A world with free wireless internet access How safe are you?
|
|
- Bartholomew Green
- 8 years ago
- Views:
Transcription
1 A world with free wireless internet access How safe are you? (2) Dangers of an increasingly Networked World Selma Ardelean Romania Imperial College London Nicolae-Dan Demeter, Romania Imperial College London David Harrison United Kingdom Imperial College London 1
2 Contents 1. History 2. How wireless networks work 3. Present usage of wireless networks 4. Current threats 5. Case Study 6. Statistics 7. Countermeasures 8. Conclusions 9. References 2
3 1. History The first IEEE workshop on wireless LAN was held on At that early stage in the development of the technology the IEEE committee was just starting to work towards developing a standard for wireless LANs. As a result of the continuous efforts, in 1996, wireless was first unleashed onto the unsuspecting public. As with any newly emerged technology, WLAN hardware was so expensive that it could only be efficiently used as an alternative to wired network in places where cabling was difficult or even impossible. It would be some time before the WLAN could become widely used and even more time until the end-user would actually understand both the advantages and disadvantages of it. Once the standards a and b were established the revolution of wireless technology was in full swing. These two standards rendered the initial , with its low data rate capabilities and reduced range, obsolete. These two standards, however, had the same relatively short life-span, being replaced in 2003 and 2007 by the g and n respectively. In today s society one can scarcely imagine a household, university, firm, city, town or country without at least one form of wireless technology. Wires are being replaced, and this creates a number of potential consequences. 2. How wireless networks work For a device to connect to a wireless network it has to be equipped with a wireless network interface card. The cards fall into one of the two categories: Access Points and Clients. For efficient communication, every client is part of a Basic Service Set, commonly called BSS. BSSs also fall into one of the two categories: Independent Basic Service Sets and infrastructure Basic Service Sets. The independent BSS is just and ad-hoc network (commonly created by a laptop, PDA device, etc) and generally, is not connected to the internet. On the other hand, the infrastructure BSS is generally used to connect devices to each other or to the internet. Every BSS has an identification: the Media Access Control (MAC) address of the router [1]. A set of access points connected to a Basic Service Set represent an extended service set (ESS) which is defined by its Service Set Identifier (SSID). A wireless connection is defined by a SSID (broadcasted or not), a network mode, channel number and network configuration (Unbridged or Bridged). The SSID is limited to 32 characters and represents the network s name. The network mode is used to define the standard within the wireless network functions. The first standard used in wireless networks was a. It operates in the 5-6 GHz range with data rates commonly around 6mbps, 12mbps, or 24mbps. Because a uses the Orthogonal Frequency- Division Multiplexing (OFDM), it can achieve data transfer rates up to 54Mbit/s. In addition, this technique breaks up fast serial information signals into several slower sub signals that are transferred at the same time via different frequencies, providing more resistance to radio frequency 3
4 interference. Its main characteristics are that it has a fast speed, but very limited distance. The second standard is b, which operates in the 2.4 GHz range, with a maximum speed of 11 Mbit/s. It is compatible with the a standard, but uses Direct-Sequence Spread Spectrum (DSSS). In this way, it allows a higher data rate with less probability of the signal bouncing off walls (which would cause a duplicate signal which could interfere with normal operation). The most widely used standard nowadays is g, which operates like the b standard at 2.4 GHz, but uses the a standard modulation technique (OFDM) [2][3]. It is backwards compatible with the b standard and because of this; in the summer of 2003 many vendors upgraded their products to be compatible with the g standard. The next standard that will be adopted in the future is n. It uses both the 2.4 and 6 GHz bands, and supports multiple-input and multiple-output (MIMO), which significantly increases data throughput and link range without using addition bandwidth or a more powerful antenna, which in turn improves communication performance [4] ). Channels are the physical medium through which packets are transmitted. Generally there are 13 channels, each of them having a width of 22 MHz, and spaced apart 5 Mhz. Channel 1 is centred on GHz and channel 13 on GHz. Some countries add an extra channel, whereas others disallow the use of certain channels [5]. A major problem with the use of wireless is that it can interfere with other wireless devices, such as wireless keyboards, cordless telephones and Bluetooth devices. 3. Present usage of wireless networks It is hard to imagine life without wireless networks, but there is always a concern regarding privacy. The main difference between a wired and a wireless network is that you are not constrained to a specific location. This means that traffic in a wireless network is transmitted to everyone within the device s perimeter, rather than just a single client (as with a wired network), and so it can be intercepted very easily. Because of this, sensitive information like SSID, BSSID, and traffic (in case of an open wireless network) becomes available to anybody. As a testimony to this, in April 2010 it was discovered that Google Street View Cars, as well as taking pictures in order to map a particular street, they were collecting Wi-Fi network information. In one of their blog posts, they admit that they collected data, including SSID, and MAC addresses and also traffic! [6]. Furthermore, they mention that this data can be used by third parties, but only through the Geo Location API, and the results are in the form of a triangulated geo code. 4
5 4. Current threats The most important thing to bear in mind about wireless networks is that they work exactly as wired ones, so all attacks that can be used on wired networks can also be used in a wireless environment. On the other hand, due to the nature and characteristics of wireless networks new attack vectors emerged, and attackers could remain anonymous. Because data is transmitted over the air it is available to anyone within that perimeter. From the point of view of an attacker, he can be completely anonymous on the network, as he is not constrained to be in a specific location. Seeing as the only available information about him is his MAC address, he can easily spoof it in order to gain multiple identities and because of the mobility a wireless network gives, he can move in different locations within the range of the Access Point, making it hard to be traced. Also, as data transmitted is available to anyone within the perimeter, an attacker is able to capture traffic without even being detected [7]. In this way, he can save the captured log files for later analysis. Depending on the level of security a wireless has, it can expose different layers of private data. Examples vary from capturing all traffic (including passwords for unsecured connections to websites and personal data in the case of an open wireless networks) to storing just the BSSID of an access point (for encrypted wireless networks). Encrypted or open, all wireless networks face a possible data privacy leak. It was discovered this year that using a simple XSS exploit against routers, an attacker can successfully identify the MAC address of that router. While this may appear to be a valueless piece of information, when combined with Google Location Services it can accurately show the location of the user: country, city, street name, latitude and longitude. The most interesting fact is that the user is not even asked about it (his MAC address is acquired through the XSS exploit) so the user is not even aware of the fact that his location has been exposed to the attacker. This is possible because Google decided to collect data about wireless networks and released it publicly through its API. Although Google stated that we have decided that it s best to stop our Street View cars collecting WiFi network data entirely [6], the data is still available, and you can still search for MAC addresses through their API. And this is just the beginning. Google was not the first and it will not be the last company to collect pieces of information about networks. Other attacks affecting wireless networks are: Rogue Access Points (the access point is used to connect users to the internet through a connection where a sniffer is running. Also, the Rogue AP can also serve rogue DNS servers which can redirect users to different sites), Data Replay (the attacker captures the data, but it replays it modified), Cracking the WEP / WAP key (Because of the design of the WEP algorithm, no matter how long is the password, it can be decrypted in due time. Also, WPA keys can be decrypted using Brute Force Attacks and a good Dictionary [8] ), Evil Twin AP (Posing as an authorized access point by using the same SSID as the target wireless), MITM Attack (One of the most used attacks. The attacker is situated between his targets, acting as a proxy. He then can intercept all the traffic), Authenticate Flood (It is based on the fact that the attackers is anonymous so he can generate countless MAC addresses in order to fill the association table), 802.1X EAP Downgrade (In this case the attacker forces the server to offer a weaker type of authentication by issuing continuous NAK (Negative Acknowledgement) / EAP packets in response). From the above, we consider that the most successful and easy to deploy are Evil Twin AP and Rogue AP, because the attacker doesn t have to struggle to find the encryption key (for a WAP2 network, for example), instead he lures the users directly to his packet sniffer. 5
6 5. Case Study As part of the research we conducted we have decided to find how many clients would connect to an open wireless network in different locations, and then log all their traffic. The study was conducted in 2 main locations: in a crowded place (during an hour) and near a block of flats (for 1 week). For the first location we used a laptop connected to a wireless broadband modem as a storage device for the logs. In the second location, we used a computer connected to a broadband internet connection and a wireless router (Broadcom BCM5354) which was connected to it. Below is the network diagram We created a Rogue Access Point that appeared to be configured with default values (SSID: default, open wireless network). We set up the backend such that the Access Point was bridging the wireless adaptor to the wired one, so that the clients were talking directly with the computer and not with the Access Point. Also, the Access Point was accepting connections only from , for better separation of the Access Point and the rest of the network. For security reasons, clients overall were limited to a transfer rate of only 1 Mbit /s [9]. Logging of network packets was possible with the program tcpdump, which was listening on the network card connected to the Access Point. 6
7 With the help of Wireshark, a network utility program, packets saved by tcpdump were analysed and statistics produced. Wireshark is capable of reproducing an entire http session from log files (including images, files, etc), provided they have been captured entirely (using the s switch) 6. Statistics Logs were captured throughout a time span of 11 days in order to provide a wide range of data and try to map the activity of as many users as possible. Unfortunately, because of the limited range of the wireless router used, the number of clients who were actually in the range of the machine is limited. In the period mentioned we were able to log the activity of at least 10 different users. By analysing this data we successfully determined the preferences of the users, discovered general trends in their online activity and were even able to deduce personal data about them. Identifying these seemingly minor details does not seem like a useful feat. However, because some of the websites do not provide secure login, we were also able in some instances to discover passwords and user names. For a real attacker, there would not be much left to do in order to use this information to commit identity theft. Without even considering the possibility that their traffic may be monitored, users connected to our rogue access point and used it just as they would do any other network. One of the most common tendencies was that all the users who used the connection checked their accounts. Without proper encryption these would have been exposed in seconds. The next major trend is that people often tend to access their preferred social networks and blogs. Facebook and Twitter take the first place here. The next most popular websites are news websites, online stores and video streaming services such as YouTube. Unfortunately, at the moment, these services are often not encrypted in any way thus enabling attackers to easily take over the users account. About 8 in 10 users logged on to one or more of the frequently used instant messaging clients and their entire conversations could be reconstructed from the logs. By connecting to an open wireless network, the clients loose all their privacy. Just from analyzing the online activity of one computer one could easily identify what the person's interests are and what field he/she works in. Furthermore, in one case we were able to deduce that in one household had two residents. This was based solely on their web activity and the sites that they accessed. The potential loss of privacy that comes along with the use of open wireless networks has various implications and the information obtained by third parties could be used in many different ways. All in all, users are not always aware of the possible outcome of their actions, and therefore need to be alerted and made aware of all the dangers and threats that come with the use of a wireless environment. Although the majority of websites that handle sensitive personal data provide secure access, there are still some that do not and these make the users vulnerable. 7
8 General trends for users connected to the rogue Access Point 7. Countermeasures As you can see, there exists a large number of threats related to wireless networks and as wireless becomes more and more widely adopted, security should not be considered just an extra setup, but should be the first thing to consider. A bulletproof solution that works 100% of the time does not exist. Instead, security should be more like a process in which the user is aware and tries to protect himself against ever emerging threats. For the average user, having the latest updates or patches for the software they re using and having the latest definitions for the antivirus are enough. In most of cases, it is up to the user to protect his public/private data. As wireless networks require special attention, the first layer of protection should encrypt the connection only with WPA or WPA2 because they provide different per session key for data encryption. PSKs start with the same passphrase, however each station is given different key for communicating with the router. Secondly, a method which can be circumvented, but prevents unwanted intruders is MAC filtering by using blacklists or especially whitelists. Another method to limit access to a wireless network is to position the Access Point such that its signal doesn t travel far away. Most of the routers nowadays have an interface which allows the user to modify the signal strength to his or her needs. Finally, the encryption key used to encrypt the wireless network should be changed on a regular basis. Unfortunately, as people spend more than half of their time outside their home, the chances that they connect to an unsecure wireless network is quite high. Fortunately, even in this case, there are some methods to protect your data. Firstly, only secure channels should be used when visiting sites 8
9 that require some sort of credentials. Most of the time, https instead of http should be used but the user should be aware of the fact that if he logs in through https and then he stays for the rest of the connection on unsecure http, his session can be hijacked and an attacker can gain control over his account. An example of a user-friendly tool that can be used to hijack said connection is Firesheep. This is a Firefox add-on that was launched in October The process of hijacking someone s session is pretty simple: you install the add-on, connect to the open wireless network and then if someone near you and surfing a site which uses a session cookie, his session will appear in the add-on panel. This allows you to connect to his session instantly and use his identity. The only solution to this problem, when connecting to an unsecure service (it may be an website using only http, a chat server, or even VoIP connections) through an unsecure wireless network is to establish an encrypted connection to a remote proxy and then to initiate the connections through it. The most commonly used technique is to use a VPN, so you can connect to a virtual private network somewhere else on the internet. Another technique is to use an SSH tunnel to make a dynamic SOCKS proxy between you and the remote server. Unfortunately, both cases require access to a remote server, which can be expensive for the average user. Nevertheless, the rule of thumb is that whenever you are in doubt about the security of the connection you re using, it is better not to use it. Unfortunately, this behaviour is not encouraged by the software vendors, who sometimes decide to trade security with convenient practices. A clear example is the default option for Windows XP when connecting to wireless networks: it will connect to any available network and automatically connect to non-preferred networks. This is very convenient for the regular user, but it exposes different security risks such as: Rogue AP or Evil Twin AP attacks. 8. Conclusions The subject of wireless network security is always in people s attention because this technology is always changing as years pass. We predict that in the future wireless networks will be available in almost every place. This represents a new step towards an interconnected world. Unfortunately it is also assumed that the average user knows all the potential threats that emerge. Through our study we have shown that at this moment this is not the case. However, some states, like Germany, take security into consideration very seriously, and they even impose fines for people who do not secure their wireless connection properly [10]. We consider that this is a big step towards a secured world and we believe that only with proper information, the average user would be able to protect its data against intruders. 9
10 9. References [1] Wikipedia: Wireless LAN - Last update: 20 November [2] How Stuff Works: How WiFi Works Last visited: 24 November [3] Cisco Academy: IT 1 Networking Course (Course not available online) [4] Wikipedia: MIMO Last update: 27 November [5] Wikipedia: IEEE Last update: 4 December [6] Official Google Blog : WiFi data collection: An update Last update: 14 May [7] Wireless Network Monitor - The Promiscuous Mode Last visited: 16 October [8] Cracking WEP and WPA Wireless Networks Last update: 24 Nov y_brute_force [9] Linux Binary: /usr/sbin/wondershaper eth [10] BBC News: Wi-fi owner fined for lax security in Germany Last update: 14 May
Chapter 2 Configuring Your Wireless Network and Security Settings
Chapter 2 Configuring Your Wireless Network and Security Settings This chapter describes how to configure the wireless features of your DG834N RangeMax TM NEXT Wireless ADSL2+ Modem Router. For a wireless
More informationINFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008
INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG What is wireless technology? ITMC TECH TIP ROB COONCE, MARCH 2008 In our world today, this may mean sitting down at a coffee
More informationWIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
WIRELESS SECURITY Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Wireless LAN Security Learning Objectives Students should be able
More informationChapter 2 Wireless Settings and Security
Chapter 2 Wireless Settings and Security This chapter describes how to set up the wireless features of your WGT624 v4 wireless router. In planning your wireless network, select a location for the wireless
More informationTopics in Network Security
Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure
More informationThe next generation of knowledge and expertise Wireless Security Basics
The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com
More informationWireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com
Wireless Security Overview Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Ground Setting Three Basics Availability Authenticity Confidentiality Challenge
More informationWireless Ethernet LAN (WLAN) General 802.11a/802.11b/802.11g FAQ
Wireless Ethernet LAN (WLAN) General 802.11a/802.11b/802.11g FAQ Q: What is a Wireless LAN (WLAN)? Q: What are the benefits of using a WLAN instead of a wired network connection? Q: Are Intel WLAN products
More informationWireless Network Policy
Wireless Network Policy Purpose Guide the deployment and integrity of wireless networking on the Kettering University campus to ensure reliable, compatible, and secure operation Protect the security of
More informationSecuring Your Wireless Network
Choosing A Wireless Router You might already have a wireless router provided to you by your Internet Service Provider. Otherwise, if you are intending to get one or decide to upgrade your old router, look
More information9 Simple steps to secure your Wi-Fi Network.
9 Simple steps to secure your Wi-Fi Network. Step 1: Change the Default Password of Modem / Router After opening modem page click on management - access control password. Select username, confirm old password
More informationReferences NYS Office of Cyber Security and Critical Infrastructure Coordination Best Practices and Assessment Tools for the Household
This appendix is a supplement to the Cyber Security: Getting Started Guide, a non-technical reference essential for business managers, office managers, and operations managers. This appendix is one of
More informationCyber Security: Beginners Guide to Firewalls
Cyber Security: Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers This appendix is a supplement to the Cyber Security: Getting Started
More informationSecurity in Wireless Local Area Network
Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June
More informationCyber Security Beginners Guide to Firewalls A Non-Technical Guide
Cyber Security Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers Multi-State Information Sharing and Analysis Center (MS-ISAC) U.S.
More informationLinksys WAP300N. User Guide
User Guide Contents Contents Overview Package contents 1 Back view 1 Bottom view 2 How to expand your home network 3 What is a network? 3 How to expand your home network 3 Where to find more help 3 Operating
More informationADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3
ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3 TO THE Overview EXHIBIT T to Amendment No. 60 Secure Wireless Network Services are based on the IEEE 802.11 set of standards and meet the Commonwealth of Virginia
More informationChapter 3 Safeguarding Your Network
Chapter 3 Safeguarding Your Network The RangeMax NEXT Wireless Router WNR834B provides highly effective security features which are covered in detail in this chapter. This chapter includes: Choosing Appropriate
More informationWiFi Security Assessments
WiFi Security Assessments Robert Dooling Dooling Information Security Defenders (DISD) December, 2009 This work is licensed under a Creative Commons Attribution 3.0 Unported License. Table of Contents
More informationHow To Manage An 802.11 Wireless Network At A University
WIRELESS POLICY 1 INTRODUCTION 1.1 Wireless networking is a fast emerging technology and is set to continue to grow for the foreseeable future. It is recognised that wireless networking could offer benefits
More informationWLAN Security Networking with Confidence
WLAN Security Networking with Confidence Introduction So you ve just installed a new wireless local area network (WLAN) in your small business or home. The access point is on and connected, the client
More informationIndustrial Communication. Securing Industrial Wireless
Industrial Communication Whitepaper Securing Industrial Wireless Contents Introduction... 3 Wireless Applications... 4 Potential Threats... 5 Denial of Service... 5 Eavesdropping... 5 Rogue Access Point...
More informationModule 6, Assignment 5
SusanFerdon,EDTECH552SP11 Module 6, Assignment 5 5.1 Multiple Choice Questions 1. Which of the following is unlicensed band, which can be used by WLAN s? A. 2.4 GHz band B. 2.4 MHz band C. 5 GHz band D.
More informationTHE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING
International Journal of Electronics and Communication Engineering & Technology (IJECET) Volume 6, Issue 9, Sep 2015, pp. 65-74, Article ID: IJECET_06_09_008 Available online at http://www.iaeme.com/ijecetissues.asp?jtype=ijecet&vtype=6&itype=9
More informationHacking. Aims. Naming, Acronyms, etc. Sources
Free Technology Workshop Hacking Hands on with wireless LAN routers, packet capture and wireless security Organised by Steven Gordon Bangkadi 3 rd floor IT Lab 10:30-13:30 Friday 18 July 2014 http://ict.siit.tu.ac.th/moodle/.-----.-----.-----..----.
More informationWIRELESS NETWORKING SECURITY
WIRELESS NETWORKING SECURITY Dec 2010 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationA White Paper from Laird Technologies
Cisco Compatible Extensions and Medical Devices Originally published: July 2012 Updated: October 2012 A White Paper from Laird Technologies While CCX has been an overwhelming success in the laptop world,
More informationP r o t o l ck w fi ma a n ger User s Guide
Po rtl wifi oc manager k Portlock WiFi Manager Introduction New in version 5.08 of the Portlock Boot CD is Portlock WiFi Manager, a utility for connecting to wireless networks. It is located on the Portlock
More informationGuide for wireless environments
Sanako Study Guide for wireless environments 1 Contents Sanako Study... 1 Guide for wireless environments... 1 What will you find in this guide?... 3 General... 3 Disclaimer... 3 Requirements in brief...
More informationA Division of Cisco Systems, Inc. GHz 2.4 802.11g. Wireless-G. USB Network Adapter with RangeBooster. User Guide WIRELESS WUSB54GR. Model No.
A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G USB Network Adapter with RangeBooster User Guide Model No. WUSB54GR Copyright and Trademarks Specifications are subject to change without
More information802.11b and associated network security risks for the home user
802.11b and associated network security risks for the home user by Michael Osten mosten@bleepyou.com Background ================= Approved in 1997 by the IEEE 802 committee, 802.11 details the framework
More informationLink Layer and Network Layer Security for Wireless Networks
Link Layer and Network Layer Security for Wireless Networks Interlink Networks, Inc. May 15, 2003 1 LINK LAYER AND NETWORK LAYER SECURITY FOR WIRELESS NETWORKS... 3 Abstract... 3 1. INTRODUCTION... 3 2.
More informationBasic Computer Security Part 2
Basic Computer Security Part 2 Presenter David Schaefer, MBA OCC Manager of Desktop Support Adjunct Security Instructor: Walsh College, Oakland Community College, Lawrence Technology University Welcome
More informationWireless Network Standard and Guidelines
Wireless Network Standard and Guidelines Purpose The standard and guidelines listed in this document will ensure the uniformity of wireless network access points and provide guidance for monitoring, maintaining
More informationINFORMATION TECHNOLOGY. Revised May 07. Home Networking Guide
INFORMATION TECHNOLOGY Revised May 07 Home Networking Guide Contents Introduction... 3 Intent... 3 Disclaimer... 3 Rexnord Support limitations... 3 Remotely Connecting to the Rexnord Data Network... 3
More informationWireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter
Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter Introduction Who are we? Matt Moore, Senior Consultant @ PenTest Ltd. Mark Rowe, Technical Director @ PenTest Ltd. What
More informationNetworking 101 (Networking Basics) Presentation to UCHUG - 1/03/07 G. Skalka
Networking 101 (Networking Basics) Presentation to UCHUG - 1/03/07 G. Skalka What is a network? A computer network is two or more computers connected together using a telecommunication system for the purpose
More informationMITM Man in the Middle
MITM Man in the Middle Wifi Packet Capturing and Session Hijacking using Wireshark Introduction The main Objective of this Attack is to make a Fake Access point and send the fake ARP Packets on same Wi-Fi
More informationOnline Banking Fraud Prevention Recommendations and Best Practices
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee at Continental National Bank of Miami needs to know
More informationNetwork Security Best Practices
CEDIA WHITE PAPER Network Security Best Practices 2014 CEDIA TABLE OF CONTENTS 01 Document Scope 3 02 Introduction 3 03 Securing the Router from WAN (internet) Attack 3 04 Securing the LAN and Individual
More informationClosing Wireless Loopholes for PCI Compliance and Security
Closing Wireless Loopholes for PCI Compliance and Security Personal information is under attack by hackers, and credit card information is among the most valuable. While enterprises have had years to develop
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,
More informationAttacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com
Attacking Automatic Wireless Network Selection Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com We made Slashdot! Hackers, Meet Microsoft "The random chatter of several hundred
More informationPotential Security Vulnerabilities of a Wireless Network. Implementation in a Military Healthcare Environment. Jason Meyer. East Carolina University
Potential Security Vulnerabilities of a Wireless Network Implementation in a Military Healthcare Environment Jason Meyer East Carolina University Abstract This paper will look into the regulations governing
More informationWireless N 150 USB Adapter with 10dBi High Gain Antenna. Model # AWLL5055 User s Manual. Rev. 1.0
Wireless N 150 USB Adapter with 10dBi High Gain Antenna Model # AWLL5055 User s Manual Rev. 1.0 Table of Contents 1. Introduction...2 1.1 Package Contents...2 1.2 Features...2 2. Install Wireless USB Adapter...3
More informationOverview. Summary of Key Findings. Tech Note PCI Wireless Guideline
Overview The following note covers information published in the PCI-DSS Wireless Guideline in July of 2009 by the PCI Wireless Special Interest Group Implementation Team and addresses version 1.2 of the
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationThe Hidden Dangers of Public WiFi
WHITEPAPER: OCTOBER 2014 The Hidden Dangers of Public WiFi 2 EXECUTIVE SUMMARY 4 MARKET DYNAMICS 4 The Promise of Public WiFi 5 The Problem with Public WiFi 6 MARKET BEHAVIOR 6 Most People Do Not Protect
More informationDOS ATTACKS IN INTRUSION DETECTION AND INHIBITION TECHNOLOGY FOR WIRELESS COMPUTER NETWORK
DOS ATTACKS IN INTRUSION DETECTION AND INHIBITION TECHNOLOGY FOR WIRELESS COMPUTER NETWORK ABSTRACT Dr. Sanjeev Dhull Associate Professor, RPIIT Karnal, Dept of Computer Science The DoS attack is the most
More informationVIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong
VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security
More informationRobust security is a requirement for many companies deploying a wireless network. However, creating a secure wireless network has often been
Robust security is a requirement for many companies deploying a wireless network. However, creating a secure wireless network has often been difficult and time-consuming. This paper describes the security
More informationThe Basics of Wireless Local Area Networks
The Basics of Wireless Local Area Networks Andreas Johnsen Student at Mälardalens högskola ajn05012@student.mdh.se +46 712345678 ABSTRACT This paper is written as a brief education about the basics of
More informationINSTANT MESSAGING SECURITY
INSTANT MESSAGING SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part
More informationAPPENDIX 3 LOT 3: WIRELESS NETWORK
APPENDIX 3 LOT 3: WIRELESS NETWORK A. TECHNICAL SPECIFICATIONS MAIN PURPOSE The Wi-Fi system should be capable of providing Internet access directly to a user using a smart phone, tablet PC, ipad or Laptop
More informationWireless Intrusion Detection Systems (WIDS)
Systems (WIDS) Dragan Pleskonjic CONWEX Dragan_Pleskonjic@conwex.net dragan@empowerproduction.com Motivation & idea Wireless networks are forecasted to expand rapidly (Wi-Fi IEEE 802.11a/b/g ) WLANs offer
More informationConfigure WorkGroup Bridge on the WAP131 Access Point
Article ID: 5036 Configure WorkGroup Bridge on the WAP131 Access Point Objective The Workgroup Bridge feature enables the Wireless Access Point (WAP) to bridge traffic between a remote client and the wireless
More informationWireless in the production plant
ATS MES Excellence Centres Wireless in the production plant For various industries How to avoid trouble when setting up a wireless network ETSI: European Telecommunications Standards Institute (www.etsi.org,
More informationChapter 2 Wireless Networking Basics
Chapter 2 Wireless Networking Basics Wireless Networking Overview Some NETGEAR products conform to the Institute of Electrical and Electronics Engineers (IEEE) 802.11g standard for wireless LANs (WLANs).
More informationDeveloping Network Security Strategies
NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network
More informationALL0237R. Wireless N 300Mbit Access Point/Repeater. User s Manual
ALL0237R Wireless N 300Mbit Access Point/Repeater User s Manual ALLNET ALL0237R User Manual Table of Contents About the Device... 3 Minimum System Requirements... 5 Package Contents... 5 Device Overview...
More informationEbonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science
Security Measures taken in Securing Data Transmission on Wireless LAN 1 AGWU C. O., 2 ACHI I. I., AND 3 OKECHUKWU O. 1 Department of Computer Science Ebonyi State University Abakaliki 2 Department of Computer
More informationMN-700 Base Station Configuration Guide
MN-700 Base Station Configuration Guide Contents pen the Base Station Management Tool...3 Log ff the Base Station Management Tool...3 Navigate the Base Station Management Tool...4 Current Base Station
More informationCisco WAP4410N Wireless-N Access Point: PoE/Advanced Security. Cisco Small Business Access Points
Cisco WAP4410N Wireless-N Access Point: PoE/Advanced Security Cisco Small Business Access Points Advanced, High-Performance Wireless Access for the Small Business Highlights Supports high-bandwidth applications
More informationNWA1120 Series. User s Guide. Quick Start Guide. Wireless LAN Ceiling Mountable PoE Access Point. Default Login Details
NWA1120 Series Wireless LAN Ceiling Mountable PoE Access Point Version 1.00 Edition 1, 08/2012 Quick Start Guide User s Guide Default Login Details LAN IP Address http://192.168.1.2 User Name admin Passwordwww.zyxel.com
More informationPCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com
PCI Compliance - A Realistic Approach Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com What What is PCI A global forum launched in September 2006 for ongoing enhancement
More informationLTE, WLAN, BLUETOOTHB
LTE, WLAN, BLUETOOTHB AND Aditya K. Jagannatham FUTURE Indian Institute of Technology Kanpur Commonwealth of Learning Vancouver 4G LTE LTE (Long Term Evolution) is the 4G wireless cellular standard developed
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationJK0 015 CompTIA E2C Security+ (2008 Edition) Exam
JK0 015 CompTIA E2C Security+ (2008 Edition) Exam Version 4.1 QUESTION NO: 1 Which of the following devices would be used to gain access to a secure network without affecting network connectivity? A. Router
More informationCisco RV 120W Wireless-N VPN Firewall
Cisco RV 120W Wireless-N VPN Firewall Take Basic Connectivity to a New Level The Cisco RV 120W Wireless-N VPN Firewall combines highly secure connectivity to the Internet as well as from other locations
More informationConfiguring Security Solutions
CHAPTER 3 This chapter describes security solutions for wireless LANs. It contains these sections: Cisco Wireless LAN Solution Security, page 3-2 Using WCS to Convert a Cisco Wireless LAN Solution from
More informationPwC. Outline. The case for wireless networking. Access points and network cards. Introduction: OSI layers and 802 structure
PwC Outline Wireless LAN Security: Attacks and Countermeasures 1. Introduction 2. Problems with 802.11 security 3. Attacks on and risks to Wireless Networks 4. Defending wireless networks ISACA Hong Kong
More informationWHITE PAPER. WEP Cloaking for Legacy Encryption Protection
WHITE PAPER WEP Cloaking for Legacy TM Encryption Protection Introduction Wired Equivalent Privacy (WEP) is the encryption protocol defined in the original IEEE 802.11 standard for Wireless Local Area
More informationAC750 WiFi Range Extender
Model EX6100 User Manual April 2014 202-11307-03 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for selecting NETGEAR products. After installing your device, locate the serial number
More informationHANDBOOK 8 NETWORK SECURITY Version 1.0
Australian Communications-Electronic Security Instruction 33 (ACSI 33) Point of Contact: Customer Services Team Phone: 02 6265 0197 Email: assist@dsd.gov.au HANDBOOK 8 NETWORK SECURITY Version 1.0 Objectives
More informationWi-Fi Why Now? Exploring New Wireless Technologies for Industrial Applications
Wi-Fi Why Now? Exploring New Wireless Technologies for Industrial Applications Patrick McCurdy Product Marketing Manager Phoenix Contact Inc. pmccurdy@phoenixcon.com Ira Sharp Product Specialist Phoenix
More informationCisco WAP4410N Wireless-N Access Point: PoE/Advanced Security Cisco Small Business Access Points
Cisco WAP4410N Wireless-N Access Point: PoE/Advanced Security Cisco Small Business Access Points Advanced, High-Performance Wireless Access for the Small Business Highlights Supports high-bandwidth applications
More informationInternet Quick Start Guide. Get the most out of your Midco internet service with these handy instructions.
Internet Quick Start Guide Get the most out of your Midco internet service with these handy instructions. 1 Contents Internet Security................................................................ 4
More informationRunning Head: WIRELESS DATA NETWORK SECURITY FOR HOSTPITALS
Wireless Data Network Security 1 Running Head: WIRELESS DATA NETWORK SECURITY FOR HOSTPITALS Wireless Data Network Security for Hospitals: Various Solutions to Meet HIPAA Requirements. Jody Barnes East
More informationUser Guide. E-Series Routers
User Guide E-Series Routers Table of Contents Table of Contents Product overview E900/E1200/E1500/E2500/E3200 1 Back view 1 Bottom view 1 E4200 2 Top view 2 Back view 2 Setting Up Your E-Series Router
More informationDeploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.
Table of Contents Section 1: Executive summary...1 Section 2: The challenge...2 Section 3: WLAN security...3 and the 802.1X standard Section 4: The solution...4 Section 5: Security...4 Section 6: Encrypted
More informationCisco Small Business 500 Series Wireless Access Points
Data Sheet Cisco Small Business 500 Series Wireless Access Points High-Performance, Easy-to-Deploy, Secure Business-Class Wireless-N Connectivity Highlights Provides cost-effective selectable or concurrent
More informationSecure Wireless Networking
Secure Wireless Networking In today s connected world, people expect seamless connectivity to their networks and the Internet. That s why Cisco Small Business Wireless s offer expanded range and coverage
More informationThis KnowledgeShare document addresses the main types of wireless networking today based on the IEEE 802.11 standard.
Wireless Networking Q&A Increased use of laptop computers within the enterprise, and increase in worker mobility have fuelled the demand for wireless networks. Up until recently, wireless technology was
More informationProject to set up Wireless Network for Midwest Home Health Agency
Project to set up Wireless Network for Midwest Home Health Agency Site Survey Report and Recommendations Submitted by: Asha B. Maghirang 12/8/2011 Midwest Home Health Agency is a home care provider, servicing
More informationLW310V2 Sweex Wireless 300N Router
LW310V2 Sweex Wireless 300N Router Please notice! On the included CD-ROM you will find the Setup Wizard. This easy install procedure will show you how to setup the router step-by-step. Do not expose the
More informationDemystifying Wireless for Real-World Measurement Applications
Proceedings of the IMAC-XXVIII February 1 4, 2010, Jacksonville, Florida USA 2010 Society for Experimental Mechanics Inc. Demystifying Wireless for Real-World Measurement Applications Kurt Veggeberg, Business,
More informationWireless LANs vs. Wireless WANs
White Paper Wireless LANs vs. Wireless WANs White Paper 2130273 Revision 1.0 Date 2002 November 18 Subject Supported Products Comparing Wireless LANs and Wireless WANs Wireless data cards and modules,
More informationEnterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003
Enterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003 Executive Summary The threat to network security from improperly secured WLANs is a real and present danger for today s enterprises.
More informationCisco RV110W Wireless-N VPN Firewall
Data Sheet Cisco RV110W Wireless-N VPN Firewall Simple, Secure Connectivity for the Small Office/Home Office Figure 1. Cisco RV110W Wireless-N VPN Firewall The Cisco RV110W Wireless-N VPN Firewall provides
More informationEAP9550 11N Wall Mount Access Point / WDS AP / Universal Repeater
EAP9550 is a powerful and multi-functioned 11n Access Point and it can act three modes AP/WDS/Universal Repeater. Smoke detector appearance will minimize visibility. So this model can work properly at
More informationHow To Protect A Wireless Lan From A Rogue Access Point
: Understanding Security to Ensure Compliance with HIPAA Healthcare is a natural environment for wireless LAN solutions. With a large mobile population of doctors, nurses, physician s assistants and other
More informationENHWI-N3. 802.11n Wireless Router
ENHWI-N3 802.11n Wireless Router Product Description Encore s ENHWI-N3 802.11n Wireless Router s 1T1R Wireless single chip can deliver up to 3x faster speed than of 802.11g devices. ENHWI-N3 supports home
More informationUnited States Trustee Program s Wireless LAN Security Checklist
United States Trustee Program s Wireless LAN Security Checklist In support of a standing trustee s proposed implementation of Wireless Access Points (WAP) in ' 341 meeting rooms and courtrooms, the following
More informationRunning Head: WIRELESS NETWORKING FOR SMALL BUSINESSES. Wireless Networking for Small Businesses. Russell Morgan. East Carolina University
Wireless Networking for Small Businesses 1 Running Head: WIRELESS NETWORKING FOR SMALL BUSINESSES Wireless Networking for Small Businesses Russell Morgan East Carolina University Wireless Networking for
More informationUsing Wireless Technology Securely
Using Wireless Technology Securely US-CERT In recent years, wireless networking has become more available, affordable, and easy to use. Home users are adopting wireless technology in great numbers. On-the-go
More informationTechnical Brief. Wireless Intrusion Protection
Technical Brief Wireless Intrusion Protection Introduction One layer of the multi-layer wireless security solution provided by Aruba Wireless Networks is the ability to lock the air using wireless intrusion
More informationMUNICIPAL WIRELESS NETWORK
MUNICIPAL WIRELESS NETWORK May 2009 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationRecommended 802.11 Wireless Local Area Network Architecture
NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless
More informationGolden N Wireless Mini USB Adapter. Model # AWLL6075 User s Manual. Rev. 1.2
Golden N Wireless Mini USB Adapter Model # AWLL6075 User s Manual Rev. 1.2 Table of Contents 1. Introduction...2 1.1 Package Contents...2 1.2 Features...2 2. Install the Wireless Adapter...3 3. Connect
More information