This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
There are a significant security challenges facing by the WI-FI since last years. The purpose of this report is, to explore the actual security measure. So that the user must be aware From the importance in today's business world, and how the IEEE8021X standard gave a secure solution by means of RADIUS server to the WI-FI network. Wi-Fi is the abbreviation of "wireless Fidelity" began by the IEEE in 1997 by introducing 82.11 technologies .Wi-Fi means "wireless internet "i.e. providing internet connection from any place and using airwaves for communication. Therefore it becomes very easy for the hacker to hack the information. Security is one of the essential component, which protect your Wi-Fi network, and define such type of policies which restrict external or internal intrusion. Various techniques and polices are use to prevent wireless intrusions called wireless prevention system. It includes Intrusion detection, Insertion prevention, Network implementation, Hosted implementation, MAC ID filtering, MAC address, Static IP addressing. Wireless prevention system not only gave you a secure communication but also speed up your connection. I am interested to Write on the topic of "SECURITY OF WI-FI", because about 25 % businesses, more then 220, 0000 hotspots and millions of homes are connected worldwide through wireless network, but due to un awareness about the security of their data wireless network is facing a huge thread of hacker .I am keen to explain in detail that what is Wi-Fi network, what are it security concerned and what are the possibilities due to which we reduce the security flaws.
Introduction to Wi-Fi System and its security
The word Wi-Fi stands for the wireless Fidelity began by the IEEE in 1997 by introducing 82.11 technologies .Wi-Fi means "wireless internet "i.e. providing internet connection from any place such as an office, home called hotspot. Wi-Fi use a radio network contain on cell providing coverage. More number of cells, coverage will be stronger. In to day's life Wi-Fi or some time called 802.11 networking technology, play very important role because every one use the Wi-Fi services in odder to use the cheap internet access. Wi-Fi technology getting popularity in a market, so it is not wrong to say that wireless network will be spread worldwide, and accessing of internet for the common person will be easy from any ware. Actually, Wi-Fi technology uses two ways radio communication across the wireless network.
(1) Wireless adopter: when computer act as a wireless adopter and translate the data into radio signal and, use antenna for the transmission purpose.
(2) When wireless router receives the radio signal and, decodes the router use the physical wired Ethernet connection to send the information to internet. This process can also take place in reverse direction like, when router receive a signal from internet translating it into a radio signals and then send it to the wireless adopter. If we look beyond the history of WI-FI then we will see that initially the security mechanism between Wireless AP and wireless Clients was WEP encryption .WEP encryption was a week security mechanism, because it use a static encryption. Key. Due to which it become easy for the hacker to crack the WAP encryption by means hacking tool. However, at that time some alternative to the WAP, IEEE define an expansion to the 802.11 protocol by providing more enhance security options. So to understand 802.1X authentication mechanism first we want to discus about the flavors use by the WI-FI. There are many Flavors used by the Wi-Fi for communication purpose having different frequency and data transmitting data rates .There are several specifications in 802.11family
802.11: The first frequency of the wireless family also called the parents having frequency rate 2.4ghz and transmitting rates 1 0r 2 Mbps per secound.80.2.11 use FHSS( frequency hoping spread spectrum)or DSSS( Direct spread spectrum).
802.11a= Extension to the 802.11 standard of the Wi-Fi using frequency 5GHz and having capability to transmit 54 megabit of data per second.802.11a using an orthogonal Multiplexing technique split the radio signals in sub radio signal before to reach to the receiving end .
802.11b: The cheaper and slowest standard of the 802.11 family added in 19999 to permit a wireless functionality to be analogous the wireless hard wired Ethernet.802.11b use the frequency 2.4GHz which have the capability to transfer the data of 11 megabit of data per second and using some additional code to speed up the process
802.11G: this flavor use the OFDM modulation scheme and fast as compare to the other having frequency 2.4 MHz and data transfer rate is 54-mega bit per second.
802.11G: This flavor is widely usable now days because of it high speed having data transfer rate 140 mega bit pr second.
So IEEE 802.1X define mechanism for the port base network access using the RADIUS server, providing a secure solution for the wireless network. IEEE 802.1x provide AA (Authentication and authorization) to the device that are attached LAN port in point to point connection. It also has the ability to prevent the UN authorized access in a case if both the services (AA) are failed to provide service. 802.1X define a number of futures to support the port base access on LAN and as well as on WAN for the successful authentication. 802.1X defines two main futures to support the port access control.
1) Logical port: During the EPOL protcol exchanges, logical port used MAC address of the station and access point as a destination address.
2) Key management: This feature is used to get the information of about the global Key by means of EPOL-Key messages by providing below successful authentication.
1) Logical ports and Mac address Association
There is no physical connectivity in 802.11 LAN environments multiple systems communicate with each other using radio frequency and built association with AP. The protocol that establish the association between computer and AP, by sharing their MAC address to each other, which leads to create logical port. These logical ports are use for the communication purpose between The AP and computer.
2) Encryption key management
802.1 X does not require any encryption algorithm, and using EPOL-key messaging technique to distribute encryption key information from AP to the client, these information are distributed for the discovery of thwart key, to establish dynamic WEP, TKIP and EAS keys
Association and EAP Authentication procedure (http://somewifi.com )
First of all association is established between AP and computer after that the exchange the EAP messages by means of RADIUS server in dared to authorized the port which is important step before the logical port authorization .
However, unfortunately there are many issues regarding to the wireless security. As it is mentioned that WI-FI is "wireless internet" so it become easy for the hacker to hack the system, communicating through wireless and it become an important task for the enterprises to define such an effective wireless security policies so that it remain safe and sound from the unauthorized access. There are various techniques, which not only protect your WI-FI system but also speed up your connection. One of The main techniques, which are used to protect the wireless network, is wireless "intrusion system" which is a network device and is used to monitor the radio spectrum by using a special wireless attack tools to prevent the intrusion in a case of any UN authorized access. Usually this is done by comparing the MC address of all the devices participating in the network .Now according to the new research finger print is used to find out the spoof MAC address. WIPS have ability to prevent the following types of thread.
MS configure system
Client Miss Association
Man in the middle Attack
There are other various techniques, which are used to secure you WI-FI Network, like Kerberos, RADIUS and LDAP, are popular and useful authentication method, which meet the challenges of WI-FI network. We cannot deny the importance of the authentication, when we talk about the Security of the WI-FI. Because in authentication both the server and client ensure, that only authorized parties can communicate with each other. Moreover, ignore all the unauthorized access. While Kerberos is a technique, which allow the two parties to exchange their private data with each other on UN secure network by using a mutual authentication method to exchange a shared secret Key before any communication. In Kerberos technique a unique key called ticket is assigned to each user and then during sending the message the unique key is inserted in the message .any packet have no unique key will be discarded. Radius is a scalable server, which is often used, in wired and wireless network to provide AAA (Authentication, Authorization and accounting an advance security policy to control the user access. LDAP a vendor independent protocol support TCP/IP providing an extensible security service based on x.500 service model ,and one of the most widely used authentication method used in a modern network .LDAP is a protocol as well as repository of information to manipulate the data in LDAP directory. Majority of the security devices uses LDAP client support.
History of W-FI.
"Vic Hayes" The creator of the Wi-Fi called also the father of Wi-Fi designed the standard like IEEE 802.11b, 802.11a, 802.11g, 802.11n etc. Wi-Fi uses a single carrier direct-sequence spread spectrum radio technology as will as multi carrier radio technology OFDM( Orthogonal Frequency Division Multiplexing).in 1985 the first unlincesced spread spectrum is authorized by the FFC( federal communication commission),later on it will be implemented in some bigger country with a little changes in the regulation which enable the development of Wi-Fi
NCR Corporation invented in 1991 the precursor to Wi-Fi in Netherlands so the first wireless device having speed of 1 Mbit/s to 2 Mbit/s.
Techniques use to secure the Wi-Fi Network ( http://www.wardrive.net/ )
In 21 century because of the lap Top PC technology the boom of the wireless network is increased, with out the help of a third party adopter like PCMCIA Card. so modern operating system make it very easy to set up the PC as a wireless LAN base station. So each lap top successfully broadcast it data to other nearby computer, but it was a risk because of the unawareness about the security of the wireless system that there some other can also use the connection. So to secure your wireless connection there are various technique some of them are below
if you have a closed network including home or commercial user ,one thing must be noted that always configure Access restriction in AP. This restriction means to check the MAC address of the devices participating in the wireless network or encrypt the data that the user want to communicate using secure encryption technique.
In wireless technology AP or router has a unique name for it representation in the network called SSID. So in WI-FI network the router or WI-FI broadcast the SSID after regular interval of time. This future of WI-FI network is called roaming feature and designed for the business purpose but unfortunately there exits a huge regarding to security point of view. Because hacker can also access the SSID and start communicate from your home network. So it is your first duty to disable the broadcast feature of SSID. So that the router or AP become difficult to access from the out side
so to secure a large business network the most best solution is to forward all of has web traffic for a captive portal which provide the security, it self the user have no access to the internet. And also the secure method is to send their data through VPN.
Another important step to be done is to change the default user name and password provided by the company to access the interface of Router or AP. So to make your system more secure then change the default user name and password.
Wi-Fi devices also support some types of encryptions to secure the communication you must turn on these options so that your data secure from any type of external or internal intrusion.
Wireless network facing thread of security so keep try more to secure your wireless network. Modern router and computer have built-in firewall facility. So for extra protection keep turn on these firewalls on each computer connected to the router.
Today in modern network assigning IP addresses are the job of DHCP, but this facility is goes in the attacker credit .it is not a difficult task for the attacker to obtain a valid IP address from you IP POOL and show a valid user of your network. So use to configure IP address statically using specific subnet masks which allow only the valid user of the network.
The most common mistake is that the network administrator do not position the AP or router at their proper position, due to which the signals of you wireless network goes to your neighboring home and street, which is another flaws in wireless network security, because hacker can easily attach to your network if there exist any signal out of your network geographical area. So during the installation process of AP and wireless router keep them at right position. Means at center of your network, not near with window so that the leakage of the signal become minimize.
in wireless network layer 2 and layer 3 security is not enough to protect your private data
Because these technologies add encryption to a part of communication path which allow the hacker to attack on the data. So to over come this flaw in security technology SSL, SSH, PGP, GnuPG are used.
I am interested to write on this topic because in today's modern network wireless is plying model role in our communication part, but unfortunately there are many flaws regarding to the security Wireless network is essential part of to day's communication, as we know that Wi-Fi network is easy to install, simply add or remove workstations and provide easy connectivity to internet where it is difficult to lay down the cable. Which reduce dramatically cost of the network, but one of the threads that are faced by the Wi-Fi network is UN authorized access and attacks which expose the critical assets and confidential information? One of the research survey about 25 % businesses, more then 220, 0000 hotspots and millions of homes are connected worldwide. So majority of these hotspots are UN secure .which alarming, so to make save the Wi-Fi network having lot of advantages we cannot compromise on the security of Wi-Fi
Diagram # 1 http://www.wardrive.net/