Secured WiFi

8/7/2019 Secured WiFi

1/6

Secure Building of WI-FI

SECURE BUILDING OF WI-FI

Done by

R. Arun II MCAP. Sangeetha II M.Sc (IT)

St Josephs College of Arts & ScienceCuddalore 607001.

[email protected] No: 8870327927

INTRODUCTION

The main objective of this research

paper is to build secure WI-FI connections.Since every institutions, workplaces &

organizations preferring and switching

over to WI-FI connections we have to

make sure that it is secure.

This research paper is based on the

observations & findings that were made

for the past one year while implementing

the WI-FI connections. Here we listed out

what are all common exploits & probable

solutions to tackle that the problems.

Wireless Internet access is a huge

convenience that we have got used to, but

it is important to secure them. Most

internet users do not even realize that

connecting their system to web through

Wi-Fi routers can make them more

vulnerable to hackers.

SECURITY THREATS TO WI-FINETWORKS:

There is no physical protection of

the wireless network. The risk of the data

sharing is high as packets are sent through

the airwaves, and an attacker can easily

use various wireless sniffing tools. Most

wireless devices use a broad spectrum, so

it is very easy to identify the signals,

which makes all the more vulnerable to

hackers. There is no need to re-login andrestart network applications. WLANs do

raise the issue of the security due to other

inherent features such as radio waves

being easier to intercept than physical

wires.

COMMON EXPLOITS OF

WIRELESS NETWORKS

In general, attacks on wireless

networks fall into four basic categories:

Passive Attacks

Active Attacks

War Driving

Jamming

PASSIVE ATTACKS

A passive attack occurs when

someone eavesdrops on the networks

traffics. Armed with a wireless network

adapter that supports promiscuous mode,

eavesdroppers can capture network traffic

for analysis using easily available tools.

ACTIVE ATTACKS

Once an attacker has gained

sufficient information from passive attack,

they can lunch an active attack against the

network. There are a potentially large

number of active attack can be lunched

against a wireless network. These include,

but are not limited to, unauthorized access,

spoofing, denial of service, and flooding,

as well as the introducing of malware.

R Arun II MCA Page 1
mailto:[email protected]:[email protected]


2/6


WAR DRIVING

War driving, also called access

point mapping, is the act of locating and

possibly exploiting connections to wireless

local area networks while driving around acity or elsewhere. With an omnidirectional

antenna and a geophysical positioning

system (GPS), the war driver can

systematically map the locations of

802.11b wireless access points.

JAMMING

Jamming is one of many exploits

used compromise the wireless

environment. If an attacker truly wanted tocompromise your LAN and wireless

security, the most effective approach

would be to send random unauthenticated

packets to every wireless station in the

network.

HACKERS DO THE FOLLOWING

STEPS FOR HACKING WIRELESS

NETWORKS.

Analyze network to attack

Crack WEP key

Sniff network

Denial of Service attacks (DoS)

Hacker trying to hack a computer

Wireless networks are extremely

vulnerable to DoS attacks. It can slow the

network to crawling speeds or actually

force it to quit working. In the Brute ForceDoS attack method, a huge flood of

packets can use up all of the networks

resources and force it to shut down, or a

very strong radio signal that totally

dominates the airwaves can render access

points and radio cards useless.

As wireless networks send information via

radio waves on public frequencies, thus

they are susceptible to vulnerable.

A hacker can initiate a packet-based brute

force DoS attack by using other systems

on the network to send the useless packets

to the server. This adds significant

overhead on the network and takes away

useable bandwidth from legitimate users.

SECURE BUILDING OF WI-FI

NETWORKS

Since wireless is a shared medium,

everything that is transmitted or received

over a wireless network can be

intercepted. Encryption and authentication

are always considered when developing a

wireless networking system. The goal of

adding these security features is to make

wireless traffic as secure as wired traffic.

Here are some simple ways to secure your

Wi-Fi network and prevent its misuse

Authentication through the open

system and shared key

authentication types.

Data confidentiality through Wired

Equivalent Privacy (WEP)

USING A JAMMER DEVICE

A Wi-Fi Jammer is designed for

blocking wireless LAN networks and

Bluetooth devices. It could cut off of the

connections with Wireless Routers or

Wireless Access Points. It works on

2.4~2.5GHz, could be used in any secure

and privacy locations The Wi-Fi jammer is

applicable for blocking laptops, desktopcomputers, PDAs and so on. It could help

http://searchmobilecomputing.techtarget.com/sDefinition/0,,sid40_gci341007,00.htmlhttp://searchmobilecomputing.techtarget.com/sDefinition/0,,sid40_gci896478,00.htmlhttp://searchmobilecomputing.techtarget.com/sDefinition/0,,sid40_gci341007,00.htmlhttp://searchmobilecomputing.techtarget.com/sDefinition/0,,sid40_gci896478,00.html


3/6


you prevent unauthorized people leak out

confidential information. The Bluetooth

connections will be cut off also after turn

on Wi-Fi jammer.

STOP PUBLICLY BROADCASTING

YOUR (SSID)

The broadcast works like an

invitation to the hackers whore searching

for just that opportunity. In Wi-Fi

networking, the wireless access point or

router typically broadcasts the network

name (SSID) over the air at regular

intervals. Broadcasting was designed for

mobile hotspots where Wi-Fi clients may

roam in and out of range. In the home, this

feature is unnecessary, and it increases the

likelihood someone will try to log in to

your home network. If you turn off SSID

broadcasting, you can keep casual users

away from seeing your network.

MAC ADDRESS FILTERING

Each piece of hardware connected

to a network has physical address or MAC.

Access points and routers keep track of the

MAC addresses for all devices that

connect to them. You can restrict or allow

access to your network by filtering MAC

addresses.

Turn on WPA / WEP Encryption

If the information sent back and forth over

your Wi-Fi network isnt adequately

encrypted, a hacker can easily tap into thenetwork and monitor your activity. One of

the best ways to secure your Wi-Fi

network is through encryption.

There are primarily two encryption Wi-Fi

standards

Wireless Equivalent Protocol

(WEP)

Wi-Fi Protected Access (WPA).

WIRED EQUIVALENT PRIVACY

(WEP)

WEP utilizes a symmetric

algorithm known as a stream cipher,

for encryption. A symmetric algorithm is

one that relies on the concept of a single

shared key (as opposed to a public

key) that is used at one end to encrypt

plaintext (the data) into cipher text (the

encrypted data), and at the other end to

decrypt it - convert the cipher text back to

plaintext. Thus, the sender and the receiver

share the same key, and it must be kept

secret.

WI-FI PROTECTED ACCESS (WPA)

Wi-Fi Protected Access is a

specification of standards-based,

interoperable security enhancements that

strongly increase the level of data

protection and access control for existing

and future wireless LAN systems.

Designed to run on existing hardware as a

software upgrade, Wi-Fi Protected Access

is derived from and will be forward-compatible with the upcoming IEEE

802.11i standard. When properly installed,

it will provide wireless LAN users with a

high level of assurance that their data will

remain protected and that only authorized

network users can access the network

To meet these goals, security

enhancements needed to be made.



4/6


WPA

Its more secure and alternative to

WEP. However, since it is newer, it is not

as widely supported.

WPA2Its newest type of wireless

encryption; it provides the highest level of

encryption available. WPA2 encryption

should be your first choice if your wireless

router, all of your wireless computers and

devices support it.

Jammer device

VIRTUAL PRIVATE NETWORKS(VPN)

Virtual Private Network

technology (VPN) has been used to secure

communications among remote locations

via the Internet since the 1990s. A

familiar and already widely used

technology in the enterprise, it can readily

be extended to Wi-Fi WLAN segments on

existing wired networks. Although VPNs

were originally developed to providepoint-to-point encryption for long Internet

connections between remote users and

their corporate networks, they have

recently been deployed in conjunction with

Wi-Fi WLANs. When a WLAN client

uses a VPN tunnel, communications

data remains encrypted until it reaches

the VPN gateway, which sits behind

the wireless AP. Thus, intruders are

effectively blocked from intercepting all

network communications. Since the VPN

encrypts the entire link from the PC to the

VPN gateway in the heart of the

corporate network, the wireless network

segment between the PC and the AP is

also encrypted. This is why VPNs have

been recommended to help secure Wi-Fi

While VPNs are generally considered

an enterprise solution, integrated products

that offer VPN pass-through

connections, firewalls and routers are

available to accommodate

telecommuters who work from home.

Although they provide excellent security,

VPNs are not self-managing. User

credentials and, often, VPN software

must be distributed to each client.However, when properly installed, VPNs

extend the high level of security they

provide on wired networks to WLANs. In

fact, some Wi-Fi vendors themselves have

utilized VPNs in networks to secure their

own internal Wi-Fi networks

TEMPORAL KEY INTEGRITY

PROTOCOL (TKIP)

It is an enhanced data encryption.

Wi-Fi Pr ot ec te d Access utilizes it s

Temporal Key In te gr i ty Pro t oco l

(TKIP). TKIP provides important data

encryption enhancements including a

per-packet key mixing function

WEP VULNEBERALITIES:

WEP is the original wirelessencryption standard, which is now

outdated. The main problem with it is that

it can be easily cracked. Cracking a

wireless network means defeating the

encryption so that you can establish a

connection without being invited. If you

use WEP encryption, change your

encryption key regularly.

DO NOT AUTO-CONNECT TO OPEN

WI-FI NETWORKS



5/6


If you connect to every available

Wi-Fi network automatically, you will

inevitably end up connecting to dummy

Wi-Fi networks designed specifically to

catch unsuspecting users. Most computers

provide a Wi-Fi setting that will configureyour computer to automatically connect to

any open Wi-Fi network without notifying

you. Never select the connect to available

Wi-Fi networks automatically setup

option under your Network Connections

window.

ASSIGNING STATIC IP ADDRESSES

TO DEVICES

Dynamic IP allocation also works

to the advantage of attackers, who can

easily obtain valid IP addresses from

networks DHCP pool. Turn off DHCP on

the router or access point, set a fixed IP

address range instead and then configure

each connected device to match. Using a

private IP address range (like 10.0.0.x)

prevents computers from being directly

reached from the Internet.

ENSURE ACCESS POINTS ARE

PLACED SECURELY

The performance of a Wi-Fi home

network greatly depends on signal strength

of the wireless router or wireless access

point (base station). In the Centre of a

room/office etc. to minimize its signal

strength outside the office.

ADVANTAGES

There are real and measurable

benefits to using a wireless network

versus a standard wired network. For a

home installation customer, the greatestbenefit is that there are no wires needed:

you dont need to drill holes in walls and

floors; you dont need to drag cables or

hide them under rugs. One Wi-Fi access

point can provide network access for

any typically sized home. And if you

live in a rental or a historical building,

you may not be allowed to drill holes-

that makes wireless your only solution

Its flexible: With a wireless networkyou and your staff can have

uninterrupted access to people,

information and tools as you and they

move through the workplace with your

mobile PC

Its Mobility: As you change your

business operations your wireless network

can change with you

Its fast:From 11 to 54 Mbps throughput

and advanced roaming capabilities

provide reliable access to e-mail, the

Internet, file sharing and other network

resources away from the desk

Its cost-effective: Expand and extend

your existing network by simply

adding more adapters and access points.

Planning is a no brainier as you need to

buy only what you need

LIMI T A TIONS

HIGH CONSUMPTION OF

ELECTRICITY

Wi-Fi technologies are power

hungry and suck out your electricity like

water. This presents a clear disadvantage

for users of laptops and other battery

dependent devices. The battery industry isstill grappling with technology which will



6/6


enable them to manufacture long lasting,

compact sized and light weight batteries.

RADIO WAVE CONFLICTS

If you are using your Wi-Fi nearother radiation emitting devices such as

microwave ovens, cordless phones, the

resulting conflicts between devices and

networks tend to slow down your Wi-Fi

device. In older versions of Wi-Fi the

conflicts were so high that if the user were

to go near the microwave the data transfer

would immediately stop

DATA SAFETY

The greatest challenge faced by Wi-Fi

providers today is how to prevent outsiders

from accessing your data. Before investing

in Wi-Fi check with the hardware guys

about precautions to save your data.

Currently the Wi-Fi Protected Access

technology is used to secure data transfer

and encryption over networks.

FUTURE TRENDS

IEEE 802.11a

The 802.11a supplement to 802.11

was published in 1999. It uses Orthogonal

Frequency Division Multiplexing (OFDM)

to provide data rates to 54 Mbps in the 5

GHz U-NII bands.

IEEE 802.11g

The 802.11g task group is

working on a supplement to the 802.11

standard that defines a technology for

operation at 2.4 GHz that offers higher

data rates (up to 22 Mbps) using

OFDM, while remaining backwards

compatible to 802.11b.When

compared to 802.11a, 802.11g offers the

advantages of lower cost, backwards

compatibility to existing 802.11b

equipment, and less path loss than

802.11a. This translates into higher data

rates for a given range, or increased range

for a given data rate

CONCLUSION

Our future depends on what we do

in the present - Mahatma Gandhi

Wi-Fi provides freedom: freedom

to physically move around your home

or business and still stay connected to

the Internet or local network; freedom to

grow and move an office or business

without having to install new cables andwires; Plus, it is cool, and it is fun as

those in the know say, Once you go

wireless, you will never want to use a

cable again.

Wi-Fi use is growing fast in homes,

public access areas and businesses- both

large and small. The Wi-Fi Alliance is

active with many industry organizations

and is working closely with

manufacturers to make sure that

existing Wi-Fi gear is compatible

with wireless technologies developed in

future.

REFERENCES

Overview of IEEE 802.11 Security,

ww w .techonli n e.co m

w w w .lib-a s c .ekm.o r g

w w w .wi-fi.o r g

w w w .howstuffworks.com

www.about.com

http://www.techonline.com/http://www.lib-asc.ekm.org/http://www.wi-fi.org/http://www.wikipedia.org/http://www.about.com/http://www.techonline.com/http://www.lib-asc.ekm.org/http://www.wi-fi.org/http://www.wikipedia.org/http://www.about.com/

Secured WiFi

Documents

Transcript of Secured WiFi