Wireless security: some measures
Date: September 21, 2006Source: Computer Crime Research Center
By:
I. Introduction
The advancement in science and technology has empowered us with tremendous power to deal with various segments of human life. These advancements have, however, also given rise to certain deviances and criminal tendencies. The same equally applies in the present era of ICT. The ICT has conferred tremendous control over the information we generate and disseminate. So much is the benefit of ICT that the traditional means and modes of human interactions have been substituted by ICT. The same has resulted in use of e-governance, e-commerce, etc that have drastically reduced the face to face human interaction. The instrument or tool that made all this possible is a computer connected with an Internet. Initially, the Internet was used for computers connected through cables and routers.[1] Routers in a home network are generally connected to a broadband cable or DSL[2] modem. But with the advancement of technology even wireless communication and interaction is possible. Wireless routers perform the same job as wired routers, only they convert network traffic to a radio signal. This convenience has to be enjoyed with caution otherwise it may be a costly affair in every sense. The use of Internet has changed the entire platform of crime and criminal perpetuating the same. The crimes like hacking, pornography, privacy violations, spamming, phishing, pharming, identity theft, cyber terrorisms, etc are increasing day by day. The modus operendi[3] adopted for these cyber crimes and contraventions is different from the traditional crimes that make it very difficult to trace the culprits. This is because of the anonymous nature of Internet. The Internet is boundary less and that makes the investigation and punishment very difficult. This is more so if an unsecured wireless connection is involved in any transaction. The need of the hour is to set priority for a secure and safe electronic environment so that its benefits can be reaped to the maximum possible extent.[4] The wireless security must be accepted and adopted for both home based and publicly placed wireless networks.
II. Networks to be protected
Wireless networks are very common, both for organisations and individuals. Many laptop computers have wireless cards pre-installed for the buyer. The ability to enter a network while mobile has great benefits. However, wireless networking has many security issues. Crackers have found wireless networks relatively easy to break into, and even use wireless technology to crack into non-wireless networks. Network administrators must be aware of these risks, and stay up-to-date on any new risks that arise. Also, users of wireless equipment must be aware of these risks, so as to take personal protective measures.[5]
(a) Home Wireless Threats
The need to secure traditional wired Internet connections was felt long before. However, there is a growing trend of shifting to a wireless connection at homes. This involves a process where the user connects a device to his DSL or cable modem that broadcasts the Internet connection through the air over a radio signal to his computer. If traditional wired connections are susceptible to security tribulations, there is a great risk of security breach that may arise when a user opens his Internet connection to the airwaves. An unsecured wireless network coupled with unsecured file sharing can be disastrous. There are, however, steps one can take to protect the wireless network. The following are some of the possible security steps:
(i) Make the wireless network invisible by disabling identifier broadcasting,
(ii) Rename the wireless network and change the default name.
(iii) Encrypt the network traffic,
(iv) Change administrator’s password from the default password. If the wireless network does not have a default password, create one and use it to protect the network,
(v) Use file sharing with caution. If the user does not need to share directories and files over his network, he should disable file sharing on his computers.
(vi) Keep the access point[6] software patched and up to date,
(vii) Check internet provider’s wireless security options as it may provide information about securing your home wireless network,
(viii) Do not auto-connect to open Wi-Fi (wireless fidelity) networks
(ix) Turn off the network during extended periods of non-use, etc.
(b) Public Wireless Threats
The risks to users of wireless technology have increased exponentially as the service has become more popular. There were relatively few dangers when wireless techonology was first introduced. Currently, however; there are a great number of security risks associated with wireless technology. Some issues are obvious and some are not. At a corporate level, it is the responsibility of the Information Technology (IT) department to keep up to date with the types of threats and appropriate counter measures to deploy. Security threats are growing in the wireless arena. Crackers have learned that there is much vulnerability in the current wireless protocols, encryption methods, and in the carelessness and ignorance that exists at the user and corporate IT level. Cracking methods have become much more sophisticated and innovative with wireless. Cracking has become much easier and more accessible with easy-to-use Windows-based and Linux-based tools being made available on the web at no charge. IT personnel should be somewhat familiar with what these tools can do and how to counteract the cracking that stems from them.[7]Accessing the internet via a public wireless access point involves serious security threats. These threats are compounded by the inability to control the security setup of the wireless network. The following steps can be taken to protect oneself at public places:
(a) Be careful while dealing in an online environment if the network is not properly secured. Avoid online banking, shopping, entering credit card details, etc,
(b) Connect using a virtual private network (VPN) as it allows connecting securely. VPNs encrypt connections at the sending and receiving ends, and keep out traffic that is not properly encrypted,
(c) Disable file sharing in public wireless spaces as it is more dangerous than it is on your home wireless network,
(d) Be aware of your surroundings while using a public wireless access point. If an internet connection is not essential, disable wireless networking altogether.
III. Corporate security
The network of companies are equally vulnerable to various cyber attacks and if not properly secured may cost the company tremendous loss of information and money. The following are the types of unauthorised access generally found at companies networks:
(a) Accidental Association: Unauthorised access to company wireless and wired networks can come from a number of different methods and intents. One of these methods is referred to as “accidental association”. This is when a user turns on their computer and it latches on to a wireless access point from a neighboring company’s overlapping network. The user may not even know that this has occurred. However, this is a security breach in that proprietary company information is exposed and now there could exist a link from one company to the other. This is especially true if the laptop is also hooked to a wired network.
(b) Malicious Association: “Malicious associations” are when wireless devices can be actively made by crackers to connect to a company network through their cracking laptop instead of a company access point (AP). These types of laptops are known as “soft APs” and are created when a cracker runs some software that makes his/her wireless network card look like a legitimate access point. Once the cracker has gained access, he/she can steal passwords, launch attacks on the wired network, or plant trojans.
(c) Ad-Hoc Networks: Ad-hoc networks[8] can pose a security threat. Ad-hoc networks are defined as peer to peer networks between wireless computers that do not have an access point in between them. While these types of networks usually have little security, encryption methods can be used to provide security.
(d) Non-Traditional Networks: Non-traditional networks such as personal network Bluetooth devices are not safe from cracking and should be regarded as a security risk. Even bar code scanners, handheld PDAs,[9] and wireless printers and copiers should be secured. These non-traditional networks can be easily overlooked by IT personnel that have narrowly focused on laptops.
(e) Identity Theft (MAC Spoofing): Identity theft occurs when a cracker is able to listen in on network traffic and identify the MAC[10] address of a computer with network privileges. Most wireless systems allow some kind of MAC filtering to only allow authorised computers with specific MAC IDs to gain access and utilize the network. However, a number of programs exist that have network “sniffing” capabilities. Combine these programs with...
Next
Add comment
Email to a Friend
