flawed and consequently easy to attack.
Tools with a legitimate purpose, such as wireless sniffers, allow network engineers to capture data packets for system debugging. These same tools can be used by intruders to exploit security weaknesses.
Rogue Access Points
A rogue access point is an access point placed on a WLAN that is used to interfere with normal network operation. If a rogue access point is configured with the correct security settings, client data could be captured. A rogue access point also could be configured to provide unauthorized users with information such as the MAC addresses of clients (both wireless and wired), or to capture and disguise data packets or, at worst, to gain access to servers and files.
A simple and common version of a rogue access point is one installed by employees without authorization. Employees install access points intended for home use on the enterprise network. These access points typically do not have the necessary security configuration, so the network ends up with a security hole.
Man-in-the-Middle Attacks
One of the more sophisticated attacks an unauthorized user can make is called a man-in-the-middle (MITM) attack. Attackers select a host as a target and position themselves logically between the target and the router or gateway of the target. In a wired LAN environment, the attacker needs to be able to physically access the LAN to insert a device logically into the topology. With a WLAN, the radio waves emitted by access points can provide the connection.
Radio signals from stations and access points are "hearable" by anyone in a BSS with the proper equipment, such as a laptop with a NIC. Because access points act like Ethernet hubs, each NIC in a BSS hears all the traffic. Device discards any traffic not addressed to it. Attackers can modify the NIC of their laptop with special software so that it accepts all traffic. With this modification, the attacker can carry out wireless MITM attacks, using the laptop NIC acts as an access point.
To carry out this attack, a hacker selects a station as a target and uses packet sniffing software, such as Wireshark, to observe the client station connecting to an access point. The hacker might be able to read and copy the target username, server name, client and server IP address, the ID used to compute the response, and the challenge and associate response, which is passed in clear text between station and access point.
If an attacker is able to compromise an access point, the attacker can potentially compromise all users in the BSS. The attacker can monitor an entire wireless network segment and wreak havoc on any users connected to it.
Defeating an attack like a MITM attack, depends on the sophistication of your WLAN infrastructure and your vigilance in monitoring activity on the network. The process begins with identifying legitimate devices on your WLAN. To do this, you must authenticate users on your WLAN.
When all legitimate users are known, you then monitor the network for devices and traffic that is not supposed to be there. Enterprise WLANs that use state-of-the-art WLAN devices provide administrators with tools that work together as a wireless intrusion prevention system (IPS). These tools include scanners that identify rogue access points and ad hoc networks, and radio resource management (RRM) which monitors the RF band for activity and access point load. An access point that is busier than normal, alerts the administrator of possible unauthorized traffic.
Further explanation of these mitigation techniques is beyond the scope of this course. For more information, refer to the Cisco paper "Addressing Wireless Threats with Integrated Wireless IDS and IPS" available at http://www.cisco.com/en/US/products/ps6521/products_white_paper0900aecd804f155b.shtml.
Denial of Service
802.11b and g WLANs use the unlicensed 2.4 GHz ISM band. This is the same band used by most wireless consumer products, including baby monitors, cordless phones, and microwave ovens. With these devices crowding the RF band, attackers can create noise on all the channels in the band with commonly available devices.

0 comments:

Post a Comment

 

NBA Live Streaming. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com | Distributed by Blogger Templates Blog