This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Wireless local area network (WLAN) has been widely used in many areas. The reason for its popularity is due to reasons, such as ease of installation, flexibility, mobility, reduced cost-of-ownership, and scalability. However, regardless of the benefits mentioned above, WLAN have some security threats, in which anyone who use it or intend to use it should be aware of.
This paper will explain how wired equivalent privacy (WEP) works, which is the IEEE 802.11b/WiFi standard encryption for wireless networking. The discussion of WEP continues by examining its weaknesses, which result in it being much less secured than what was originally intended. This situation leads to further research regarding practical solutions in implementing a more secured WLAN. Finally, it sums up with thoughts and suggestions about wireless security, along with a chosen example of the current proposals in wireless security.
Keywords: WLAN, WEP, Infrastructure Networks, Ad hoc Networks, Wireless Security.
Security in computer world would be determined by the ability of the system to manage, protect and distribute sensitive information. Wireless Local Area Networks (WLANs) are expected to constitute one of the largest segments in the market for wireless products. Wireless Local Area Networks will facilitate communications and location independent computing in restricted spatial domains such as offices, factories, enterprise facilities, hospitals, and campuses.
In such environments, WLANs will complement and expand the coverage areas of existing wired networks. The main attractions of WLANs include: cost effectiveness, ease of installation, flexibility, tether-less access to the information infrastructure, and support for ubiquitous computing through station mobility. One particular advantage of WLANs is the fact that they can be quickly installed in an Ad Hoc configuration by non-technical personnel, without pre-planning and without a supporting backbone network.
Wireless LAN (WLAN)
A wireless local area network (WLAN) is a flexible data communications system that can use either infrared or radio frequency technology to transmit and receive information over the air. In 1997, 802.11 were implemented as the first WLAN standard. It is based on radio technology operating in the 2.4 GHz frequency and has a maximum throughput of 1 to 2 Mbps. The currently most spread and deployed standard, IEEE 802.11b, was introduced late 1999. It still operates in the same frequency range, but with a maximum speed of 11 Mbps.
Basic components of a WLAN are access points (APs) and Network Interface Cards (NICs)/client adapters.
Access Point (AP) is the wireless equivalent of a LAN hub. It is typically connected with the wired backbone through a standard Ethernet cable, and communicates with wireless devices by means of an antenna. An AP operates within a specific frequency spectrum and uses 802.11 standard specified modulation techniques. It also informs the wireless clients of its availability, and authenticates and associates wireless clients to the wireless network.
Network Interface Cards (NICs)/client adapters
Wireless client adapters connect PC to a wireless network either in ad hoc peer-to-peer mode or in infrastructure mode with access points. It connects desktop and mobile computing devices wirelessly to all network resources. The NIC scans the available frequency spectrum for connectivity and associates it to an access point or another wireless client.
The main difference between wired and wireless networks is the medium it transfers its data through. This difference made the burden of securing the network heavier. Despite the productivity, convenience and cost advantage that WLAN offers, the radio waves used in wireless networks create a risk where the network can be hacked.
Most of the security attacks and threats are listed under the following categories:
Denial of Service
DoS (Denial of Service) attacks are the hardest type of attacks to overcome. Attackers use frequency devices to send continuous noise on a specific channel to ruin network connectivity. It is known in the wireless world as RF Jamming. In this kind of attack, the intruder floods the network with either valid or invalid messages affecting the availability of the network resources. Due to the nature of the radio transmission, the WLAN are very vulnerable against denial of service attacks. The relatively low bit rates of WLAN can easily be overwhelmed and leave them open to denial of service attacks.
In this attack, the attacker gets the packets before the intended receiver does. This allows her to change the content of the message. One of the most known subset of this attack is called ARP (Address Resolution Protocol) attacks, where the attacker redirects network traffic to pass through her device.
The attacker attacks the integrity of the session by trying to hijack an authorized session from an authorized user. This is where the attacker could gain access to privileged data and resources in the network by assuming the identity of a valid user. This happens because 802.11 networks do not authenticate the source address, which is Medium Access Control (MAC) address of the frames. Attackers may therefore spoof MAC addresses and hijack sessions.
Security in WLAN 802.11
Wireless media is more difficult to secure because of its broadcast nature. This property makes creating a well secured protocol that is similar to wired security modules a very hard task. In addition to that, mobile units that use wireless security protocols differ from regular PCs in many aspects. There are constraints related to processing power, battery capacity, and flexibility to facilitate inter-operability.
To allow clients to access the network they must be go through two steps: getting authenticated by the AP, then getting associated. There are two types of authentications used: Shared Key Authentication and Open Key Authentication.
In shared key authentication, when the client wants to connect to the AP, it sends a request. Upon that request the AP sends a challenge packet in clear text (unencrypted). The client then encrypts it with its WEP key and sends it back. The AP tries to decrypt the message using its WEP key. If the decryption process succeeded that means the client is an authenticated user, otherwise the access is denied. In this case if someone is sniffing the traffic, they will get a copy of the encrypted and clear text versions of the message. With some time and processing power the WEP key can be found.
Open Key Authentication does not involve challenge/response messages exchange. The client will get authenticated always, but to send and receive messages she needs to have the correct WEP key. Although Open Key Authentication does not offer any kind of authentication, it is more secure.
Wired Equivalency Privacy (WEP) is an older security protocol that offers minimal security. This is due to the fact that WEP encryption can be cracked in a relatively short period of time (minutes). WEP uses 40-bit or 64-bit keys to perform encryption. A 128-bit key scheme occasionally called WEP2 is available with some products. WEP is good for keeping out honest people but determined hackers may be able to exploit the short key length and hack the network. Key management and the minimal security level offered are the major disadvantages of WEP.
Wi-Fi Protected Access (WPA) is a more secure protocol than WEP in that it implements TKIP (Temporary Key Integrity Protocol). TKIP allows for and facilitates the dynamic changing of encryption keys, whereas WEP requires manual re-keying of the keys for every station on the wireless LAN. This makes the administration of the LAN much easier. In addition WPA requires a password between eight and 63 characters in length for a user to access the network. WPA is being gradually replaced by WPA2.
In the same way that WPA addresses the weaknesses in WEP, WPA2 addresses the weaknesses in WPA. One of the big differences between WPA2 and WPA is that the former supports the full 802.11i encryption standards. It is important also to know that not all WPA2 devices are backward compatible. Another difference is that WPA2 adds support for AES (Advanced Encryption Standard) as an alternative to TKIP. With support for 128-bit dynamic keys and the availability of TKIP and AES, WPA2 currently offers the strongest security available for wireless networks.
Such techniques are not feasible for companies where many computers are attached to the network. In this situation a security policy must be described and written down to allow managers as well as technicians to react correctly to undesired circumstances. It is not surprising that the main reason for security breaches is the human error factor or what is known as social engineering. APs can also be configured to stop broadcasting its SSID which will make it harder for the attacker to forge a rouge AP.
There are three levels of security policy: Organization specific, Issue specific (for certain type of technologies), and Systems-specific for individual PCs that hold important information. The availability of the wireless network and the downtime for the network must be taken into consideration while writing these specifications. Switching to WPA and WPA2 technologies will solve many of the problems on both user and company levels. The user has to be cautious about implementing the new network, since WPA supports backward compatibility, devices that still implementing WEP will jeopardize the entire network security.
Practical Solutions for Securing WLAN
Despite the risks and vulnerabilities associated with wireless networking, there are certainly circumstances that demand their usage. Even with the WEP flaws, it is still possible for users to secure their WLAN to an acceptable level. This could be done by implementing the following actions to minimize attacks into the main networks:
Changing Default SSID
Service Set Identifier (SSID) is a unique identifier attached to the header of packets sent over a WLAN that acts as a password when a mobile device tries to connect to a particular WLAN. The SSID differentiates one WLAN from another, so all access points and all devices attempting to connect to a specific WLAN must use the same SSID. In fact, it is the only security mechanism that the access point requires to enable association in the absence of activating optional security features. Not changing the default SSID is one of the most common security mistakes made by WLAN administrators. This is equivalent to leaving a default password in place.
Choose a suitable network name and enter it as in the example shown below. An SSID is case sensitive and has a maximum length of 32 alphanumeric characters.
A VPN is a much more comprehensive solution in a way that it authenticates users coming from an untrusted space and encrypts their communication so that someone listening cannot intercept it. Wireless AP is placed behind the corporate firewall within a typical wireless implementation. This type of implementation opens up a big hole within the trusted network space. A secure method of implementing a wireless AP is to place it behind a VPN server. This type of implementation provides high security for the wireless network implementation without adding significant overhead to the users. If there is more than one wireless AP in the organization, it is recommended to run them all into a common switch, then connecting the VPN server to the same switch. Then, the desktop users will not need to have multiple VPN dial-up connections configured on their desktops. They will always be authenticating to the same VPN server no matter which wireless AP they have associated with.
A VPN supplies network connectivity over a possibly long physical distance. In this respect, a VPN is a form of Wide Area Network (WAN).
A VPN supports at least three different modes of use:
Remote access client connections
Controlled access within an intranet
Utilize Static IP
By default, most wireless LANs utilize DHCP (Dynamic Host Configuration Protocol) to more efficiently assign IP addresses automatically to user devices. A problem is that DHCP does not differentiate a legitimate user from a hacker. With a proper SSID, anyone implementing DHCP will obtain an IP address automatically and become a genuine node on the network. By disabling DHCP and assigning static IP addresses to all wireless users, you can minimize the possibility of the hacker obtaining a valid IP address. This limits their ability to access network services. On the other hand, someone can use an 802.11 packet analyser to sniff the exchange of frames over the network and learn what IP addresses are in use. This helps the intruder in guessing what IP address to use that falls within the range of ones in use. Thus, the use of static IP addresses is not fool proof, but at least it is a deterrent. Also keep in mind that the use of static IP addresses in larger networks is very cumbersome, which may prompt network managers to use DHCP to avoid support issues.
Access Point Placement
WLAN access points should be placed outside the firewall to protect intruders from accessing corporate network resources. Firewall can be configured to enable access only by legitimate users based on MAC and IP addresses. However, this is by no means a final or perfect solution because MAC and IP addresses can be spoofed even though this makes it difficult for a hacker to mimic. Try orienting antennas to avoid covering areas outside the physically controlled boundaries of the facility. By steering clear of public areas, such as parking lots, lobbies, and adjacent offices, the ability for an intruder to participate on the wireless LAN can be significantly reduced. This will also minimize the impact of someone disabling the wireless LAN with jamming techniques.
The general idea of WLAN was basically to provide a wireless network infrastructure comparable to the wired Ethernet networks in use. It has since evolved and is still currently evolving very rapidly towards offering fast connection capabilities within larger areas. However, this extension of physical boundaries provides expanded access to both authorized and unauthorized users that make it inherently less secure than wired networks.
WLAN vulnerabilities are mainly caused by WEP as its security protocol.
Only the future can tell us if the current standards are secure as they promise. Moreover, we mentioned some of the ways that can be utilized to improve the security of the wireless networks. Security still evolves and it will remain a hot topic as long as there are ways to threaten data security.