Sunday, January 26, 2020

Accidental And Malicious Association: Wireless Networking

Accidental And Malicious Association: Wireless Networking Wireless network is a wireless communication between two interconnect nodes without the use of wires. Mobility lifts the requirement for a fixed point of connection to the network which allows users to move physically while using their devices. Mobiles computers such as laptops computer and personal digital assistants (PDAs), are the growing sector in computer industry 1. Wireless networks have many uses. A common is the portable office. Wireless networks are the common, both for organisations and individuals. Many notebooks computer have wireless card that allow connecting to a wireless network. However, wireless networking has many security issues, wireless has fewer physical assets to protect but at the same time there is no locked door on the airwaves so it is far easy to hack 2. Therefore, hacker found wireless network much more easily to break into. Wireless Security Wireless technology users security threat has been increased as the service become more popular. There are numbers of security threats with the current wireless protocols and encryption methods has been grown due to the carelessness and ignorance of the users and at corporate IT levels. Cracking has become easier with user-friendly Windows or Linux-based tool due to the easily availability on the web at no charge. Types of unauthorised access 1. Accidental association Violation of the security of a corporate network can come from a number of different methods. One of these referred to as accidental association. When a user turns on a computer and it latches on to a wireless network or wireless access point of a neighbouring firms overlapping network, the user may not even know that this is occurred. However this is the breach in security in that proprietary firm information is exposed and now there could exist a link from one company to the other and there might be a chance when a data is been transferred within a firm it can be at a risk and its integrity might have been compromised. 2. Malicious association Malicious association are when wireless network of a company is accessed by a wireless device such as cracking laptop instead of a company access point (AP). These types of laptops are known as soft APs. When thief gained accessed to the wireless network they can steal password or can plant a Trojans. 3. Ad-hoc networks Ad-hoc networks can pose a security threats, this network are defined as peer to peer networks between wireless computers which do not have an access point between them. Ad-hoc networks provide a bridge into other networks. In a company network environment its provided a bridge into other organisation network through unsecured ad-hoc connection. Ad-hoc network are defaults setting in most version of Microsoft Windows, it is turned on unless explicitly disable. There are basically two types of Bridging in Ad-hoc network. A direct bridge and a indirect bridge, direct bridge is created by a user who configure a bridge between two connections whereas indirect bridge has two security hazards. The first hazards is that important company data is been obtained via the secured network on the users end node computer drive, which exposed to discovery via the unsecured Ad-hoc network. The second hazards is that a virus was placed on the users computer via the unsecured Ad-hoc connection which make way to the company secured network. 4. Identity theft (MAC spoofing) When a hacker is able to listen into network traffic and identify the MAC address of a computer is called MAC spoofing. Some program has the sniffing capability which combines software that permits a computer to pretend it has any address that the hacker wished for. Wireless network system allow MAC filtering to some extend so that only authorised with specific MAC IDs can only access the network. When the wireless device is switch off or is off the air then only MAC filtering is effective. Any wireless devices (802.11) on the air transmit its unencrypted MAC address, which required no specific equipment or software to detect it. With any 802.11 receiver such as laptop and a freeware packet analyser can get the MAC address of any transmitting 802.11 device within range. In a company network where most of the wireless devices are on the air, MAC filtering provides security only to prevent unauthorised connection to the company infrastructure and does nothing to prevent a direct attack. 5. Man-in-the middle attacks. In this type of attack, attacker incites computers to log into a computer which is set up as a soft AP (Access point). After this hacker connects to a real Access point through another wireless device which maintains a steady flow of traffic through the transparent hacking computer to the real network which provide hacker to sniff the traffic. This attack usually disrupt the real connection and reconnecting with the hackers soft AP, these attacks are enhanced by software such as LANjack and AIRjack. Online books http://books.google.com/books?id=Ic6Ai8Y7LoACprintsec=frontcoverdq=wireless+networkshl=enei=UpbQTOfLF4HIswbozazNCAsa=Xoi=book_resultct=resultresnum=1ved=0CDUQ6AEwAA#v=onepageqf=true date 2/11/10 http://books.google.com/books?id=XO5VjslHLasCprintsec=frontcoverdq=wireless+securityhl=enei=fZ3QTOSpAYORswbMurzNCAsa=Xoi=book_resultct=resultresnum=1ved=0CDUQ6AEwAA#v=onepageqf=true date 2/11/10

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.