Towards Development of a Framework for Wireless LAN Security

Camilius Sanga1 and Juma Kilima 1
1

Computer Centre, Sokoine University of Agriculture, P. O. Box 3218 , Morogoro, Tanzania E-mail: {sanga, kilima}@suanet.ac.tz

Abstract. In this paper, we first introduce the readers about the security aspects of Wireless Local Area Network of a developing country university. This is followed by a description of Wireless Local Area Network (WLAN) security threats that we have identified and later, we identified the free and open source tools to be used when security threats need to be dealth with. The performance of some these tools are presented. Finally, we conclude by highlighting the lesson learnt from our research by providing a framework which if taken would minimize the security threats. Categories and Subject Descriptors: C.2.0 [Computer-Communications Networks]: Security and protection; C.2.3 [Computer-Communications Networks]: Network monitoring General Terms: Security, Measurement, Experimentation Keywords: wireless, local area network, security, Free & Open Source, analyzer, tools

1.0 Introduction
Sokoine University of Agriculture (SUA) established the Computer Centre in 1993. This Centre was charged to be the arm of the University responsible for teaching, research and consultancy in areas of Information and communication technology. Among other things, the Computer Centre is responsible for Planning and overseeing the development of infrastructure and ICT as well as coordinating the acquisition, installation and use of computer hardware and software SUA (Sanga et al., 2010). The objective of implementation of WLAN for sure was to enhance security of our LAN to improved training/learning, research and ICT services through increased accessibility of e-resources through wireless LAN (WLAN). 1.1 Justification of WLAN There are a number of advantages which were identified after establishment WLAN. These include: (a) Improving accessibility and coverage of LAN and Internet services because the access to the network can be from anywhere within range of an access point.

1.

there is WLAN at the tower of Wireless Link with Main Campus. Figure 1: A Simple Model for Wireless LAN Figure 1 shows a simple model for the wireless LAN. From this Figure it is worthy noting that a wired LAN is necessary particularly from the server room to the new hostels to provide a backbone to the WLAN. 2 . 1. In SMC. a department of Agribusiness. From the above rationale.432 users who can get connected at a time. at Faculty of veterinary medicine WLAN was installed. This allows the clients to be in the same network as the wired network providing an advantage of sharing common utilities.1. Mast. Furthermore. (d) It is simple to add or move workstations and to install access points to provide connectivity in areas where it is difficult to lay cables. WLAN was installed at Computer Centre students Laboratories and Library (SNAL) in Main Campus. Wireless Devices that were identified to be necessary to implement WLAN at SUA LAN were Wireless Access Point (WAP). Trunks. Wireless Routers. (e) In historic buildings such as those at Solomon Mahlangu Campus (SMC) where traditional cabling would compromise the facade. Also.(b) It is relatively cheaper than wired network especially the installation cost is usually lower. A future plan is to extend WLAN to all departments so that we cater for 8. Crop Science and Soil Science uses the WLAN of Sokoine National Agricultural Library (SNAL). electric cables indoor and electric cables outdoor. a WLAN can avoid the need to drill holes in walls. that is WAN and LAN are in the same network. (c) Installation is usually faster and easier as it eliminates the need to fix cable through walls and ceilings.1 Wireless Access Points (WAP) These devices extend the LAN while caring its original IP without routing.

and understand how to support and monitor the traffic in and out of LAN from the wireless network. SUA staff.3 Outdoor and Indoor Systems For the outdoor and indoor wireless systems both systems are needed. Having said that. Basically the wireless router multiplies the single input IP into bunch o f above 250 IP addresses. these posses a challenge to network administrators to put more effort to create a secure and reliable environment. there is a need to conduct a study and recommend best practice measures to overcome these security threats. traffic redirection.These devices are needed where clients require SUA intranet facilities and other network advantages. 1. This has been explained early in WLAN justification section. the network is susceptible to the following security threats: Denial of Service. Thus.1.1. top managers) are allowed to access Internet. 2002). Since there are no mechanisms to authenticate Wireless Local Area Network (WLAN) users. rogue networks and station redirection as well as Eavesdropping.2 Statement of the Problem SUA's Network include various unsecured wireless access points. Network users are transmitting university essential data across the network. this made the network susceptible to miss-configuration outages. invasion and resource stealing. Thus. Users (i. 2004). the challenge remains how to secure WLAN. sniffing. Fletcher and Hasson. 1. this prompted the authors to do a research on the subject. Spoofing and Session Hijacking. students. This fact makes it imperative that there is a need to implement strong security measures and policies to protect loss of university data. The SUA Computer Centre is proposing to use Planet Devices with its Mesh topology.2 Wireless Router Works the same way as above WAP but has two parts of network that is WAN is one network while LAN is another network. some students¶ access network from their hostels. In Mesh topology the system is robust allowing for auto configuration for any additional Planet device.e. It is argued that WLAN has helped to narrow down the digital divide between the rich and poor countries (James. 2007) but how to secure it. 1. Even though WLAN has potential benefits which can help the developing countries to leapfrog in their development (Flickenger. 2 Related works Wireless computer connection has brought affordable computer connections in many developing countries. is a challenge 3 . Because of its cheaper installation costs there are plenty WLAN being established in different organization in developing countries (Pentland. WAN is the signal source in this case SUA LAN signal and LAN is the client signal in this case wireless clients.

the eavesdropper is not limited to just collecting packets for later analysis. or to use the network to gain access to the wider Internet. invasion and resource stealing. (2005) concluded that most higher learning institutions in Tanzania has security problem in their WLAN. like some website logins. Encrypting data between the STA and Access Point (AP) can mitigate eavesdropping of user data. all the susceptible systems could be on the wired network (Vollbrecht. Bakari et al. or attempt a man-inthe-middle attack. Denial of service attacks 4 . 2002). However. 2002). d.g. 2003). namely: sniffing. 2002). but can actually see interactive sessions like web pages viewed by a valid wireless user. b. he may be able to either gain admittance to the network on his own. and Busagala. will be reviewed in the following section: a. Traffic redirection An attacking STA can poison the Address Resolution Protocol (ARP) tables in switches on the wired network through the AP causing packets for a wired station to be routed to the attacking STA. To mitigate this danger the AP and STA need to support ³message integrity´. Internet Protocol Security (IPsec)) stops an insider from perpetrating this attack. or steal a valid STA¶s access. The eavesdropper could later duplicate the logon and gain access (Vollbrecht. Link-layer authentication stops an outsider from perpetrating this attack.(Sanga. Sniffing The nature of an RF based network leaves it open to packet interception by any radio within range of a transmitter. Kilima. and mandates requirements for strong encryption algorithms (Vollbrecht. Stealing a STA¶s access is simple if the attacker can mimic the valid STA¶s Media Access Control (MAC) address and use its assigned Internet Protocol (IP) address. Interception can occur far outside the users µworking¶ range by using hi-gain antennas. The attacker can either passively capture these packets before forwarding them to the attacked wired system. denial of service attacks and rogue networks and station redirection. The attacker waits until the valid system stops using the network and then takes over its position in the network (Vollbrecht. c. 2002). Networklayer (e. traffic redirection. An eavesdropper can also catch weak authentication exchanges. 2010). all the while appearing to be a valid user of the attacked network. With readily available tools. This would allow an attacker direct access to all devices within a network. In such an attack. which means that each ³signs´ every message sent to the other using a shared key (Hamid. Invasion and resource stealing Once an attacker has gained the knowledge of how a WLAN controls admittance. the ability to sniff also makes attacks on encryption easier. The literature dealing with the WLAN security threats.

so the patient attacker will still discover SSIDs. Even with the Wired equivalent privacy (WEP) flaws. The goal of a rogue is pulling valid traffic from the WLAN to a wired network for attacking (or to conduct the attack directly within the rogue AP) and then reinserting the traffic into the proper network (Vollbrecht. but when a station PROBES for an AP SSID. SSID hiding is impossible. 3 Practical Solutions for Securing WLAN Despite the risks and vulnerabilities associated with wireless networking. An attacking system could replay a captured 802. This does make WLAN discover by an attacker harder.11 disassociate message. A newer form of a rogue AP is a STA with two wireless cards. Media Access Control (MAC) address filters Some APs provide the capability for checking the MAC address of the STA before allowing it to connect to the network. This could be done by implementing the following actions to minimize attacks into the main networks: i. thus the thrust is to minimize them and to be able to recognize and trace them back to their source (Vollbrecht. or an 802.Denial of service attacks against a WLAN can range from simple radio interference (a 2. and is not a security measure. Such rogue Aps could readily be deployed in public areas as well as shared office space areas.11 wireless network is very susceptible to a rogue AP attack. all APs broadcast their SSID as an advertisement of their presence. Rogue networks and station redirection An 802. ii.4 GHz cordless phone is an example of such an attacking device) to more subtle attacks against a single STA or AP. 2003). This provides an additional layer of control in 5 . SSID ± Service Set Identifier Each ESS has an SSID that it uses to identify the APs that are a part of the ESS. and effectively disconnect a STA from the WLAN.1x EAPOL-log off message. SSID provides a very modest amount of control. it acts as a valid station to the ESS. It does not. By default. 2002). e. and in particular it does not keep an attacker from accessing the ESS or from setting up a ³rogue´ AP that uses the same SSID as a valid AP (Hamid. by itself. It is possible to turn off SSID broadcasts. the AP responses with a one-time broadcast. It is considered impossible to build a network without some DOS attacks. there are certainly circumstances that demand their usage. 2002). help with other security issues. A common way of configuring a network is to require each STA to know the SSID of the AP to which it wants to connect. It keeps a STA from accidentally connecting to a neighboring AP. A rogue AP is one owned by an attacker that accepts STA connections and then at a minimum intercepts traffic if not also performing man-in-the-middle attacks before allowing traffic to flow to the proper network. With one. it is still possible for users to secure their WLAN to an acceptable level. with the other it acts as an AP to other STAs.

2001). The danger is that if any one in the community is compromised. optionally. The RADIUS approach is especially appropriate if the MAC addresses are to be used with multiple APs (Hamid. iv.11. The list may be kept in long-term memory on the AP. Without WEP or an equivalent to support Link layer integrity. This approach requires that the list of MAC addresses be configured.that only STAs with a registered MAC address can connect. the connection between the STA and the AP is vulnerable to unsophisticated. Virtual Private Network (VPPs) Many people use VPNs to protect their connection over a wireless network. Until it is available and deployed. VPNs do provide protection for some of the areas where current Wireless LAN solutions are weak. This is not strictly a wireless solution²it can be used in any remote access situation. or the AP may send a Remote Authentication Dial-in User service (RADIUS) request with the MAC address as the userid (and a null password) to a central RADIUS server and the RADIUS server will check the list.11 specification. Static WEP keys WEP is part of the 802. This allows keys to be changed dynamically. The firewall will require each workstation to establish a separate tunnel to the firewall. VPNs only protect the STA traffic routed through the VPN. encryption of sessions. An attacker could sniff a valid MAC address from the wireless network traffic and then configure his card to use it and gain access. Using MAC filters is considered to be very weak security because on many wireless cards it is possible to change the MAC address by reconfiguring the card. but provides an important first line of defense according to many security professionals (Hamid. Dynamics WEP keys There are a number of methods for dynamically setting the WEP keys. the current version of WEP encryption has been proven to be vulnerable. Static WEP key operation requires keys on the STA and AP that are used to encrypt data sent between them. The most commonly used now is 802. In addition. As it turns out. sniffing is eliminated and session hijacking is difficult (or impossible). easy to mount. Authentication of the tunnel is required. not the STAs or the network. denial of service attacks. 2003). the community key. Kerberos is also used (Hamid. Adding a personal firewall product at a financial and management cost can mitigate the Client risk ( Gayal. but at a price. STA and AP are configured with a set of 4 keys. and will be managed after the network 6 . This means that there is a ³community´ key shared by everyone in the ESS. As described above. keys are the same in all STAs and APs. and when decrypting each is used in turn until decryption is successful. 2003). 2003). the STA and Client are vulnerable to direct attacks. A new security component is being developed within 802. In particular. VPNs can provide integrity checking and. and hence the network and everyone else using it. Deploying a firewall between the AP and the network that only allows authenticated VPNs access can provide network protection against attacks. With WEP encryption. is at risk. iii. WEP is not strong protection.1x. v.

an essential component in security (ISS. this will require a tunnel over a tunnel.1X Authentication Wireless networking. 802. compared to other networking technology. WEP protocol is used for encryption (ISS. 2001). In most current situations. is inadequate for WLAN. 802. This dialog uses the IETF Extensible Authentication Protocol (EAP). 2001) vi. In open system authentication a client needs an SSID for successful Association. 2001). 2001).1x consists of a Port Access 7 . Authentication mechanisms includes: Open system authentication and Shared key authentication (Reference). There are no wires to follow to determine which STAs are parts of the network. using a VPN with a single firewall is a good idea whether dialing in from a remote location or connecting via a wireless Access Point. However. if the user needs to establish an additional tunnel.1x is an authentication dialog between the system needing network services and the network. session authentication by itself. to a remote corporate firewall for instance. 802.connection is established.1x (Port-Based Network Access Control) to provide the station authentication. WEP lacks message integrity. Adding WEP to the wireless session solves the wireless specific issues ( Gayal. Figure 2: Securing a wireless AP (Adapted Gayal. A VPN gateway CAN provide this level of protection directly. Authentication is a process of binding a name to something known and then using that name in all future interactions.11 is the media access or MAC address. the 48-bit value assigned to the WLAN card by its manufacturer. On the other hand in a shared system authentication the client cannot authenticate himself if he doesn¶t have the WEP shared secret key. which is expensive in CPU cycles on the STA and for most VPN clients has not been heavily tested ( Gayal . An authentication process will allow an AP to restrict which STAs can associate with it. Standards-based authentication to WLAN The open nature of WLAN requires authentication of the STAs to the APs. vii. The name in 802. requiring different support in either the client or the AP. as will be shown. 2001). However. 802. needs an authentication and access control mechanism to ensure security.11 WLAN is now specifying the use of IEEE 802.

In 802. ii. AirDefense also has the capability to discover vulnerabilities and threats in a WLAN such as rogue APs and ad hoc networks. centrally managed. the controlling logic that manages which device¶s packets will be accepted by another device (ISS. it also provides a robust WLAN management functionality that allows users to understand their network. EAP encapsulation over LANs (EAPOL). detects and protects a WLAN from intruders and attacks. WSA aims at protocol experts who want to capture wireless packets for detailed analysis.11 protocols (http://www. without having to understand any of the details of the 802. Sniffer and Wlandump (Reference). 4 Tools for Protecting WLAN Different authors used different tools to implement the practical solutions mentioned and discussed in previous section. This is a dedicated appliance employing an Intelligent Conveyor Engine (ICE) to passively monitor wireless networks for threats and inform the security managers when these occur. While there are other 802. AirDefense It is a commercial wireless LAN intrusion protection and management system that discovers network vulnerabilities. Isomair Wireless Sentry This also it is a commercial product that automatically monitors the air space of the enterprise continuously using unique and sophisticated analysis technology to identify insecure access points. the tools are: i.symantec.1x the principal component is the Network Access Port (or just Port) that can either be a physical network interface or a virtual MAC. who want a way to easily and quickly verify the security configuration of their networks. 802. 2001).11 wireless LAN security auditor. and will integrate seamlessly with existing security infrastructure.com/connect/articles/wireless-intrusiondetection-systems/). and assists in the management of a WLAN. running on Linux on an Personal Digital Assistant (PDA). it is intended f or the more general audience of network installers and administrators. Above the Port is the Port Access Entity (PAE). It is a completely automated system. and RADIUS Authentication Servers (ASs). iii. monitor network performance and enforce network policies (http://www.1x redefines our traditional understanding of a network interface and adds access authentication services to it. 8 .com/connect/articles/wireless-intrusion-detection-systems/).Entity (PAE) in all STAs and APs.com/connect/articles/wireless-intrusion-detection-systems/). WSA helps network administrators to close any vulnerability by automatically audits a wireless network for proper security configuration. Wireless Security Auditor (WSA) It is an IBM research prototype of an 802.11 network analyzers such as Ethereal.symantec. No additional man -time is required to operate the system (http://www. security threats and wireless network problems. Apart from securing a WLAN from all the threats.symantec. Moreover.

SSIDs. WEPCrack is an open-source tool used to break 802. sniffer. Table 1: FOS WLAN Analyzer tools WEPCrack 9 . whether WEP encryption is enabled and signal strength. and inferring the presence of nonbeaconing networks via data traffic (Kismet . These reasons make them not feasible / viable for the Higher Learning Institutions which have limited budget. NetStumbler can connect with GPS technology to accurately log the precise location of access points (http://www.11 wireless network detector. search access points and associated client stations..Since the above discussed tools are commercial thus. locking a customer to specific company/organization which produced the tool and also. Kismet identifies networks by passively collecting packets and detecting standard named networks.0 Method used For this study. monitor performance and pin-point potential problems. it comes with some license fees. channels. write packet information in real time. 5. 2011). Table summarizes some of free wireless security tools that can be used: S / No 1 Wireless security tool NetStumbler Description NetStumbler displays wireless access points. It can listen alternatively on all 14 channels.com). AirSnort passively monitors wireless transmissions and automatically computes the encryption key when enough packets have been gathered (Torres et al. 2005). All network traffic may be saved in the libpcap format for post analysis (Paciga and Lutfiyya.netstumbler. and evaluate network and application usage to spot emerging trends. WLANs security will be tested using various free and/or open source (FOS) WLAN analyzers tools and utilities to test and monitor wireless LAN protection at SUA. 4 Kismet Kismet is an 802.11b stations and access points. 2010). Analyzers help detection of security vulnerabilities and active attacks. 5 WiFi Scanner WifiScanner analyzes traffic and detects 802. and intrusion detection system. decloaking) hidden networks.11 WEP keys (Beck and Tews. detecting (and given time. 2008 ) 3 Airsnort Airsnort is a wireless LAN (WLAN) tool which cracks WEP encryption keys. they have the following disadvantages which are: being costfully. 2 WEPCrack was the first of the WEP encryption cracking utilities.

Also.0. attacker can sniff IP address and MAC address of a valid Access Point and this will allow an attacker direct access to all devices within a network.168. Use of sniff software like Wireshark. or to use the network to gain access to the wider Internet . or steal a valid STA¶s access.1 with a MAC address of 00:13:46:CD:BF:E8. a proposed framework of practical solutions for securing a wireless LAN (WLAN) will be used to study WLAN security measures that have been implemented by SUA. Stealing a STA¶s access is simple if the attacker can mimic the valid STA¶s MAC address and use its assigned IP address. 6. According to Vollbrecht (2002) an attacker can gain the knowledge of how a WLAN controls admittance and be able to either gain admittance to the network on his own. The attacker waits until the valid system stops using the network and then takes over its position in the network. Figure 3 above revealed the captured IP address captured was 192.0 Results and Discussions This section presents the results and analysis after the implementation of free and/or open source WLAN analyzers tools Analysis using Wireshark network protocol analyzer Figure 3: Wireshark network protocol analyzer Result from Wireshark network protocol analyzer (network sniffer) captured the Internet Protocol (IP) address of a nearby wireless router (Access Point) as well as the MAC address of the wireless router (Access Point). Result obtained by using Retina WiFi Scanner Security Information 10 . When this happens it will be difficult to identify the attacker (or intruder or hacker) since the intruder / hackers appear to be valid user of the attacked network.

36 IEEE 802.11. (2003) argues that WEP is not strong protection. With WEP encryption.11 Wireless Parameters 11 . Observation shows that the AP has no WEP Encryption key.11b Channel Table 2: Retina WiFi Scanner Table 2 above reveals information about Access Point (AP) obtained using Retina WiFi Scanner.6.24.12.11 Wireless Parameters SSID MAC address mazimbu 00:13:46:CD:BF:E8 Max RSSI Network Type Infrastructure Mode Beacon Period ATIM Window -41 (dBm) Direct Sequencing Infrastructure 100 (Kusec) 0 (Kusec) 6 Vendor WEP Rates Standard Unknown OFF 1. but provides an important first line of defense according to many security professionals. Absence of WEP Encryption key shows that this particular Wireless LAN does not have even basic security features. Hamid. 802.5. 802. On the other hand this particular AP has MAC address of 00:13:46:CD:BF:E8 and uses IEEE 802.2. sniffing is eliminated and session hijacking is difficult (or impossible). Security Information WEP Encryption WEP Key is not set.WEP Encryption WEP Key is not set.11b standard. the SSID for this particular AP was ³mazimbu´.

With WEP encryption.54 IEEE 802.2.11.5. sniffing is eliminated and session hijacking is almost (or impossible) (Wright.18. Observation shows this particular AP has no WEP Encryption key. but provides an important first line of defense according to many security professionals.11g standard. 2003). Wright (2003) argues that WEP is not strong protection.36. On the other hand this particular AP has MAC address of 1C:BD:B9:BE:19:06 and uses IEEE 802.11g Channel Table 3: Retina WiFi Scanner Table 3 above display information about Access Point (AP) obtained using Retina WiFi Scanner.SSID MAC address ACMSMC01 1C:BD:B9:BE:19:06 Max RSSI Network Type Infrastructure Mode Beacon Period ATIM Window -76 (dBm) Direct Sequencing Infrastructure 100 (Kusec) 0 (Kusec) 1 Vendor WEP Rates Standard Unknown OFF 1.9. the SSID for this particular AP was ³ACMSMC01´. Absence of WEP Encryption key shows that this particular Wireless LAN does not have even basic security features as well.11 Wireless Parameters 12 . 802. Security Information WEP Encryption WEP Key is not set.

which cannot overcome fully the problem of WLAN.2.11b standard.3 6 Max RSSI Network Type Infrastructure Mode Beacon Period ATIM Window -75 (dBm) Direct Sequencing Infrastructur e 100 (Kusec) 0 (Kusec) 8 Vendor WEP Rates Standard IEEE 802. Observation shows this particular AP has no WEP Encryption key.0 Proposed Security measures The deduced information from the above section ³results and analysis´ enables the authors to propose the following summary of the security measures for securing Wireless LAN: S/No Proposed Security Measure 1 Implement SSID on all WAPs 2 Implement MAC Address Filters 3 Implement Static as well as Dynamic WEP 4 Utilize Virtual Private Network (VPN) 5 Implement Remote Authentication Dial-in User Service (RADIUS) Server authentication mechanisms Table 5: Framework for securing WLAN 8. 2003).24. we addressed the problems of security aspects of Wireless Local Area Network at SUA.11. According to many security professionals who argue that WEP is not strong protection. but provides an important first line of defense (Hamid. 13 . but can protect to a great extent. sniffing is eliminated and session hijacking is difficult (or impossible). In this paper.11b Channel Table 4: Retina WiFi Scanner Table 4 above display information about Access Point (AP) obtained using Retina WiFi Scanner. 7. the SSID for this particular AP was ³ACMSMC02´. Then. On the other hand this particular AP has MAC address of 00:1E:58:9D:37:20 and uses IEEE 802. Absence of WEP Encryption key shows that this particular Wireless LAN does not have even basic security features. then there are some countermeasures.SSID MAC address ACMSMC02 00:1E:58:9D:37:2 0 Unknown OFF 1.5.6.0 Conclusion Since SUA LAN contains some vulnerabilities.12. With WEP encryption. we applied the free and open source tools to overcome the identified problem.

Pune University. (2011).11 WLAN (Yeo.iacr. this calls for more researches in this area. India: Center for Information and Network Security.e.cn/docs/20090507163620550203.net/whitepapers/wireless_LAN_security. Thus. J. Wireless LAN Security Today and Tomorrow. URL: http://www.symantec. Wireless Intrusion http://www.pdf [7] Hamid R.itsec. Vetha Manickam. we configured Access Points for allowing only few MAC addresses.net [9] Paciga.org/reading_room/whitepapers/wireless/wireless -lan-security-issuessolutions_1009 [8] Kismet .com/infocus/1742 Detection Systems. [2] Farschi." Wireless And Mobile Computing. M.pdf [4] http://www. We restricted access of users to the hotspots (i.securityfocus. Report 2008/472. 2004). and Tews.sans.. As proposed by other researchers like (Woodward.. M.Thereafter the framework to follow in order to minimize the vulnerabilities is proposed (see Table 5).interlinknetworks. Last accessed February 12. 2008.Cryptology ePrint Archive. http://eprint.com/rad ± accessed on 30/10/2010 [5] http://www. and Agrawala. H. 2005) that even though the solutions given in this paper will aid system administrators. Thereafter.A (2003). Practical attacks against WEP and WPA. (2008). URL: [3] Gayal S and S. (2003). physical security).com/connect/articles/wireless-intrusion-detection-systems accessed 19/11/2010 [6] Internet Security Systems (ISS) (2001): Wireless LAN Security 802.gov. IT security experts and network engineers in developing secure measure for their wireless computer network. (2002).11b and Corporate Networks. The techniques and experiences recommended from other framework has been incorporated in this paper to enahance the security of IEEE 802.iss. Pune. Youssef. Lutfiyya. which are there in the Access Control Lists (ACLs).kismetwireless. Our future study will be in how we can develop an intrusion detection system for our WLAN. "Herecast:an open infrastructure for locationbased services using WiFi. 2011. A. Networking And 14 . which is in the network because s/he can just copy the secret key or access the WLAN. References [1] Beck. The results are as described in the above section. Wireless LAN: Security Issues and Solutions. No unauthorized person gets access of your laptop or any Work Station. URL: http://documents. URL: http://www.org/. URL: http://www. none of the solutions are absolute. E.

" Computer . P.37. ³Wireless LAN Access Control and Authentication´. D..83. IEEE International Conference on .1-6. (WiMob'2005).S. 78.. John. Wireless Networking in the Developing World. ³Detecting wireless LAN MAC address spoofing. "State of ICT Security Management in the Institutions of Higher Learning in Developing Countries: Tanzania Case Study. 2005 [17] Sanga.. 2004..no/wlan/download/wlan-mac-spoof.. ACM.4. pp.. Vol. and Busagala. Issue 2. R. Optimizing Internet Bandwidth in Higher Learning Institutions: A Case of Sokoine University of Agriculture. R. E. pp. Fletcher. "DakNet: rethinking connectivity in developing nations. "Recommendations for wireless network security policy: an analysis and classification of current and emerging threats and solutions for different organisations". Santafe. pp.. Moustafa Youssef. A framework for wireless LAN monitoring and its applications. L. ISSN 0197-3975 [16] Jabiri Kuwe Bakari.M. Morato. vol. USA 15 . International Journal of Computing and ICT Research. 2005. Louise Yngstr?. in Proc. (2010) "An anomaly-based intrusion detection system for IEEE 802. (2010). 24-22 Aug. and Ashok Agrawala.Communications. Habitat International. Christer Magnusson. no. Magana. [13] Wright J. Pages 21-31. January 2002. 2010 IFIP . and Robert Moskowitz (2002). [18] Flickenger.com/images/resource/WLAN_Access_Control. New York..interlinknetworks. no. Charles N. 20-22 Oct. Tarimo.. Fifth IEEE International Conference on Advanced Learning Technologies (ICALT'05). vol. http://www. G. Hacker Friendly LLC. In Proceedings of the 3rd ACM workshop on Wireless security (WiSe '04). David Rago. 2005. [18] Jihwang Yeo. pp. NY. vol. 4. L. 27-36... Jan. pp.´ URL: www. C." icalt. Issue 1. Kilima. M. Volume 26..uninett. 2004 [15] Jeffrey James. 2010 [11] Vollbrecht." Wireless Days (WD). 133-140. Perth. no. Western Australia. [14] Pentland.1007-1011. a white paper from Interlink Networks Resource Library. Hasson.1. 3rd Australian Information Security Management Conference.p [12] Woodward A. A. Izal. A. Low-cost information technology in developing countries: current opportunities and emerging possibilities. (2007). J.pdf.11 networks. pp. 2005 [10] Torres. ISSN 1996-1065. (2003).21-28.