Professional Documents
Culture Documents
0
WIRELESS
TECHNOLOGIES
AND BASIC
SECURITY
Introduction
2. Mobility
With the emergence of public wireless networks, users can access the
internet even outside their normal work environment.
Most chain coffee shops, for example, offer their customers a wireless
connection to the internet at little or no cost.
Advantages Of The Wireless
Technology.
3. Productivity
Users connected to a wireless network can maintain a nearly constant
affiliation with their desired network as they move from place to place.
For a business, this implies that an employee can potentially be more
productive as his or her work can be accomplished from any convenient
location.
4. Deployment
Initial setup of an infrastructure-based wireless network requires little more
than a single access point.
Wired networks, on the other hand, have the additional cost and complexity of
actual physical cables being run to numerous locations (which can even be
Advantages Of The Wireless
Technology.
5. Expandability
Wireless networks can serve a suddenly-increased number of clients with
the existing equipment.
In a wired network, additional clients would require additional wiring.
6. Cost
Wireless networking hardware is at worst a modest increase from wired
counterparts. This potentially increased cost is almost always more than
outweighed by the savings in cost and labor associated to running physical
cables.
4.1
REMEMBER WIRELESS
TECHNOLOGIES
Types of
Wireless
Networks
Wireless Wireless
Wide Area Local Area
networks networks
(WWAN) (WLAN)
Wireless Network
4.1
REMEMBER WIRELESS
TECHNOLOGIES
Applications include:
1. Short-range (< 10 m) connectivity for multimedia
applications
PDAs, Cameras, Voice (hands free devices)
High QoS, high data rate (IEEE 802.15.3)
WPAN - Applications
ZigBee
i. Remote Keyless Entry ( Transmitters)
ii. Wireless Security Systems
iii. Home Appliances Control (Lighting Control, Ceiling
Fans)
iv. Radio Remote Control (Hobby, Toys)
v. Garage Door Openers
vi. Wireless PC Peripherals (Keyboard, Mouse)
vii. Telemetry (Tire Pressure, Utility Meter, Asset Tracking)
WPAN - Applications
WLAN's may also extend beyond the four walls, providing network
connectivity for outside storage areas, docks, and between multiple buildings.
Wireless Local Area Networks (WLAN )
They allow many users to connect to a wired network through a device known
as an Access Point (AP).
Most computers
come with WLAN
technology built in
Wireless Local Area Networks (WLAN )
WLAN Applications
Wireless Wide Area Networks (WWAN ) offer the most expansive range of all
wireless networks .
Wireless Wide Area Network (WWAN)
Advantages:
Ideal
Ideal for
for users
users away
away from
from
home needing
home needing to
to connect
connect
virtually
virtually anywhere
anywhere inin
their
their coverage
coverage area
area
Utilize
Utilize cellular
cellular WWAN
WWAN provides
provides
technology to
technology to securely
securely regional, nationwide
regional, nationwide
transfer
transfer data
data or
or connect
connect and
and global
global wireless
wireless
to
to the
the Internet
Internet44 coverage
coverage
WWAN
WWAN provides
provides Insert
Insert the
the WWAN
WWAN cardcard from
from your
your
service
service provider
provider or
or even
even easier,
easier, select
select
better security
better security than
than aa notebook
notebook with
with built-in
built-in WWAN
WWAN
technology
technology (such
(such as
as an
an HP
HP Mobile
WLAN
WLAN thanks
thanks to
to built-
built- Broadband card)
card) and
and then
Mobile
then contract
contract
Broadband
in
in 128-bit
128-bit encryption
encryption with
with aa service
service provider
provider
Wireless Wide Area Network (WWAN)
Disadvantages:
1. ISP contract may cost more than WLAN for those who rarely need or use
wireless Internet access.
2. Replacing a lost external WWAN card can be costly (a built-in version may be
a better choice).
Wireless Technologies
WAN
(Wide Area Network)
MAN
(Metropolitan Area Network)
LAN
(Local Area Network)
PAN
(Personal Area
Network)
LANs
1 Mbps
2.5GHz
Data
Services
Broadband PCS
56 Kbps
Circuit and Packet Data
19.6 Kbps Cellular, CDPD, Mobitex, DataTac
Narrow Band
9.6 Kbps Wireless LANs Narrowband PCS Satellite
Local Wide
Coverage
Coverage Area
Area
High-Level Differences between WPANs, WLANs,
WWANs, and Satellite
Which connections are you?
The Wi-Fi logo on a device means that this equipment meets standards
and should interoperate with other devices of the same standard.
Wireless LAN Standards
802.11a
802.11b
uses the 2.4 GHz technologies.
The maximum data-rate of 11 Mbps which ranges approximately 46 m (150
ft) indoors/96 m (300 ft) outdoors.
802.11g
uses 2.4 GHz technologies with a maximum data-rate increase to 54 Mbps.
It has the same range as the 802.11b.
Backwards compatible with 802.11b.
Wireless LAN Standards
802.11n
is the newest standard in development.
It uses 2.4 GHz technologies (draft standard specifies support for 5 GHz) and
extends the range and data throughput.
Backwards compatible with existing 802.11g and 802.11b equipment (draft
standard specifies 802.11a support).
WI-FI Range Diagram
Architecture of Wireless LANs devices
1. Stations
All components that can connect into a wireless medium in a network are referred to as
stations.
All stations are equipped with wireless network interface controllers (WNICs).
Wireless stations fall into one of two categories: access points, and clients.
Access points (APs), normally routers, are base stations for the wireless network.
They transmit and receive radio frequencies for wireless enabled devices to
communicate with.
Wireless clients can be mobile devices such as laptops, personal digital assistants,
IP phones and other smart phones, or fixed devices such as desktops and workstations
that are equipped with a wireless network interface.
Architecture of Wireless LANs devices
Every BSS has an identification (ID) called the BSSID, which is the MAC address of the
access point servicing the BSS.
An independent BSS (IBSS) is an ad-hoc network that contains no access points, which
means they can not connect to any other basic service set.
An infrastructure BSS can communicate with other stations not in the same basic
service set by communicating through access points.
Architecture of Wireless LANs devices
6. Reliability
Like any radio frequency transmission, wireless networking signals are subject
to a wide variety of interference, as well as complex propagation effects that
are beyond the control of the network administrator.
7. Speed
The speed on most wireless networks (typically 1-54 Mbps) is far slower than
even the slowest common wired networks (100Mbps up to several Gbps).
However, in specialized environments, the throughput of a wired network
might be necessary.
2. Authentication on a WLAN
Authentication
802.11 authentication is the first step in network attachment.
802.11 authentication requires a mobile device (station) to establish its
identity with an Access Point (AP) or broadband wireless router.
There is no data encryption or security at this stage.
The Institute of Electrical and Electronics Engineers, Inc.(IEEE) 802.11
standard defines two link-level types of authentication:
1. Open System.
2. Shared Key.
Open System Authentication
1. Open System Authentication
Open system authentication consists of TWO(2) communications.
The first is an authentication request from the mobile device that contains the
station ID (typically the MAC address).
This is followed by an authentication response from the AP/router containing
a success or failure message.
Shared Key Authentication
2. Shared Key Authentication
With shared key authentication, a shared key or passphrase is manually set on
both the mobile device and the AP/router.
There are several types of shared key authentication available today for home or
small office WLAN environments:
Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access (WPA)
Wi-Fi Protected Access 2 (WPA2)
3. Encryption on a WLAN
WEP was designed to provide the Use a pre-shared key (PSK), commonly Enhancement to WPA2 over WPA is
same level of security as wired referred to as WPA Personal. the use of the Advanced Encryption
networks Standard (AES) for encryption
Difficult to configure. Provides a higher level of security WPA2 requires more processing power
than WPA
MAC ID filtering
One of the simplest techniques is to only allow access from known user, approved
MAC addresses.
However, this approach gives no security against sniffing, and client devices can
easily spoof MAC addresses, leading to the need for more advanced security
measures.
Most wireless access points contain some type of MAC ID filtering that allows the
administrator to only permit access to computers that have wireless functionalities
that contain certain MAC IDs.
4. Traffic filtering on a WLAN
This can be helpful; however, it must be remembered that MAC IDs over a
network can be faked.
Cracking utilities such as SMAC are widely available, and some computer
hardware also gives the option in the BIOS to select any desired MAC ID for its
built in network capability.
Some access points can also support "AP isolation" which isolates all wireless
clients and wireless devices on the network from each other.
Wireless devices will be able to communicate with the gateway but not with
each other in the network
4.3
Understand
networking threats
61
Describe risks of network intrusion.
Network Threat
Unstructured threats
Structured threats
Internal threats
External threats
Network Attacks
Reconnaissance Attack
Access Attack
Denial-of-Service attack
Data Manipulation attack
The FOUR(4) Primary Types of Network
Threats
●
An unstructured security threat is one
Unstructur created by an inexperienced person
who is trying to gain access to your
ed threats network, i.e. a wannabe hacker.
●
A structured security threat, on the
Structure other hand, is implemented by a
technically skilled person who is trying
d threats to gain access to your network.
The FOUR(4) Primary Types of Network
Threats
Internal ●
An internal security threat occurs
when someone from inside your
network creates a security threat to
threats your network.
●
An external security threat occurs
when someone outside your network
External threats creates a security threat to your
network.
The FOUR(4) Primary Types of Network
Attack
Data ●
Unauthorized data manipulation
manipulati involves interpreting, altering, and
deleting confidential data.
on attacks
Reconnaissanc ●
Reconnaissance attack is a kind of information
gathering on network system and services.
e ●
This enables the attacker to discover vulnerabilities or
weaknesses on the network. It could be likened to a
(Exploration) thief surveying through a car parking lot for
vulnerable – unlocked - cars to break into and steal.
attacks
The FOUR(4) Primary Types of Network
Attack
Denial-of- ●
An attacker attempts to prevent
service legitimate users from accessing
information or services.
attacks
Questions
i. Internal threats
Pretexti
●
Pretexting is the human equivalent of phishing, where
someone impersonates an authority figure or someone
your trust to gain access to your login information.
●
It can take form as fake IT support needing to do
Phishin
●
Phishing involves false emails, chats, or websites
designed to impersonate real systems with the goal of
capturing sensitive data.
●
A message might come from a bank or other well
●
Instead of being directed by e-mail to a Web site, an e-
mail message asks the user to make a telephone call.
●
The call triggers a voice response system that asks for
Vishing ●
the user's credit card number.
The initial bait can also be a telephone call with a
recording that instructs the user to phone an 800
number.
** What is a Phishing Attack?
Viruses, Worms, and Trojan Horses are all malicious programs that are
purposely written to cause damage to a computer and/or information on
the computer.
They are also capable of slowing down the Internet, and they can use an
individual’s computer to spread themselves to friends, family, co-workers,
or others.
Infection Methods
Virus
A virus is maliciously written code that replicates itself.
It may damage hardware, software, or information files.
Most viruses exist simply to replicate themselves.
Worm
A worm is designed to copy itself from one computer to another, but it does so
automatically (perhaps over a network) by taking control of features on the computer
that can transport files or information.
This often occurs without the action of humans.
Worms are very effective at using e-mail systems and address books to spread .
Trojan Horse
A Trojan (or Trojan horse) is a malicious program disguised as a normal application.
Trojan horse programs do not replicate themselves like a virus, but they can be
propagated as attachments to a virus.
Trojan horses cause damage or compromise the security of the computer .
Virus A virus is maliciously written
code that replicates itself.
4. Multipartite viruses.
A hybrid of Boot and Program/file viruses.
They infect program files and when the infected program is executed,
these viruses infect the boot record.
When you boot the computer next time the virus from the boot record
loads in memory and then start infecting other program files on disk
FIVE(5) recognized types of viruses:
5. Macro viruses
A macro virus is a computer virus that alters or replaces a
macro, which is a set of commands used by programs to
perform common actions.
For example, the "open document" action in many word-
processing programs relies on a macro to function, since there
are several discrete steps in the process.
Macro viruses change this command set, allowing them to
execute whenever the macro is run.
A worm is similar to a virus.
Worm A worm is designed to copy
itself from one computer to
another, but it does so
automatically (perhaps over a
network) by taking control of
features on the computer that
can transport files or
information.
This often occurs without the
action of humans.
Worm
Worms are very effective at using e-mail systems and
address books to spread.
They replicate themselves like viruses, but do not alter files
the way that viruses do.
The main difference is that worms reside in memory and usually remain
unnoticed until their effects become apparent, obnoxious, or overwhelming.
A worm may arrive in the form of a joke program or software of
some sort, or by copying itself using email or another transport
mechanism.
Worm
Brute Force Attack adalah kaedah untuk mendapatkan kata laluan yang
paling banyak digunakan oleh para penggodam (hackers).
Serangan ini akan cuba untuk menggunakan gabungan kesemua watak
(characters) yang mungkin digunakan sebagai kata laluan.
Untuk memulihkan kata laluan satu watak, memerlukan kita untuk
mencuba 26 kombinasi ('a' hingga 'z'). Ini pasti akan memberikan hasil...
Brute Force Attack
The brute force attack is a method of obtaining a user's authentication
identifications.
Authentication is the process of determining if a user is who he/she claims to
be.
It is commonly performed through the usage of usernames and passwords.
Knowledge of the password is assumed to guarantee that the user is
authentic.
Each user initially registers (or is registered by someone else) using an
assigned or self-declared password.
On each subsequent use, the user must know and use the previously
declared password.
Brute Force Attack
Using brute force, attackers attempt combinations of the
accepted character set in order to find a specific combination
that gains access to the authorized area. Consider the
following form:
Brute Force Attack
Attackers can use brute force applications, such as password
guessing tools and scripts, in order to try all the combinations of
well-known usernames and passwords.
Such applications may use default password databases or
dictionaries that contain commonly used passwords or they may
try all combinations of the accepted character set in the
password field.
4.4
Understand methods of
attacks
Information collected can include your online habits and preferences (where
you go, where you shop, for what, how much, how often, etc), each key you
press on your keyboard, passwords, logon information, account and
financial information, online correspondence and conversations or whatever
information is stated in the agreement.
Spyware
Unauthorized software installation without the computer user’s or owner’s
permission can include:
Programs designed to help steal personal user information to commit
identity theft without the user or owner of the computer providing their
permission to do so.
Disabling security without the computer owner or user providing their permission
Endless loop pop-up advertisements or adware when the computer user or owner
does not deliberately activate the software either through an installed program or
through understanding an End-User License Agreement.
Denial of Service attacks Modem Hijacking – the computer user can incur financial
telecommunication charges without their prior permission
Guidelines to Avoid Spyware
Tracking
If you use Microsoft's Internet Explorer to browse the Web, you
can see all of the cookies that are stored on your machine. The
most common place for them to reside is in a directory called
c:windowscookies.
When I look in that directory on my machine, I find 165 files. Each
file is a text file that contains name-value pairs, and there is one
file for each Web site that has placed cookies on my machine.
Adware
The term adware frequently refers to any software which
displays advertisements, whether or not the user has responded.
Programs such as the Eudora mail client display advertisements
as an alternative to shareware registration fees.
These may be classified as "adware", in the sense of advertising-
supported software, but not as spyware.
Adware in this form does not operate surreptitiously or mislead
the user, and provides the user with a specific service.
Most adware is spyware in a different sense than "advertising-
supported software
Pop-up Ads Or Pop-ups
Pop-up ads or pop-ups are a form of online advertising on the World
Wide Web intended to attract web traffic or capture email addresses.
Pop-ups are generally new web browser windows to display
advertisements.
The pop-up window containing an advertisement is usually generated
by JavaScript, but can be generated by other means as well.
A variation on the pop-up window is the pop-under advertisement,
which opens a new browser window hidden under the active window.
Pop-under do not interrupt the user immediately and are not seen until
the covering window is closed, making it more difficult to determine
which web site opened them.
4.4
Understand methods
of attacks
There are several free ways to help protect your computer against
malware:
1. Make sure automatic updating is turned on to get all the latest security
updates.
2. Keep your firewall turned on.
3. Don't open spam email messages or click links on suspicious websites.
4. Download Microsoft Security Essentials, which is free, or another
reputable antivirus and anti-malware program (see the warning below).
5. Scan your computer with the Microsoft Safety Scanner.
Questions
1. While surfing the Internet, a user notices a box claiming a prize has been
won. The user opens the box unaware that a program is being installed.
An intruder now accesses the computer and retrieves personal
information. What type of attack occurred?
2. What is a major characteristic of a Worm?
3. What type of advertising is typically annoying and associated with a
specific website that is being visited?
4. What is a widely distributed approach to marketing on the Internet that
advertises to as many individual users as possible via IM or e-mail?
Answer
1. Trojan horse
2. Exploits vulnerabilities with the intent of propagating itself across a
network
3. Pop-ups
4. Spam
4.5
Understand security
policy
2. Password.
A description of the requirements for password protecting computer
systems, the rules for choosing passwords, and how the password policy
is enforced.
Explain Common Security Measures.
3. Email.
This policy covers the use of email sent from any company email address
and received at any company computer system.
4. Web.
A specification of what browsers may be used, how they should be
configured, and any restrictions on which sites employees can visit.
6. Remote Access.
A policy stating who can access what information from which
locations under what circumstances.
7. Internet.
A description of your Internet-facing gateway configuration, stating
what is allowed in and out, and why.
8. Wireless.
A specification stating how wireless access will be managed on your
network; how access points will be plugged in, secured, and
maintained; who is allowed to use them; and under what
circumstances.
Explain Common Security Measures.
9. Servers.
A statement of the company standards for servers, what services are
enabled or disabled by default, and important distinctions between
production, test, and development environments.
Here are just a few of the tasks that system patches and
updates perform:
1. Fix security holes
2. Update subsystems and drivers to increase software
compatibility
3. Optimize how the operating system handles resources
4. Add updated features and tools
5. Remove outdated features and tools
Identify The Importance Of Updated
Software And Patches.
2. Automatic Update
Manual Update
Where the user downloads it from the vendors website, ftp site
or in some extreme cases, receives it via mail on CD or DVD.
This method is acceptable but not the best as it involves lot of
user interaction.
The user has to visit the site, download the update, install it,
trouble shoot in case of errors during download or install, etc.
Sometimes the user might even decide not to update due to
some arbitrary reason.
Automatic Update
It also takes away the burden of packaging updates for end
users to install.
Instead, the software itself supports the updates in whichever
way is easy for the developer to package it.
This method also makes it easy to distribute the updates
globally and at the same time.
As this method will ensure fewer bugs and issues, it will result in
fewer calls to the technical support division, thus reducing costs.