Computer Security in Wireless Networking
Uploaded by
ADAMU MUSA SANIComputer Security in Wireless Networking
Uploaded by
ADAMU MUSA SANIlOMoARcPSD|29012061
Computer Security IN Wireless Networking
Computer Networks/Communication (Afe Babalola University)
Scan to open on Studocu
Studocu is not sponsored or endorsed by any college or university
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
COMPUTER SECURITY IN WIRELESS NETWORKING
(WIRELESS LAN)
BY
EDWARD ESEOGHENE
17/Eng02/086
A PROJECT WORK SUBMITTED TO THE DEPARTMENT OF COMPUTER
SCIENCE, COLLEGE OF NATURAL AND APPLIED SCIENCES, AFE BABALOLA
UNIVERSITY, ADO EKITI, EKITI STATE
IN FULFILLMENT OF THE REQUIREMENT FOR THE AWARD OF THE
BACHELOR OF SCIENCE (BSC) DEGREE IN COMPUTER SCIENCE
JUNE 2021
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
APPROVAL PAGE
This work has been approved for the Department of Mathematical Science (Computer
Science), College of Natural and Applied Sciences Afe Babalola University Ado Ekiti ,Ekiti
State
________________ ________________
DR BELLO. Date
(Supervisor)
________________ ________________
Date
(Head of Department)
________________ ________________
External Examiner Date
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
CERTIFICATION
Edward Eseoghene, undergraduate student in the Department of Computer Science with
Registration Number 17/Eng02/086, has satisfactorily completed the requirements for the
Bachelor of Science (BSc) Degree in Computer Science. The work embodied in this project is
original and has not been submitted in part or in full for any other diploma or degree of this
or any other university.
________________ ________________
EDWARD ESEOGHENE DR BELLO
Student Supervisor
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
DEDICATION
This work is dedicated to Almighty God, the Alpha and Omega of my life.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
ACKNOWLEDGEMENTS
My unalloyed appreciation goes to his able and dynamic Supervisor Dr Bello for his
constructive criticism, cooperation, encouragement and time spent in reading and making
corrections to his work.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
EDWARD ESEOGHENE
17/ENG02/086
ABSTRACT
Wireless communication offer organizations and users many benefits such as portability and
flexibility, increased efficiency and reduced wiring costs. Wireless technologies cover a broad
range of differing capacities oriented toward different users and needs. Wireless local area
network (WLAN) devices, for instance, allow users to move their laptops from place to
place within their offices without the need for wires and without losing network connectivity.
Less wiring means greater flexibility, increased efficiency and reduced wiring costs. Adhoc
networks, such as those enabled by Bluetooth, allow data synchronization with network
system and application sharing between devices. Bluetooth functionally also eliminates
cables for printer and other device for printer and other peripheral device connections.
Handheld devices such as personal digital assistants (PDA) and cell phones allow remote
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
users to synchronize personal database and provide access to network services such as
wireless e-mail, Web browsing and internet access. Moreover, these technologies can offer
dramatic cost savings and new capacities to diverse applications ranging from retail settings
to manufacturing shop floors to first responder.
TABLE OF CONTENTS
CHAPTER ONE
1.1 Introduction. …………………………………………………………………………1
1.2 Statements of the problems......…………………………………………...…………1-2
1.3 Objective of the study ………………………………………………………………3-4
1.4 Research approach..... …………………………………………………………………4
1.5 Overview of Wireless Technology...... ……………………………………………..…5
1.6 Wireless Networks………………………………………………………………..…5-6
CHAPTER TWO
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
2.1 Wireless LAN Overview......……………………………………………………..……7
2.2 Brief History.....……………………………………………………………………..7-8
2.3 Frequency and Data Rates..... ......……………………………………………......... 8-9
2.4 802.11 Architecture.... ......………………………………………………………....9-10
2.5 Wireless LAN Components........ ......…………………………………………..10-11
2.6 Range........…………………………………..........................................................11-12
2.7 Benefits.........………………………………………………………………..........12-23
2.8 Security of 802.11 Wireless LANS..... ......…………………………………..............13
2.9 Security Features of 802.11 Wireless LANs per the Standard.....................................14
2.9.1 Authentication...........…………………………………………………..................15-16
2.9.2 Privacy............…………..……………………………………………………......16-17
2.9.3 Integrity..............…………..…………………………………………………......17-19
2.10 Problems with the IEEE 802.11 Standard Securities..............................................19-24
CHAPTER THREE
3.1 Overview of security requirement and threats.....………………………………...25-26
3.2 Loss of Confidentiality..........……………………………………………………..27-30
.3.3 Loss of Integrity..............…………………………………………………….............30
3.4 Loss of Network Availability.......................………………………………................31
3.5 Other security risks.........………………………………………………………....31-32
3.6 Risk Mitigation.........……………………………………………………………..32-33
3.6.1 Management Countermeasures...………………………………………………....33-34
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
3.6.2 Operational Countermeasures ........................……………………..…………......34-36
3.6.3 Technical Countermeasures..................................………………………………..….36
3.7 Software Solutions....................................................………………………………...37
3.7.1 Access Point Configuration....................................……………………………....37-40
3.7.2 Authentication.....................................……………………………………….......40-41
3.7.3 Personal Firewalls........................................………………………………………....41
CHAPTER FOUR
4.1 Wireless network monitoring channel/configuration..............................................42-52
4.2 Wireless Network login window....................................………………………….52-58
CHAPTER FIVE
5.1 Conclusion. ............................…………………………………………………....59-67
5.2 Recommendation...............................…………………………………………….68-69
5.3 References...................................………………………………………….................69
CHAPTER ONE
Introduction to Computer Security in wireless networking
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
1.1 Introduction
Wireless technologies have become increasingly popular in our everyday business and
personal lives. Personal digital assistants (PDA) allow individuals to access calendars, email,
address and phone number lists, and the Internet. Some technologies even offer global
positioning system (GPS) capabilities that can pinpoint the location of the device anywhere in
the world.
Wireless technologies promise to offer even more features and functions in the next few
years.
An increasing number of government agencies, businesses, and home users are using, or
considering using, wireless technologies in their environments. Agencies should be aware the
security risks associated with wireless technologies. Agencies need to develop strategies that
will mitigate risks as they integrate wireless technologies into their computing environments.
This document discusses certain wireless technologies, outlines the associated risks, and
offers guidance for mitigating those risks.
1.2 Statements of the problems
Pessimism regarding the apprehension of attackers is the primary inhibitor to greater
reporting. While more organizations as a percentage are experiencing insecurity in their
wireless networking, fewer organizations are reporting that they don't know if their wireless
networking are secured or not.
Attacks on wireless networking in computer have being surreptitious in nature, means that
detecting them can be difficult. Sophisticated hacking tools like root kits, loadable kernel
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
modules and log scrubbers, which enable attackers to cover their tracks and gained privileged
access to computer through wireless networking are now available.
It has also been discovered that a lot of agencies has employed the use of wireless networking
into their organization, without pre-knowledge of wireless networking and precaution to be
taken, therefore cursing havoc to their data's.
Examples of problem been discovered and reported are listed below:
1. The distributed denial of service attacks on Yahoo, eBay and other major Internet
players; through wireless networking
2. The recent case of organization documents that was tampered through wireless
networking by computer hackers.
3. Many system/networking engineers have encountered lot of difficulties in data
protection when configuring wireless networking.
4. A lot of networking engineers has rush into wireless networking without pre
knowledge and understanding of the basic principal of wireless networking, therefore
leaving many organization data unsecured.
Above are the problems encountered by the use of wireless networking, but with the help of
this project, the low rate of security in wireless networking will decrease.
1.3 Objective of the study
The purpose of this document is to provide agencies with guidance for establishing secure
wireless networks.1 Agencies are encouraged to tailor the recommended guidelines and
solutions to meet their specific security or business requirements.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
The documents address one of wireless technologies that government agencies will most
likely to employ: wireless local area network (WLAN) The document also addresses the use
of wireless handheld devices. The document does not address technologies such as wireless
radio and other WLAN standards that are not designed to the Institute of Electrical and
Electronics Engineers (IEEE) 802.11 standard. These technologies are out of the scope of this
document.
This document covers details specific to wireless technologies and solutions. The document is
technical in nature; however, it provides the necessary background to fully understand the
topics that are discussed.
Hence, the following list highlights how people with differing backgrounds might use this
document. These projects provide network solution to the following people:
1. Government managers who are planning to employ wireless networked computing
devices in their agencies (chief information officers, senior managers, etc.).
2. Systems engineers and architects when designing and implementing networks.
3. System administrators when administering, patching, securing, or upgrading wireless
networks.
4. Security consultants when performing security assessments to determine security
postures of wireless environments.
5. Researchers and analysts who are trying to understand the underlying wireless
technologies.
However this project provides an overview of designing software packages that can be use to
protect document or information when using wireless networking. The program will be
written with Visual Basic programming language.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
1.4 Research Approach
In this project, I started my research by bringing together some of the information I got from
many online seminar conducted, base on the issue and challenges of wireless networking
among computer users and wireless networking engineers within and outside the country. I
also backup my project with information I got from a member of a [Link]
technology Law Group Europe called Nick Lockett.
In addition I relate to the information and interview I have with a member of the world
Computer networking company called CISCO, base on the issues, challenges and security in
wireless networking. Lastly I relate to the interview I got from many networking engineers
base on their challenges when employing and implementing wireless networking in an
organization,
Therefore by the research carried out above with my full knowledge of computer as a
computer professional I then draft out the summary of issues arising on security in wireless
networking.
1.5 Overview of Wireless Technology
Wireless technologies, in the simplest sense, enable one or more devices to communicate
without physical connections— without requiring network or peripheral cabling. Wireless
technologies use radio frequency transmissions as the means for transmitting data, whereas
wired technologies use cables. Wireless technologies range from complex systems, such as
Wireless Local Area Networks (WLAN) and cell phones to simple devices such as wireless
headphones, microphones, and other devices that do not process or store information. They
also include infrared (IR) devices such as remote controls, some cordless computer keyboards
and mice, and wireless hi-fi stereo headsets, all of which require a direct line of sight between
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
the transmitter and the receiver to close the link. A brief overview of wireless networks,
devices, standards, and security issues is presented in this section.
1.6 Wireless Networks
Wireless networks serve as the transport mechanism between devices and among devices and
the traditional wired networks (enterprise networks and the Internet). Wireless networks are
many and diverse but are frequently categorized into three groups based on their coverage
range: Wireless Wide Area Networks (WWAN), WLANs, and Wireless Personal Area
Networks (WPAN). WWAN includes wide coverage area technologies such as 2G cellular,
Cellular Digital Packet Data (CDPD), Global System for Mobile Communications (GSM),
and Mobitex. WLAN, representing wireless local area networks, includes 802.11, HiperLAN,
and several others. WPAN represents wireless personal area network technologies such as
Bluetooth and IR. All of these technologies are “tetherless”- they receive and transmit
information using electromagnetic (EM) waves. Wireless technologies use wavelengths
ranging from the radio frequency (RF) band up to and above the IR band.2 the frequencies in
the RF band cover a significant portion of the EM radiation spectrum, extending from 9
kilohertz (kHz), the lowest allocated wireless communications frequency, to thousands of
gigahertz (GHz). As the frequency is increased beyond the RF spectrum, EM energy moves
into the IR and then the visible spectrum. This document focuses on WLAN technologies.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
CHAPTER TWO
Wireless LANs
This section provides a detailed overview of 802.11 WLAN technologies. The section
includes introductory material on the history of 802.11 and provides other technical
information, including 802.11 frequency ranges and data rates, network topologies,
transmission ranges, and applications. It examines the security threats and vulnerabilities
associated with WLANs and offer various means for reducing risks and securing WLAN
environments.
2.1 Wireless LAN Overview
WLAN technology and the WLAN industry date back to the mid-1980s when the Federal
Communications Commission (FCC) first made the RF spectrum available to industry,
During the 1980s and early 1990s, growth was relatively slow. Today, however, WLAN
technology is experiencing tremendous growth. The key reason for this growth is the
increased bandwidth made possible by the IEEE 802.11 standard.
2.2. Brief History
Motorola developed one of the first commercial WLAN systems with its Altair product.
However, early WLAN technologies had several problems that prohibited its pervasive use.
These LANs were expensive, provided low data rates, were prone to radio interference, and
were designed mostly to proprietary RF technologies. The IEEE initiated the 802.11 project
in 1990 with a scope to develop a Medium Access Control (MAC) and Physical Layer (PHY)
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
specification for wireless connectivity for fixed, portable, and moving stations within an
area." In 1997, IEEE first approved the 802.11 international interoperability standards.
Then, in 1999, the IEEE ratified the 802.11a and the 802.11b wireless networking
communication standards. The goal was to create a standards-based technology that could
span multiple physical encoding types, frequencies, and applications. The 802.11a standard
uses orthogonal frequency division multiplexing (OFDM) to reduce interference. This
technology uses the 5 GHz frequency spectrum and can process data at up to 54Mbps.
Although this section of the document focuses on the IEEE 802.11 WLAN standard, it is
important to note that several other WLAN technologies and standards are available from
which consumers may choose, including HiperLAN and HomeRF. For information on the
European Telecommunications Standards Institute (ETSI) developed HiperLAN, visit the
HiperLAN Alliance site.10 For more information on HomeRF, visit the HomeRF Working
Group site.11 This document does not address those technologies.
2.3 Frequency and Data Rates
IEEE developed the 802.11 standards to provide wireless networking technology like the
wired Ethernet that has been available for many years. The IEEE 802.11a standard is the most
widely adopted member of the 802.11 WLAN family. It operates in the licensed 5GHz band
using OFDM technology. The popular 802.11b standard operates in the unlicensed 2.4 GHz,
2.5 GHz Industrial, Scientific, and Medical (ISM) frequency band using a direct sequence
spread-spectrum technology. The ISM band has become popular for wireless communications
because it is available worldwide. The 802.11b WLAN technology permits transmission
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
speeds of up to 11 Mbits per second. This makes it considerably faster than the original IEEE
802.11 standard (that sends data at up to 2 Mbps) and slightly faster than standard Ethernet.
2.4
802.11 Architecture
The IEEE 802.11 standard permits devices to establish either peer-to-peer (P2P) networks
or networks based on fixed access points (AP) with which mobile nodes can communicate.
Hence, the standard defines two basic network topologies: the infrastructure network and the
ad hoc network. The infrastructure network is meant to extend the range of the wired LAN to
wireless cells. A laptop or other mobile device may move from cell to cell (from AP to AP)
while maintaining access to the resources of the LAN. A cell is the area covered by an AP and
is called a “basic service set” (BSS). The collection of all cells of an infrastructure network is
called an extended service set (ESS).
This first topology is useful for providing wireless coverage of building or campus areas.
By deploying multiple APs with overlapping coverage areas, organizations can achieve broad
network coverage.
WLAN technology can be used to replace wired LANs totally and to extend LAN
infrastructure.
A WLAN environment has wireless client stations that use radio modems to communicate to
an AP. The client stations are generally equipped with a wireless network interface card (NIC)
that consists of the radio transceiver and the logic to interact with the client machine and
software. An AP comprises essentially a radio transceiver on one side and a bridge to the
wired backbone on the other. The AP, a stationary device that is part of the wired
infrastructure, is analogous to a cell-site (base station) in cellular communications. All
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
communications between the client stations and between clients and the wired network go
through the AP.
Although most WLANs operate in the "infrastructure” mode and architecture described
above, another topology is also possible. This second topology, the ad hoc network, is meant
to easily interconnect mobile devices that are in the same area (e.g., in the same room). In this
architecture, client stations are grouped into a single geographic area and can be Internet-
worked without access to the wired LAN (infrastructure network). The interconnected
devices in the ad hoc mode are referred to as an independent basic service set (IBSS). The ad
hoc configuration is similar to a peer to-peer office network in which no node is required to
function as a server. As an ad hoc WLAN, laptops, desktops and other 802.11 devices can
share files without the use of an AP.
2.5 Wireless LAN Components
A WLAN comprises two types of equipment: a wireless station and an access point. A station,
or client, is typically a laptop or notebook personal computer (PC) with a wireless NIC.12 A
WLAN client may also be a desktop or handheld device (e.g., PDA, or custom device such as
a barcode scanner) or equipment within a kiosk on a manufacturing floor or other publicly
accessed area. Wireless laptops and notebooks—“wireless enabled” — are identical to
laptops and notebooks except that they use wireless NICs to connect to access points in the
network. The wireless NIC is commonly inserted in the client's Personal Computer Memory
Card International Association (PCMCIA) slot or Universal Serial Bus (USB) port. The NICs
use radio signals to establish connections to the WLAN.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
The AP, which acts as a bridge between the wireless and wired networks, typically comprises
a radio, a wired network interface such as 802.3, and bridging software. The AP functions as
a base station for the wireless network, aggregating multiple wireless stations onto the wired
network.
2.6 Range
The reliable coverage range for 802.11 WLANs depends on several factors, including data
rate required and capacity, sources of RF interference, physical area and characteristics,
power, connectivity, and antenna usage. Theoretical ranges are from 29 meters (for 11 Mbps)
in a closed office area to 485 meters (for 1 Mbps) in an open area.
However, through empirical analysis, the typical range for connectivity of 802.11 equipment
is approximately 50 meters (about 163 ft.) indoors. A range of 400 meters, nearly /4 mile,
makes WLAN the ideal technology for many campus applications. It is important to
recognize that special high-gain antennas can increase the range to several miles.
APs may also provide a "bridging” function. Bridging connects two or more networks
together and allows them to communicate- to exchange network traffic. Bridging involves
either a point-to-point or a multipoint configuration. In a point-to-point architecture, two
LANs are connected to each other via the LANs respective APs. In multipoint bridging, one
subnet on a LAN is connected to several other subnets on another LAN via each subnet AP.
For example, if a computer on Subnet A needed to connect to computers on Subnets B, C, and
D, Subnet A's AP would connect to B's, C's, and D's respective APs.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Enterprises may use bridging to connect LANs between different buildings on corporate
campuses. Bridging AP devices are typically placed on top of buildings to achieve greater
antenna reception. The typical distance over which one AP can be connected wirelessly to
another by means of bridging is approximately 2 miles. This distance may vary depending on
several factors including the specific receiver or transceiver being used.
2.7 Benefits
WLANs offer four primary benefits:
User Mobility— Users can access files, network resources, and the Internet without
having to physically connect to the network with wires. Users can be mobile yet retain
high-speed, real-time access to the enterprise LAN.
Rapid Installation - The time required for installation is reduced because network
connections can be made without moving or adding wires, or pulling them through
walls or ceilings, or making modifications to the infrastructure cable plant. For
example, WLANs are often cited as making LAN installations possible in buildings
that are subject to historic preservation rules.
Flexibility— Enterprises can also enjoy the flexibility of installing and taking down
WLANs in locations as necessary. Users can quickly install a small WLAN for
temporary needs such as a conference, trade show, or standards meeting.
Scalability— WLAN network topologies can easily be configured to meet specific
application and installation needs and to scale from small peer-to-peer networks to
very large enterprise networks that enable roaming over a broad area.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Because of these fundamental benefits, the WLAN market has been increasing steadily over
the past several years, and WLANs are still gaining in popularity. WLANs are now becoming
a viable alternative to traditional wired solutions. For example, hospitals, universities,
airports, hotels, and retail shops are already using technologies to conduct their daily business
operations.
2.8 Security of 802.11 Wireless LANs.
This section discusses the built-in security features of 802.11. It provides an overview of the
inherent security features to better illustrate its limitations and provide a motivation for some
of the recommendations for enhanced security. The IEEE 802.11 specification identified
several services to provide a secure operating environment. The security services are
provided largely by the Wired Equivalent Privacy (WEP) protocol to protect link-level data
during wireless transmission between clients and access points. WEP does not provide end-
to-end security, but only for the wireless portion of the connection.
2.9 Security Features of 802.11 Wireless LANs per the Standard
The three basic security services defined by IEEE for the WLAN environment are as
follows:
1. Authentication- A primary goal of WEP was to provide a security service to verify the
identity of communicating client stations. This provides access control to the network
by denying access to client stations that cannot authenticate properly. This service
addresses the question, "Are only authorized persons allowed to gain access to my
network?”
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
2. Confidentiality— Confidentiality, or privacy, was a second goal of WEP. It was
developed to provide "privacy achieved by a wired network.” The intent was to
prevent information compromise from casual eavesdropping (passive attack). This
service, in general, addresses the question, “Are only authorized persons allowed to
view my data?”
3. Integrity— Another goal of WEP was a security service developed to ensure that
messages are not modified in transit between the wireless clients and the access point
in an active attack. This service addresses the question, “Is the data coming into or
exiting the network trustworthy— has it been tampered with?”
It is important to note that the standard did not address other security services such as audit,
authorization, and non repudiation. The security services offered by 802.11 are described in
greater detail below.
2.9.1 Authentication
The IEEE 802.11 specification defines two means to “validate” wireless users attempting to
gain access to a wired network: open-system authentication and shared-key authentication.
One means, shared-key authentication, is based on cryptography, and the other is not. The
open system authentication technique is not truly authentication; the access point accepts the
mobile station without verifying the identity of the station. It should be noted also that the
authentication is only one-way: only the mobile station is authenticated. The mobile station
must trust that it is communicating to a real AP.
With Open System authentication, a client is authenticated if it simply responds with a MAC
address during the two-message exchange with an access point. During the exchange, the
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
client is not truly validated but simply responds with the correct fields in the message
exchange. Obviously, without cryptographic validation, open-system authentication is highly
vulnerable to attack and practically invites unauthorized access, Open-system authentication
is the only required form of authentication by the 802.11 specification.
Shared key authentication is a cryptographic technique for authentication. It is a simple
"challenge- response" scheme based on whether a client has knowledge of a shared secret. In
this scheme, as depicted conceptually in Figure 3-7, a random challenge is generated by the
access point and sent to the wireless client. The client, using a cryptographic key that is
shared with the AP, encrypts the challenge (or “nonce," as it is called in security vernacular)
and returns the result to the AP. The AP decrypts the result computed by the client and allows
access only if the decrypted value is the same as the random challenge transmitted. The
algorithm used in the cryptographic computation and for the generation of the 128-bit
challenge text is the RC4 stream cipher developed by Ron Rivest of MIT. It should be noted
that the authentication method just described is a rudimentary cryptographic technique, and it
does not provide mutual authentication. That is, the client does not authenticate the AP, and
therefore there is no assurance that a client is communicating with a legitimate AP and
wireless network. It is also worth noting that simple unilateral challenge-response schemes
have long been known to be weak. They suffer from numerous attacks including the infamous
"man-in-the-middle" attack. Lastly, the IEEE 802.11 specification does not require shared-
key authentication.
2.9.2 Privacy
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
The 802.11 standard supports privacy (confidentiality) through the use of cryptographic
techniques for the wireless interface. The WEP cryptographic technique for confidentiality
also uses the RC4 symmetric-key, stream cipher algorithm to generate a pseudo-random data
sequence. This “key stream” is simply added modulo 2 (exclusive OR-ed) to the data to be
transmitted. Through the WEP technique, data can be protected from disclosure during
transmission over the wireless link. WEP is applied to all data above the 802.11 WLAN
layers to protect traffic such as Transmission Control Protocol/Internet Protocol (TCP/IP),
Internet Packet Exchange (IPX), and Hyper Text Transfer Protocol (HTTP).
As defined in the 802.11 standard, WEP supports only a 40-bit cryptographic keys size for the
shared key. However, numerous vendors offer nonstandard extensions of WEP that support
key lengths from 40 bits to 104 bits. At least one vendor supports a key-size of 128 bits. The
104-bit WEP key, for instance, with a 24-bit Initialization Vector (IV) becomes a 128-bit RC4
key. In general, all other things being equal, increasing the key size increases the security of a
cryptographic technique. However, it is always possible for flawed implementations or
flawed designs to prevent long keys from increasing security. Research has shown that key
sizes of greater than 80-bits, for robust designs and implementations, make brute-force
cryptanalysis (code breaking) an impossible task. For 80-bit keys, the number of possible
keys- a key-space of more than 10 26 exceeds contemporary computing power. In practice,
most WLAN deployments rely on 40-bit keys. Moreover, recent attacks have shown that the
WEP approach for privacy is, unfortunately, vulnerable to certain attacks regardless of key-
size. However, the cryptographic, standards, and vendor WLAN communities have developed
enhanced WEP, which is available as a pre-standard vendor-specific implementations. The
attacks mentioned above are described later in the following sections.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
2.9.3 Integrity
The IEEE 802.11 specification also outlines a means to provide data integrity for messages
transmitted between wireless clients and access points. This security service was designed to
reject any messages that had been changed by an active adversary “in the middle.” This
technique uses a simple encrypted Cyclic Redundancy Check (CRC) approach. As depicted
in the diagram above, a CRC-32, or frame check sequence, is computed on each
payload prior to transmission. The integrity-sealed packet is then encrypted using the RC4
key stream to provide the cipher-text message. On the receiving end, decryption is performed
and the CRC is recomputed on the message that is received. The CRC computed at the
receiving end is compared with the one computed with the original message. If the CRCs do
not equal, that is, “received in error," this would indicate an integrity violation (an active
message spoofer), and the packet would be discarded. As with the privacy service,
unfortunately, the 802.11 integrity is vulnerable to certain attacks regardless of key size. In
summary, the fundamental flaw in the WEP integrity scheme is that the simple CRC is not a
“cryptographically secure” mechanism such as a hash or message authentication code.
The IEEE 802.11 specification does not, unfortunately, identify any means for key
management (life cycle handling of cryptographic keys and related material). Therefore,
generating, distributing, storing, loading, escrowing, archiving, auditing, and destroying the
material is left to those deploying WLANs. Key management (probably the most critical
aspect of a cryptographic system) for 802.11 is left largely as an exercise for the users of the
802.11 network. As a result, much vulnerability could be introduced into the WLAN
environment. These vulnerabilities include WEP keys that are non-unique, never changing,
factory-defaults, or weak keys (all zeros, all ones, based on easily guessed passwords, or
other similar trivial patterns). Additionally, because key management was not part of the
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
original 802.11 specification, with the key distribution unresolved, WEP secured WLANs do
not scale well. If an enterprise recognizes the need to change keys often and to make them
random, the task is formidable in a large WLAN environment.
For example, a large campus may have as many as 15,000 APs. Generating, distributing,
loading, and managing keys for an environment of this size is a significant challenge. It is has
been suggested that the only practical way to distribute keys in a large dynamic environment
is to publish it. However, a fundamental tenet of cryptography is that cryptographic keys
remain secret. Hence we have a major dichotomy. This dichotomy exists for any technology
that neglects to elegantly address the key distribution problem.
2.10 Problems with the IEEE 802.11 Standard Securities
This section discusses some known vulnerabilities in the standardized security of the 802.11
WLAN standards. As mentioned above, the WEP protocol is used in 802.11 based WLANS.
WEP in turn uses a RC4 cryptographic algorithm with a variable length key to protect traffic.
Again, the 802.11 standard supports WEP cryptographic keys of 40-bits. However, some
vendors have implemented products with keys 104-bit keys and even 128-bit keys. With the
addition of the 24-bit IV, the actual key used in the RC4 algorithm is 152 bits for the 128 bits
WEP key. It is worthy to note that some vendors generate keys after a keystroke from a user,
which, if done properly, using the proper random processes can result in a strong WEP key.
Other vendors, however, have based WEP keys on passwords that are chosen by users; this
typically reduces the effective key size.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Several groups of computer security specialists have discovered security problems that let
malicious users compromise the security of WLANs. These include passive attacks to decrypt
traffic based on statistical analysis, active attacks to inject new traffic from unauthorized
mobile stations (i.e., based on known plain text), active attacks to decrypt traffic (i.e., based
on tricking the access point), and dictionary-building attacks. The dictionary building attack
is possible after analyzing enough traffic on a busy network.
Security problems with WEP include the following:
1. The use of static WEP keys- many users in a wireless network potentially sharing the
identical key for long periods of time, is well-known security vulnerability. This is in
part due to the lack of any key management provisions in the WEP protocol. If a
computer such as a laptop were to be lost or stolen, the key could become
compromised along with all the other computers sharing that key. Moreover, if every
station uses the same key, a large amount of traffic may be rapidly available to an
eavesdropper for analytic attacks, such as 2 and 3 below.
2. The IV in WEP, as shown in Figure 3-8, is a 24-bit field sent in the clear text portion
of a message. This 24-bit string, used to initialize the key stream generated by the
RC4 algorithm, is a relatively small field when used for cryptographic purposes.
Reuse of the same IV produces identical key streams for the protection of data, and
the short IV guarantees that they will repeat after a relatively short time in a busy
network. Moreover, the 802.11 standard does not specify how the IVs are set or
changed, and individual wireless NICs from the same vendor may all generate the
same IV sequences, or some wireless NICs may possibly use a constant IV. As a
result, hackers can record network traffic, determine the key stream, and use it to
decrypt the cipher-text.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
3. The IV is a part of the RC4 encryption key. The fact that an eavesdropper knows 24-
bits of every packet key, combined with a weakness in the RC4 key schedule, leads to
a successful analytic attack, which recovers the key, after intercepting and analyzing
only a relatively small amount of traffic. This attack is publicly available as an attack
script and open source code.
4. WEP provides no cryptographic integrity protection. However, the 802.11 MAC
protocol uses a non cryptographic Cyclic Redundancy Check (CRC) to check the
integrity of packets, and acknowledge packets with the correct checksum. The
combination of non cryptographic checksums with stream ciphers is dangerous and
often introduces vulnerabilities, as is the case for WEP. There is an active attack that
permits the attacker to decrypt any packet by systematically modifying the packet and
CRC sending it to the AP and noting whether the packet is acknowledged. These
kinds of attacks are often subtle, and it is now considered risky to design encryption
protocols that do not include cryptographic integrity protection, because of the
possibility of interactions with other protocol levels that can give away information
about cipher text.
Note that only one of the four problems listed above depends on a weakness in the
cryptographic algorithm. Therefore, these problems would not be improved by substituting a
stronger stream cipher. For example, the third problem listed above is a consequence of a
weakness in the implementation of the RC4 stream cipher that is exposed by a poorly
designed protocol.
Some of the problems associated with WEP and 802.11 WLAN securities are summarized in
WEP. There is an active attack that permits the attacker to decrypt any packet by
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
systematically modifying the packet and CRC sending it to the AP and noting whether the
packet is acknowledged. These kinds of attacks are often subtle, and it is now considered
risky to design encryption protocols that do not include cryptographic integrity protection,
because of the possibility of interactions with other protocol levels that can give away
information about cipher text.
Key Problems with Existing 802.11 Wireless LAN Securities
Security Issue or Vulnerability Remarks
Security features in vendor products are frequently not enabled. Security features,
albeit poor in some cases, are not enabled when shipped, and users do not enable
when installed. Bad security is generally better than no security.
IVs are short (or static). 24-bit IVs cause the generated key stream to repeat.
Repetition allows easy decryption of data for a moderately sophisticated adversary.
Cryptographic keys are short.40-bit keys are inadequate for any system. It is generally
accepted that key sizes should be greater than 80 bits in length. The longer the key,
the less likely comprise is possible from a brute-force attack.
Cryptographic keys are shared. Keys that are shared can compromise a system. As the
number of people sharing the key grows, the security risks also grow. A fundamental
tenant of cryptography is that the security of a system is largely dependent on the
secrecy of the keys.
Cryptographic keys cannot be updated automatically and frequently. Cryptographic
keys should be changed often to prevent brute-force attacks.
RC4 has a weak key schedule and is inappropriately used in WEP. The combination of
revealing 24 key bits in the IV and a weakness in the initial few bytes of the RC4 key
stream leads to an efficient attack that recovers the key. Most other applications of
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
RC4 do not expose the weaknesses of RC4 because they do not reveal key bits and do
not restart the key schedule for every packet, This attack is available to moderately
sophisticated adversaries.
Packet integrity is poor. CRC32 and other linear block codes are inadequate for
providing cryptographic integrity. Message modification is possible. Linear codes are
inadequate for the protection against advertent attacks on data integrity.
Cryptographic protection is required to prevent deliberate attacks. Use of non
cryptographic protocols often facilitates attacks against the cryptography.
No user authentication occurs. Only the device is authenticated. A device that is stolen
can access the network.
Authentication is not enabled; only simple SSID identification occurs. Identity based
systems are highly vulnerable particularly in a wireless system because signals can be
more easily intercepted.
Device authentication is simple shared-key challenge-response. One-way challenge-
response authentication is subject to "man-in- the-middle” attacks. Mutual
authentication is required to provide verification that users and the network are
legitimate.
The client does not authenticate the AP. The client needs to authenticate the AP to
ensure that it is legitimate and prevent the introduction of rogue Aps.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
CHAPTER THREE
Security Requirements and Threats in wireless Networking.
3.1 Overview of security requirement and threats
As discussed above, the 802.11 WLAN— or WiFi-industry is burgeoning and currently has
significant momentum. All indications suggest that in the coming years numerous
organizations will deploy 802.11 WLAN technology. Many organizations, including retail
stores, hospitals, airports, and business enterprises- plan to capitalize on the benefits of
"going wireless.” However, although there has been tremendous growth and success,
everything relative to 802.11 WLANs has not been positive. There have been numerous
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
published reports and papers describing attacks on 802.11 wireless networks that expose
organizations to security risks. This subsection will briefly cover the risks to security- i.e.,
attacks on confidentiality, integrity, and network availability.
Network security attacks are typically divided into passive and active attacks. These two
broad classes are then subdivided into other types of attacks. All are defined below.
1. Passive Attack — An attack in which an unauthorized party gains access to an asset
and does not modify its content (i.e., eavesdropping). Passive attacks can be either
eavesdropping or traffic analysis (sometimes called traffic flow analysis). These two
passive attacks are described below.
i. Eavesdropping— The attacker monitors transmissions for message content. An
example of this attack is a person listening into the transmissions on a LAN
between two workstations or tuning into transmissions between a wireless handset
and a base station.
ii. Traffic analysis— The attacker, in a more subtle way, gains intelligence by
monitoring the transmissions for patterns of communication. A considerable
amount of information is contained in the flow of messages between
communicating parties.
2. Active Attack — An attack whereby an unauthorized party makes modifications to a
message, data stream, or file. It is possible to detect this type of attack but it may not
be preventable. Active attacks may take the form of one of four types (or combination
thereof): masquerading, replay, message modification, and denial-of service (DoS).
These attacks are defined below.
i. Masquerading— The attacker impersonates an authorized user and thereby gains
certain unauthorized privileges.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
ii. Replay- The attacker monitors transmissions (passive attack) and retransmits
messages as the legitimate user.
iii. Message modification - The attacker alters a legitimate message by deleting,
adding to, changing, or reordering it.
iv. Denial-of-service- The attacker prevents or prohibits the normal use or
management of communications facilities.
The risks associated with 802.11 are the result of one or more of these attacks. The
consequences of these attacks include, but are not limited to, loss of proprietary information,
legal and recovery costs, tarnished image, and loss of network service.
3.2 Loss of Confidentiality
Confidentiality is the property with which information is not made available or disclosed to
unauthorized individuals, entities, or processes. This is, in general, a fundamental security
requirement for most organizations. Due to the broadcast and radio nature of wireless
technology, confidentiality is a more difficult security requirement to meet in a wireless
network. Adversaries do not have to tap into a network cable to access network resources.
Moreover, it may not be possible to control the distance over which the transmission occurs.
This makes traditional physical security countermeasures less effective.
Passive eavesdropping of native 802.11 wireless communications may cause significant risk
to an organization.
An adversary may be able to listen in and obtain sensitive information including proprietary
information, network IDs and passwords, and configuration data. This risk is present because
the 802.11 signals may travel outside the building perimeter or because there may be an
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
“insider.” Because of the extended range of 802.11 broadcasts, adversaries can potentially
detect transmission from a parking lot or nearby roads. This kind of attack, performed
through the use of a wireless network analyzer tool or snifter, is particularly easy for two
reasons: 1) frequently confidentiality features of WLAN technology are not even enabled,
and 2) because of the numerous vulnerabilities in the 802.11 technology security, as discussed
above, determined adversaries can compromise the system.
Wireless packet analyzers, such as Air Snort and WEPcrack, are tools that are readily
available on the Internet today. Air-Snort is one of the first tools created to automate the
process of analyzing networks. Unfortunately, it is also commonly used for breaking into
wireless networks. Air Snort can take advantage of flaws in the key-scheduling algorithm that
was provided for implementation of RC4, which forms part of the original WEP standard. To
accomplish this, AirSnort requires only a computer running the Linux operating system and a
wireless network card. The software passively monitors the WLAN data transmissions and
computes the encryption keys after at least 100 MB of network packets have been sniffed. 15
On a highly saturated network, collecting this amount of data may only take three or four
hours; if traffic volume is low, it may take a few days. For example, a busy data access point
transmitting 3,000bytes at 11 Mbps will exhaust the 24-bit IV space after approximately 10
hours.16 If after ten hours the attacker recovers two cipher texts that have been using the
same key stream, both data integrity and confidentiality may be easily compromised. After
the network packets have been received, the fundamental keys may be guessed in less than
one second.17 Once the malicious user knows the WEP key, that person can read any packet
traveling over the WLAN. Such sniffing tools' wide availability, ease of use, and ability to
compute keys makes it essential for security administrators to implement secure wireless
solutions. Air snort may not be able to take advantage of the enhanced key-scheduling
algorithm of RC4 in a pre-standard implementation. Another risk to loss of confidentiality
through simple eavesdropping is broadcast monitoring. An adversary can monitor traffic,
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
using a laptop in promiscuous mode, when an access point is connected to a hub instead of a
switch. Hubs generally broadcast all network traffic to all connected devices, which leaves
the traffic vulnerable to unauthorized monitoring. Switches, on the other hand, can be
configured to prohibit certain attached devices from intercepting broadcast traffic from other
specified devices. For example, if a wireless access points were connected to an Ethernet hub,
a wireless device that is monitoring broadcast traffic could intercept data intended for wired
and wireless clients. Consequently, agencies should consider using switches instead of hubs
for connections to wireless access points.
WLANs risk loss of confidentiality following an active attack as well. Sniffing software as
described above can obtain user names and passwords (as well as any other data traversing
the network) as they are sent over a wireless connection. An adversary may be able to
masquerade as a legitimate user and gain access to the wired network from an AP.
Once "on the network,” the intruder can scan the network using purchased or publicly and
readily available tools. The malicious eavesdropper then uses the user name, password, and
IP address information to gain access to network resources and sensitive corporate data.
Lastly, rogue APs pose a security risk. A malicious or irresponsible user could, physically and
surreptitiously, insert a rogue AP into a closet, under a conference room table, or any other
hidden area within a building. The rogue AP could then be used to allow unauthorized
individuals to gain access to the network. As long as its location is in close proximity to the
users of the WLAN, and it is configured so as to appear as a legitimate AP to wireless clients,
then the rogue AP can successfully convince wireless clients of its legitimacy and cause them
to send traffic through it. The rogue AP can intercept the wireless traffic between an
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
authorized AP and wireless clients. It need only be configured with a stronger signal than the
existing AP to intercept the client traffic. A malicious user can also gain access to the wireless
network through APs that are configured to allow access without authorization.19 It is also
important to note that rogue access points need not always be deployed by malicious users. In
many cases, rogue APs are often deployed by users who want to take advantage of wireless
technology without the approval of the IT department. Additionally, since rogue APs are
frequently deployed without the knowledge of the security administrator, they are often
deployed without proper security configurations.
3.3 Loss of Integrity
Data integrity issues in wireless networks are similar to those in wired networks. Because
organizations frequently implement wireless and wired communications without adequate
cryptographic protection of data, integrity can be difficult to achieve. A hacker, for example,
can compromise data integrity by deleting or modifying the data in an e mail from an account
on the wireless system. This can be detrimental to an organization if important e-mail is
widely distributed among e-mail recipients. Because the existing security features of the
802.11 standard do not provide for strong message integrity, other 3-22 kinds of active
attacks that compromise system integrity are possible. As discussed before, the WEP-based
integrity mechanism is simply a linear CRC. Message modification attacks are possible when
cryptographic checking mechanisms such as message authentication codes and hashes are not
used.
3.4 Loss of Network Availability
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
A denial of network availability involves some form of DoS attack, such as jamming,
Jamming occurs when a malicious user deliberately emanates a signal from a wireless device
in order to overwhelm legitimate wireless signals. Jamming may also be inadvertently caused
by cordless phone or microwave oven emissions. Jamming results in a breakdown in
communications because legitimate wireless signals are unable to communicate on the
network. Non-malicious users can also cause a DoS. A user, for instance, may unintentionally
monopolize a wireless signal by downloading large files, effectively denying other users
access to the network. As a result, agency security policies should limit the types and
amounts of data that users are able to download on wireless networks.
3.5 Other Security Risks
With the prevalence of wireless devices, more users are seeking ways to connect remotely to
their own organization's networks. One such method is the use of entrusted, third-party
networks. Conference centers, for example, commonly provide wireless networks for users to
connect to the Internet and subsequently to their own organizations while at the conference.
Airports, hotels, and even some coffee franchises are beginning to deploy 802.11 based
publicly accessible wireless networks for their customers, even offering VPN capabilities for
added security.
These untrusted public networks introduce three primary risks: 1) because they are public,
they are accessible by anyone, even malicious users; 2) they serve as a bridge to a user's own
network, thus potentially allowing anyone on the public network to attack or gain access to
the bridged network; and 3) they use high-gain antennas to improve reception and increase
coverage area, thus allowing malicious users to eavesdrop more readily on their signals.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
By connecting to their own networks via an entrusted network, users may create
vulnerabilities for their company networks and systems unless their organizations take steps
to protect their users and themselves. Users typically need to access resources that their
organizations deem as either public or private. Agencies may want to consider protecting
their public resources using an application layer security protocol such as Transport Layer
Security (TLS), the Internet Engineering Task Force standardized version of Secure Sockets
Layer (SSL). However, in most agencies, this is unnecessary since the information is indeed
public already. For private resources, agencies should consider using a VPN solution to
secure their connections because this will help prevent eavesdropping and unauthorized
access to private resources,
Lastly, as with any network, social engineering and dumpster diving are also concerns.
An enterprise should consider all aspects of network security when planning to deploy the
wireless network.
3.6 Risk Mitigation
Government agencies can mitigate risks to their WLANs by applying countermeasures to
address specific threats and vulnerabilities. Management countermeasures combined with
operational and technical countermeasures can be effective in reducing the risks associated
with WLANs. The following guidelines will not prevent all adversary penetrations, nor will
these countermeasures necessarily guarantee a secure wireless networking environment. This
section describes risk-mitigating steps for an agency, recognizing that it is impossible to
remove all risks. Additionally, it should be clear that there is no “one size fits all 3-23
solution when it comes to security. Some agencies may be able or willing to tolerate more
risk than others. Also, security comes at a cost: either in money spent on security equipment,
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
in inconvenience and maintenance, or in operating expenses. Some agencies may be willing
to accept risk because applying various countermeasures may exceed financial or other
constraints.
3.6.1 Management Countermeasures
Management countermeasures for securing wireless networks begin with a comprehensive
security policy. A security policy, and compliance therewith, is the foundation on which other
countermeasures— the operational and technical — are rationalized and implemented. A
WLAN security policy should be able to do the following:
a) Identify who may use WLAN technology in an agency
b) Identify whether Internet access is required
c) Describe who can install access points and other wireless equipment
d) Provide limitations on the location of and physical security for access points
e) Describe the type of information that may be sent over wireless links
f) Define standard security settings for access points
g) Describe limitations on how the wireless device may be used, such as location
h) Describe the hardware and software configuration of all wireless devices
i) Provide guidelines on reporting losses of wireless devices and security incidents
j) Provide guidelines for the protection of wireless clients to minimize/reduce theft
k) Provide guidelines on the use of encryption and key management
l) Define the frequency and scope of security assessments to include access point
discovery.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Agencies should ensure that all critical personnel are properly trained on the use of wireless
technology. Network administrators need to be fully aware of the security risks that WLANs
and devices pose. They must work to ensure security policy compliance and to know what
steps to take in the event of an attack. Finally, the most important countermeasures are trained
and aware users.
3.6.2 Operational Countermeasures
Physical security is the most fundamental step for ensuring that only authorized users have
access to wireless computer equipment. Physical security combines such measures as access
controls, personnel identification, and external boundary protection. As with facilities
housing wired networks, facilities supporting wireless networks need physical access
controls. For example, photo identification, card badge readers, or biometric devices can be
used to minimize the risk of improper penetration of facilities. Biometric systems for physical
access control include palm scans, hand geometry, iris scans, retina scans, fingerprint, voice
pattern, signature dynamics, or facial recognition. External boundary protection can include
locking doors and installing video cameras for surveillance around the perimeter of a site to
discourage unauthorized access to wireless networking components such as wireless APs.
It is important to consider the range of the AP when deciding where to place an AP in a
WLAN environment. If the range extends beyond the physical boundaries of the office
building walls, the extension creates security vulnerability. An individual outside of the
building, perhaps “war-driving,” could eavesdrop on network communications by using a
wireless device that picks up the RF emanations. A similar consideration applies to the
implementation of building-to-building bridges. Ideally, the APs should be placed
strategically within a building so that the range does not exceed the physical perimeter of the
building and allow unauthorized personnel to eavesdrop near the perimeter. Agencies should
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
use site survey tools (see next paragraph) to measure the range of AP devices, both inside and
outside of the building where the wireless network is located. In addition, agencies should use
wireless security assessment tools (e.g., vulnerability assessment) and regularly conduct
scheduled security audits.
Site survey tools are available to measure and secure AP coverage. The tools, which some
vendors include with their products, measure the received signal strength from the APs.
These measurements can be used to map out the coverage area. However, security
administrators should use caution when interpreting the results because each vendor
interprets the received signal strength differently. Some AP vendors also have special features
that allow control of power levels and therefore the range of the AP. This is useful if the
required coverage range is not broad because, for example, the building or room in which
access to the wireless network is needed happens to be small. Controlling the coverage range
for this smaller building or room may help prevent the wireless room signals from extending
beyond the intended coverage area. Agencies could additionally use directional antennas to
control emanations. However, directional antennas do not protect network links; they merely
help control coverage range by limiting signal dispersion.
Although mapping the coverage area may yield some advantage relative to security, it should
not be seen as an absolute solution. There is always the possibility that an individual might
use a high-gain antenna to eavesdrop on the wireless network traffic. It should be recognized
that only through the use of strong cryptographic means can a user gain any assurance against
true eavesdropping adversaries. The following paragraphs discuss how cryptography (Internet
Protocol Security [IPsec] and VPNs) can be used to thwart many attacks.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
3.6.3 Technical Countermeasures
Technical countermeasures involve the use of hardware and software solutions to help secure
the wireless environment. Software countermeasures include proper AP configurations (i.e.,
the operational and security settings on an AP), software patches and upgrades,
authentication, intrusion detection systems (IDS), and encryption. Hardware solutions include
smart cards, VPNs, public key infrastructure (PKI), and biometrics.21 It should be noted that
hardware solutions, which generally have software components, are listed simply as hardware
solutions.
3.7 Software Solutions
Technical countermeasures involving software include properly configuring access points,
regularly updating software, implementing authentication and IDS solutions, performing
security audits, and adopting effective encryption. These are described in the paragraphs
below.
3.7.1 Access Point Configuration
Network administrators need to configure APs in accordance with established security
policies and requirements. Properly configuring administrative passwords, encryption
settings, reset function, automatic network connection function, Ethernet MAC Access
Control Lists (ACL), shared keys, and Simple Network Management Protocol (SNMP)
agents will help eliminate many of the vulnerabilities inherent in a vendor's software default
configuration.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Updating default passwords: Each WLAN device comes with its own default settings, some
of which inherently contain security vulnerabilities. The administrator password is a prime
example. On some APs, the factory default configuration does not require a password (i.e.,
the password field is blank). Unauthorized users can easily gain access to the device if there
is no password protection. Administrators should change default settings to reflect the
agency's security policy, which should include the requirement for strong (i.e., an
alphanumeric and special character string at least eight characters in length) administrative
passwords. If the security requirement is sufficiently high, an agency should consider using
an automated password generator. An alternative to password authentication is two-factor
authentication. One form of two-factor authentication uses a symmetric key algorithm to
generate a new code every minute. This code is a one-time use code that is paired with the
user's personal identification number (PIN) for authentication. Another example of two-factor
authentication is pairing the user's smart card with the user's PIN. This type of authentication
requires a hardware device reader for the smart card or an authentication server for the PIN.
Several commercial products provide this capability. However, use of an automated password
generator or two-factor authentication mechanism may not be worth the investment,
depending on the agency's security requirements, number of users, and budget constraints.
Given the need to ensure good password authentication and policies, it is important to note
the critical importance of ensuring that the management interface has the proper
cryptographic protection to prevent the unauthorized disclosure of the passwords over the
management interface. Numerous mechanisms exist that can be exploited to ensure that
encrypted access protects those critical "secrets” in transit.
Secure Shell (SSH) and SSL are two such mechanisms.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Using MAC ACL functionality: A MAC address is a hardware address that uniquely
identifies each computer (or attached device) on a network. Networks use the MAC address
to help regulate communications between different computer NICs on the same network
subnet. Many 802.11 product vendors provide capabilities for restricting access to the WLAN
based on MAC ACLs that are stored and distributed across many APs. The MAC ACL grants
or denies access to a computer using a list of permissions designated by MAC address.
However, the Ethernet MAC ACL does not represent a strong defense mechanism by itself.
Because MAC addresses are transmitted in the clear from a wireless NIC to an AP, the MAC
can be easily captured. Malicious users can spoof a MAC address by changing the actual
MAC address on their computer to a MAC address that has access to the wireless network.
This countermeasure may provide some level of security; however, users should use this with
caution. This may be effective against casual eavesdropping but will not be effective against
determined adversaries.
Users may want to consider this as part of an overall defense-in-depth strategy, adding levels
of security to reduce the likelihood of problems. However, users should weigh the
administrative burden of enabling the MAC ACL (assuming they are using MAC ACLs)
against the true security provided. In a medium-to-large network, the burden of establishing
and maintaining MAC ACLs may exceed the value of the security countermeasure.
Additionally, most products only support a limited number of MAC addresses in the MAC
ACL. The size of the access control list may be insufficient for medium-to-large networks.
Changing default cryptographic keys: The manufacturer may provide one or more keys to
enable shared-key authentication between the device trying to gain access to the network and
the AP. Using a default shared-key setting forms a security vulnerability because many
vendors use identical shared keys in their factory settings. A malicious user may know the
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
default shared key and use it to gain access to the network. Changing the default shared key
setting to another key will mitigate the risk. For example, the shared key could be changed to
“954617" instead of using a factory default shared key of "111111." No matter what their
security level, agencies should change the shared key from the default setting because it is
easily exploited. In general, agencies should opt for the longest key lengths (e.g., 104 bits).
Finally, a generally accepted principle for proper key management is to change cryptographic
keys often and when there are personnel changes.
3.7.2 Authentication
In general, effective authentication solutions are a reliable way of permitting only authorized
users to access a network. Authentication solutions include the use of usernames and
passwords; smart cards, biometrics, or PKI; or a combination of solutions (e.g., smart cards
with PKI).27 When relying on usernames and passwords for authentication, it is important to
have policies specifying minimum password length, required password characters, and
password expiration. Smart cards, biometrics, and PKI have their own individual
requirements and will be addressed in greater detail later in this document.
All agencies should implement a strong password policy, regardless of the security level of
their operations. Strong passwords are simply a fundamental measure in any environment.
Agencies should also consider other types of authentication mechanisms (e.g., smart cards
with PKI) if their security levels warrant additional authentication. These mechanisms may be
integrated into a WLAN solution to enhance the security of the system. However, users
should be careful to fully understand the security provided by enhanced authentication. This
does not in and of itself solve all problems. For example, a strong password scheme used for
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
accessing parameters on a NIC card does nothing to address the problem with WEP
cryptography.
3.7.3 Personal Firewalls
Resources on public wireless networks have a higher risk of attack since they generally do
not have the same degree of protection as internal resources. Personal firewalls offer some
protections against certain attacks. Personal firewalls are software-based solutions that reside
on a client's machine and are either client-managed or centrally managed. Client-managed
versions are best suited to low-end users because individual users are able to configure the
firewall themselves and may not follow any specific security guidelines. Centrally managed
solutions provide a greater degree of protection because IT departments configure and
remotely manage them. Centrally managed solutions allow organizations to modify client
firewalls to protect against known vulnerabilities and to maintain a consistent security policy
for all remote users. Some of these high-end products also have VPN and audit capabilities.
Although personal firewalls offer some measure of protection, they do not protect against
advanced forms of attack. Depending on the security requirement, agencies may still need
additional layers of protection. Users that access public wireless networks in airports or
conference centers, for example, should use a personal firewall. Personal firewalls also
provide additional protection against rogue access points that can be easily installed in public
places.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
CHAPTER FOUR
System design and implementation
Designing, configuring and avoiding unauthorized access in wireless networking
4.1 Wireless Network Monitoring Channel/Configuration
Wireless network configuration and monitoring channel show an example of how wireless
network software can be design, configured and monitor the use of the network.
The programming language I use in designing the software is Visual Basic programming
language.
In this program the component of visual basic toolbar use are the following:
1. LABEL
2. TEXTFIELD
3. OPTION BUTTON
4. CHECK BOX
5. COMBO BOX
6. COMMAND BUTTON
7. LIST BOX
8. The Microsoft Tabbed Dialog (SSTab)
9. LINE
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
10. IMAGE
11. FRAME
Fig 1.1 shows the main form called Network Monitoring Channel/Configuration (frm
Wireless Network). The form contain Tab property which contain “Configuration Channel”
and “Computer on the network” as shown in fig 1.1
To secure the network, network name (SSID) and Network Access Point (A.P) has been
hidden; clicking the show button will make the network name or Access Point visible, but
will request for password as showed in fig 1.2, entering the wrong password will prevent the
SSID or A.P from being visible.
Another important features wireless network is the Access Key, here the access key is been
set by network owner. To assign the access key the two fields must match (the key field and
confirmation field) as shown in fig 1.3
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
[Link] = 1455
Command3. Visible = True
End Sub
Private Sub cmdShowAP_Click()
If [Link] = "Show" Then [Link]
ElseIf [Link] = "Hide" Then
[Link] = ""
[Link] = "Show"
End If End Sub
Private Sub cmdSSIDShow_Click()
If [Link] = "Show" Then
[Link]
ElseIf [Link] = "Hide" Then
[Link] = ""
cmdSSID [Link] = "Show"
End If
End Sub
Private Sub Command3_Click()
[Link] = 4215
Command3. Visible = False
End Sub
Private Sub Command5_Click()
If [Link] = [Link] Then
MsgBox "Thanks, network key accepted successfully", vbOKOnly + vbInformation,
"Network key insertion"
[Link] = True
[Link] = True
[Link] = False
Else
MsgBox "Network key does not match, please re-enter key to match", vbOKOnly +
VbExclamation, "incorrect network key"
[Link] = “”
[Link] = “”
[Link]
[Link] = False
End If
End Sub
Private Sub Form Load
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
[Link] "30"
[Link] "25"
[Link] "20"
[Link] "15"
[Link] "10"
[Link] "5"
[Link] "Yes"
[Link] "No"
[Link] "Yes, but prompt for key"
[Link] "Yes but alert the owner"
[Link] "Rector pc"
[Link] "Rector Secretary pc"
[Link] "Registrar Office pc"
[Link] "Registrar Secretary pc"
[Link] "HOD Computer Science pc"
[Link] "HOD Computer Science secretary pc"
[Link] "HOD Computer Engineer pc"
[Link] "HOD Computer Engineer Secretary pc"
[Link] "HOD Accountancy pc"
[Link] "HOD Accountancy secretary pc"
[Link] "HOD Business Admin pc"
[Link] "HOD Business Admin secretary pc"
[Link] "HOD Elect/Elect pc"
[Link] "HOD Elect/Elect secretary pc"
[Link] "PC 1"
[Link] "PC 2"
[Link] "PC 3"
[Link] "PC 4"
[Link] "PC 5"
[Link] "PC 6"
[Link] "PC 7"
[Link] "PC 8"
[Link] "PC 9"
[Link] "PC 10"
End Sub
Private Sub List1 Click()
If [Link] = "Rector pc" Then
[Link] = "2434"
ElseIf [Link] = "Rector Secretary pc" Then
[Link] = "0709"
ElseIf [Link] = "Registrar Office pc" Then
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
lblAcode. Caption = "8021
ElseIf [Link] = "Registrar Secretary pc" Then
IblAcode. Caption = "8045"
ElseIf [Link] = "HOD Computer Science pc" Then
IblAcode. Caption = "7512"
ElseIf [Link] = "HOD Computer Science secretary pc" Then
[Link] = "4588"
ElseIf [Link] = "HOD Computer Engineer pc" Then
[Link] = "9967"
ElseIf [Link] = "HOD Computer Engineer Secretary pc" Then
[Link] = "5109"
ElseIf [Link] = "HOD Accountancy pc" Then
[Link] = "0612"
ElseIf [Link] = "HOD Accountancy secretary pc" Then
IblAcode. Caption = "1177"
ElseIf [Link] = "HOD Business Admin pc" Then
[Link] = "8780"
ElseIf [Link] = "HOD Business Admin secretary po" Then
lblAcode. Caption = "4322"
ElseIf [Link] = "HOD Elect/Elect pc" Then
IblAcode. Caption = "9067"
ElseIf [Link] = "HOD Elect/Elect secretary pc" Then
IblAcode. Caption = "6712"
ElseIf [Link] = "PC 1" Then
[Link] = " Access not yet available"
ElseIf [Link] = "PC 2" Then
[Link] = " Access not yet available"
ElseIf [Link] = "PC 3" Then
[Link]=" Access not yet available"
ElseIf [Link] = "PC 4" Then
IblAcode. Caption = " Access not yet available"
ElseIf [Link] = "PC 5" Then
IblAcode. Caption =" Access not yet available"
ElseIf [Link] = "PC 6" Then
IblAcode. Caption = " Access not yet available"
ElseIf [Link] = "PC 5" Then
[Link] =" Access not yet available"
ElseIf [Link] = "PC 8" Then
[Link]=" Access not yet available"
ElseIf [Link] = "PC 9" Then
[Link] = " Access not yet available"
ElseIf [Link] = "PC 10" Then
[Link]=" Access not yet available"
End If
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
End Sub
Private Sub Option3_Click()
[Link] = 1455
Command3. Visible = False
End Sub
Private Sub Option4_
Click Command3. Visible = True
End Sub
Private Sub txtNK1 Change()
[Link] = True
End Sub
Login AP
Option Explicit
Public LoginSucceeded As Boolean
Private Sub cmdCancel_Click()
'set the global var to false
'to denote a failed
login LoginSucceeded = False
Me. Hide
End Sub
Private Sub cmdOK_Click()
'check for correct password
If txtPassword = "allo190verwn" Then
[Link] = "[Link]/network/[Link]"
LoginSucceeded = True
[Link] = "Hide"
[Link] = “”
Me. Hide
Else
MsgBox "Invalid Password, try again!",, " Login"
[Link]
SendKeys "{Home}+{End}"
End If
End Sub
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Login SSID
Option Explicit
Public LoginSucceeded As Boolean
Private Sub cmdCancel_Click()
LoginSucceeded = False
Me. Hide
End Sub
Private Sub cmdOK_Click()
'check for correct password
If txtPassword = "allo190verwn" Then
[Link] = "AlloverWN180Pro"
LoginSucceeded = True
[Link] = "Hide"
[Link] = “”
Me. Hide
Else
MsgBox "Invalid Password, try again!",,
"Login" txtPassword. SetFocus
SendKeys "{Home}+{End}"
End If
End Sub
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
4.2 Wireless Network login window.
This section how the wireless network can be connected also can be secure form
unauthorized access.
Fig 2.1 show how computer indicate and identified the wireless network found within a
specific location, bellow is the full screen of the message box. When the user click on “Show
List" button the form expand and the list of the wireless network detected appear in the list as
shown in fig 2.2
When the user click on other network they automatically connected because they are not
secured (fig 2.2), but when the user click on “AlloverWN180Pro wireless network" it prompt
for access key from the network server (fig 2.3 and 2.4), which bring about security in the
wireless network.
Fig 2.5 show a congratulation message as the user enter correct access key, and the computer
was connected to the network.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Code for Wireless network login form
Private Sub Command1 Click()
If [Link] = "Show List" Then
[Link] = 6390
[Link] = "Hide"
ElseIf [Link] = "Hide" Then
[Link] = 2775
Command1. Caption = "Show List"
End If
End Sub
Private Sub Command2_Click()
If List1 = "Allover WN180Pro wireless network" Then
[Link]
[Link]
Else MsgBox "You are now connected", vbOKOnly + vbExclamation, "Now Connected"
Unload Me
End If
End Sub
Private Sub Command3_Click()
Unload Me
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
End Sub
Private Sub Form Load()
[Link] "Ota wireless network"
[Link] "Covenant wireless network"
[Link] "Sona wireless network"
[Link] "Allover WN180Pro wireless network"
[Link] "Bell wireless network"
End Sub
Private Sub List1_Click()
[Link] = True
End Sub
Login Wireless
Private Sub Commandl Click()
If [Link] = "allover49r800ce" Then
MsgBox "Congratulation, you are now connected to the network", vbOKOnly +
vbExclamation, "Now connected"
Unload Me
Else
MsgBox "Access denied", vbOKOnly, "Incorect access key"
End If
End Sub
Private Sub Command2_Click()
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Unload Me
End Sub
Private Sub Command3_Click()
[Link]
Unload Me
End Sub
Private Sub Text1_Change()
[Link].= True
End Sub
CHAPTER FIVE
Conclusion and Recommendation
5.1 Conclusion
Wireless communications offer organizations and users many benefits such as portability and
flexibility, increased productivity, and lower installation costs. Wireless technologies cover a
broad range of differing capabilities oriented toward different uses and needs.
Wireless local area network (WLAN) devices, for instance, allow users to move their laptops
from place to place within their offices without the need for wires and without losing network
connectivity. Less wiring means greater flexibility, increased efficiency, and reduced wiring
costs.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Moreover, these technologies can offer dramatic cost savings and new capabilities to diverse
applications ranging from retail settings to manufacturing shop floors to first responders.
However, risks are inherent in any wireless technology. Some of these risks are similar to
those of wired networks; some are exacerbated by wireless connectivity; some are new.
Perhaps the most significant source of risks in wireless networks is that the technology's
underlying communications medium, the airwave, is open to intruders, making it the logical
equivalent of an Ethernet port in the parking lot.
The loss of confidentiality and integrity and the threat of denial of service (DOS) attacks are
risks typically associated with wireless communications. Unauthorized users may gain access
to agency systems and information, corrupt the agency's data, consume network bandwidth,
degrade network performance, and launch attacks that prevent authorized users from
accessing the network, or use agency resources to launch attacks on other networks.
Specific threats and vulnerabilities to wireless networks and handheld devices include the
following:
All the vulnerabilities that exist in a conventional wired network apply to wireless
technologies.
Malicious entities may gain unauthorized access to an agency's computer network
through wireless connections, bypassing any firewall protections.
Sensitive information that is not encrypted (or that is encrypted with poor
cryptographic techniques) and that is transmitted between two wireless devices may
be intercepted and disclosed.
DoS attacks may be directed at wireless connections or devices.
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Malicious entities may steal the identity of legitimate users and masquerade as them
on internal or external corporate networks.
Sensitive data may be corrupted during improper synchronization Malicious entities
may be able to violate the privacy of legitimate users and be able to track their
movements.
Malicious entities may deploy unauthorized equipment (e.g., client devices and access
points) to surreptitiously gain access to sensitive information.
Handheld devices are easily stolen and can reveal sensitive information.
REFERENCES
Khatod, Anil, (2004). Five Steps To WLAN Security A Layered Approach. Air Defense
Inc. November 4, 2004 12:00 PM ET,
[Link]
_A_Layered_Approach
Wireless LAN Security802.11b and Corporate Networks An Technical White Paper,
2001, Internet Security Systems, Inc.
Bidgoli, Hossein, (2006). Handbook of Information Security, Threats , Vulnerabilities,
Prevention, Detection, and Management. Volume 3, Wily, 2006.
Securing Wireless Local Area Networks . A VeriSign/Soltrus White Paper 2003
VeriSign, Inc. All rights reserved.
Wireless Networking Basics, NETGEAR, Inc. October 2005, v1.0, October 2005
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
Goldsmith, Colin, (2004). Wireless Local Area Networking For Device Monitoring,
Master thesis, University of Rochester Rochester, New York
Lansford, J., (2000). HomeRFTM/SWAP: A Wireless Voice and Data System for the
Home. Intel Communications Architecture Labs. Hillsboro, Oregon, 200
O'Hara, B. & Petrick, A., (1999). IEEE 802.11 Handbook: A Designer's Companion,
Standards Information Network, IEEE Press, New York, New York, 1999.
The Wireless LAN Standard. Cisco Systems, 2000.
802.11a: A Very-High-Speed, Highly Scalable Wireless LAN Standard., White Paper,
2002, [Link]
Wireless Networking Choices for the Broadband Internet Home., White Paper, 2001.
[Link]
Wireless LAN Securit. Symantec Corporation, 2002.
Flickenger, Roger Weeks. (2005). Wireless Hacks , 2nd Edition, O'Reilly, 2005
Clark, David, Pogran, Kenneth T. & Wed, David p. (1978). An Introduction to Local
Area Networks. Proceedings of the IEEE, Vol. 66, 11, November 1978.
Putman, Byron W.(2005). WLAN Hands-On Analysis AuthorHouse, 2005.
Aziz, Farhan Muhammad, (2003). Implementation and Analysis of Wireless Local
Area Networks for High- Mobility Telemetric. Master Thesis submitted to the Faculty
of Virginia Polytechnic Institute and State University, Blacksburg, Virginia.
Franklin, Tom, (2010). Wireless Local Area Networks. TechLearn, The Network Centre,
Innovation Close, [Link]
Holt, Keith, (2005). Wireless LAN: Past, Present, and Future. Intel Corporation.
Negus, Kevin J., & Petrick, Al, (2009). History of Wireless Local Area Networks
(WLANs) in the Unlicensed Bands info, Vol. 11 Iss: 5, pp.36 - 56.
Prem, Edward C., (2000). Wireless Local Area Networks [Link]
[Link]/~jain/cis788-97/wireless_lans/[Link]
Chandramouli, Vijay, (2005). Detailed Study on Wireless LAN Technologies.
[Link] [Link], 2005
Williams, Stuart K. (1999). IrDA - Past, Present and Future. Hewlett-Packard Company
2013.
Kahn, Joseph M. & Barry, John R. (1997). Wireless Infrared Communications
Proceedings of the IEEE Vol. 85. NO. , February 1997.
Gfeller, F. R. & Bapst, U. H., (1979). Wireless in-house data communication via diffuse
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
lOMoARcPSD|29012061
infrared radiation. Proc. IEEE, vol. 67, pp. 1474–1486, Nov. 1979.
Smyth, P. P., Eardley, P., Dalton, L. K., Wisely, T. D. R., McKee, P. & Wood, D.,
(1995). Optical wireless: A [Link] SPIE Proc. on [26]Wireless Data
Transmission, vol. 2601, Philadelphia, PA, Oct. 23–25, 1995, pp. 212–225.
Rancourt, .J. D., (1993). Safety of Laser Products. Int. Electrotech. Commission,
CEI/IEC825-1: Optical Thin Films. New York: Macmillan.
Carruthers, Jerrey B., (2002). Wireless Infrared Communications. Wiley Encyclopedia of
Telecommunications
[Link] Systems, Inc. (2000).
Downloaded by Sagir Musa Sani (mydoconthego@[Link])
You might also like
- Wireless Technologies in Transport SecurityNo ratings yetWireless Technologies in Transport Security7 pages
- Wireless Communication: V.Manikandan, R.RavichandranNo ratings yetWireless Communication: V.Manikandan, R.Ravichandran16 pages
- Wireless Local Area Network Security UsiNo ratings yetWireless Local Area Network Security Usi5 pages
- Networks Are Privately Owned Networks: Wireless NetworkingNo ratings yetNetworks Are Privately Owned Networks: Wireless Networking12 pages
- Demand of Wireless Network and Security in CurrentNo ratings yetDemand of Wireless Network and Security in Current5 pages
- Wifi Technology and Its Security IJERTCONV4IS27019No ratings yetWifi Technology and Its Security IJERTCONV4IS270193 pages
- Seminar Report On: Guided By: Developed byNo ratings yetSeminar Report On: Guided By: Developed by33 pages
- Wireless Lan: CVR College of Engineering Electronics and Communication EngineeringNo ratings yetWireless Lan: CVR College of Engineering Electronics and Communication Engineering19 pages
- Galgotias College of Engineering and Technology: Industrial Training SynopsisNo ratings yetGalgotias College of Engineering and Technology: Industrial Training Synopsis36 pages
- Wireless LAN Security: Addressing Challenges, Attacks and SolutionsNo ratings yetWireless LAN Security: Addressing Challenges, Attacks and Solutions6 pages
- Understanding Wireless Security MeasuresNo ratings yetUnderstanding Wireless Security Measures12 pages
- Report On Wireless Security: Risk and ControlsNo ratings yetReport On Wireless Security: Risk and Controls12 pages
- Wireless Network Security Vulnerabilities Threats and Countermeasures IJMUE Vol2 No2No ratings yetWireless Network Security Vulnerabilities Threats and Countermeasures IJMUE Vol2 No211 pages
- Wireless Network Security: Fore Academy Security EssentialsNo ratings yetWireless Network Security: Fore Academy Security Essentials19 pages
- Understanding Wireless Network SecurityNo ratings yetUnderstanding Wireless Network Security39 pages
- Wireless Technology Elaine Montilla Baruch College CIS 3500 Prof. Mohamed Ayed December 11, 2010No ratings yetWireless Technology Elaine Montilla Baruch College CIS 3500 Prof. Mohamed Ayed December 11, 201011 pages
- Wifi Infrastructure Security System FromNo ratings yetWifi Infrastructure Security System From6 pages
- Wireless Network Security: Written by David ChildersNo ratings yetWireless Network Security: Written by David Childers15 pages
- Enhancing WLAN Security with IEEE 802.11iNo ratings yetEnhancing WLAN Security with IEEE 802.11i25 pages
- Uwaheren Siwes Report in Computer EngineeringNo ratings yetUwaheren Siwes Report in Computer Engineering19 pages
- Salud Pública de México 0036-3634: Issn: Spm@insp - MXNo ratings yetSalud Pública de México 0036-3634: Issn: Spm@insp - MX7 pages
- Qbasic Programming Examples and Exercises - ProgrammingBasicNo ratings yetQbasic Programming Examples and Exercises - ProgrammingBasic9 pages
- Clarinet Institute Haydn Joseph Baryton Trio No. 96No ratings yetClarinet Institute Haydn Joseph Baryton Trio No. 9614 pages
- T9 - Refactoring, Design Patterns & Anti-PatternsNo ratings yetT9 - Refactoring, Design Patterns & Anti-Patterns98 pages
- Electron Configurations of The Elements (Data Page)No ratings yetElectron Configurations of The Elements (Data Page)13 pages
- Bobcat Online Parts Catalog - Maintenance Items (Service Parts) - S590No ratings yetBobcat Online Parts Catalog - Maintenance Items (Service Parts) - S5905 pages
- Understanding Bluejacking: Fun or Risk?No ratings yetUnderstanding Bluejacking: Fun or Risk?10 pages
