Scribd Logo
Upload

Welcome to Scribd!

  • Chapt 8 Notes

    Uploaded by

    adzwinj
    8 views3 pages
    Wireless security notes

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Wireless security notes

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views3 pages

    Chapt 8 Notes

    Uploaded by

    adzwinj
    Wireless security notes

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    8.

    5 Wireless security

    - Wireless networks offer many advantages for business. However, due to the inherent (built in,
    integral) lack of security, it brings some threat to business.

    - Wireless is a broadcast medium. It utilizes network transmission to move information.

    - Transmission can be intercepted by anyone who is:


    i. close enough
    ii. has access to appropriate equipment.

    4 major threats to wireless networks (ie, able to intercept the transmission) are: WERR!
    i. Rogue access points
    ii. War driving
    iii. Eavesdropping
    iv. Radio-frequency jamming

    ROGUE ACCESS POINT:


    - Is an unauthorized access point (to a wireless network)
    - The rogue (rascal/scoundrel) could be:
    i. someone in your organization, who sets up an access point intending no harm BUT fails to inform the IT department
    ii. Evil twin – someone who wishes to access a wireless network for malicious purposes

    Evil twin attack: (provide another access point to a connecter, then ask the connector for confidential information via Web
    page, connector was supposed to connect to his intended access point but ended up connected to evil twin’s access point
    due to very strong signal from the evil twin’s access point. The attacker must first be within the area of a Wi-Fi-enabled
    computer (the connector).

    ‘’the attacker offers a separate connection . but first, he will use a hotspotter that detects wireless networks and offer
    information about the wireless network it detected. Using the information he collected from the hotspotter, the attacker
    may simulate a different wireless access point but using the same wireless network name or SSID that the user (the prey)
    expected to connect to (prey would have assumed that he is connected to an authorized network but ended up fall into
    prey to the attacker by being connected to the separate connection made by the attacker). However, this is only possible if
    the signal is strong enough that the user will conntect to the attacker’s system instead of the real access point.

    Once the user is connected to the attacker’s system, the attacker can have them to access a Web page which requests their
    confidential information like user names, passwords and account numbers.

    Another way for attacker to attack is by simply capturing wireless transmissions.


    (How? Dunno)
    This is more effective with public hotspots than corporate networks.

    WAR DRIVING

    - It is the act of tracing WLANs while moving around a city or a place (could by by driving or walking).
    - Needs a Wi-Fi detector and a computer that could connect wirelessly. (wireless enabled)

    - WLAN that has a coverage exceeding the building it is put in, an authorized user may intrude that network, using the Internet connection
    for free. Also, the unauthorized user may gain access to other important data and resources within the building network.

    EAVESDROPPING
    - Is the efforts by unauthorized users to access data that are traveling over wireless networks

    RADIO-FREQUENCY JAMMING
    - Is the act of interfering with a wireless network transmission either intentionally or unintentionally by a person or by a device.
    -
    8.4 PERVASIVE COMPUTING

    Definition
    – each object having processing power (embedded with something that could connect that object to a network)

    Aka
    – ubiquitous computing

    The connection could be


    - wireless or
    - via a wireline.

    The infrastructure behind this pervasive computing (connect a device embedded with a connector to a network of a number of other devices or
    appliances) is made up of two technologies:

    i. Radio-frequency identification
    ii. Wireless sensor network

    Pervasive means
    - the thing is everywhere, universal, we can’t escape from it, it’s just there all around us.

    Devices that could be embedded with chips are


    - floor, lights, cars, washing machine, cell phone, clothes, etc.

    Eg application:
    - SMART HOME having a HOME NETWORK.

    Home network:
    - Connect many appliances that communicate to one another using the home network
    - Those appliances have their own systems ) eg, home security system + light and heat controls + tv + etc, each have their own connecting
    devices to connect to the network.
    - Could connect to Internet as well. Some appliances are Internet-ready appliance (can be controlled by a small handheld device or a
    desktop computer via a home network, either wireless or via wireline).

    The two technologies making up the infrastructure of pervasive computing (how each devices could connect to one another or to a network):

    1. RFID
    - Allow manufacturers to attach tags with antennas and computer chips on goods
    - With the attached tags, manufacturers can track their movement through radio signals

    History of RFID:
    - Was first developed to replace bar codes
    - On bar codes:
    i. Aka Universal Product Code (UPC)
    ii. Made up of 12 digits that are batched in various groups
    iii. 1st digit = identifies the item type
    iv. Next 5 digits = identify the manufacturer
    v. Next 5 = identify the product
    vi. Last digit = a check digit for error detection
    vii. Worked well but have limitations
    viii. Limitations:
    - require a LINE OF SIGHT to the SCANNING DEVICE
    - works well in a store, but lots problems for a MANUFACTURING PLANT or warehouse or shipping/receiving dock.
    - PRINTED ON PAPER – can be ripped, soiled or lost
    - it DOESN’T IDENTIFY THE ACTUAL ITEM, but IDENTIFY THE MANUFACTURER AND PRODUCT

    ix. 2 systems developed to REPLACE BARCODES:


    - QR codes (quick response)
    - RFID systems

    On QR codes:
    - Is a two-dimensional code (2D)
    - Readable by dedicated QR readers and camera hones
    - It’s advantages over bar codes are:
    i. Can store much more information than bar codes
    ii. Can store more data types like numbers, text, URLs, and other language characters like Japanese
    iii. Has a small size, it stores information HORIZONTALLY and VERTICALLY
    iv. More resistant to damage than bar codes
    v. Less likely to be misread as it can be read from any direction or angle.

    RFID Systems: - Use tags with EMBEDDED MICROCHIPS


    - Embedded microchips: - contain data, and antennas (to transmit radio signals over a SHORT DISTANCE to RFID readers)

    - Readers: pass data to a computer via a network for processing

    The chip: - Is programmed with information that uniquely identifies an item


    - Also contains location of the item and where it was made

    Two basic types of RFID tags: - ACTIVE


    - PASSIVE

    ACTIVE RFID tags: - use internal battery for power (having batteries, makes it more expensive than passive RFID tags)
    - can be read over greater distances
    - broadcast radio waves to a reader
    - used primarily for EXPENSIVE ITEMS

    PASSIVE RFID tags: - rely entirely on readers for their powers (hence less expensive than active rfid tags)
    - can be read only up to 20 feet
    - generally applied to less-expensive merchandise

    PROBLEMS with RFID: - expense


    - comparatively large size of the tags

    You might also like