Wireless Networks provide many benefits to network users such as, mobility, decreased workload on the engineer from pulling cables through ceilings, and increasing diversity of devices. But wireless network has some serious security holes that increase the risk of deploying WiFi in your school or enterprise.
Any time you reference any WiFi network you are using a family of 802.11 standard protocols that make wireless possible.
Authentication
802.11 networks use two authentication methods: open-system authentication and shared-key authentication. In both schemes, each mobile client must authenticate to the access point. Open-system authentication might better be called "no authentication", because no actual authentication takes place: the wireless client says "please authenticate me, I need access", and the AP does so, and asks no questions.
The shared-key authentication method is much like the open-system authentication, the wireless client requests access to the wireless network the AP says "ok" but what is the password. The client must then return the correct password in order to connect to the network.
Other issues arise for WiFi that create major security concerns
1. The wireless client doesn't have any way to challenge the validity of the identity of the AP that they are attaching to, so an attacker can easily set up a rogue AP that unaware clients can connect to.
2. The AP has no way to tell whether the wireless client is authorized to be on the network or not. If you have the password not matter how you got it, you can jump right in the network, whether you're supposed to be there or not.
3. A major problem that I had is the AP authenticates only the wireless client and not the user of the the station. Any computer that has a legal right to be attached to the network has full access, but the user may not be very honest.
So to keep yourself a little safe, use at least WEP (wired equivalency privacy) the password is passed in the clear text, but it is better than nothing. It will keep the novices users from accessing your network. For a more robust authentication you can used WPA, the data is encrypted and little harder to break.
Speaking of encrypted....
Encryption
Wireless access point is much like a radio station and the radio in your car. No matter where you are you are able to hear the same broadcast as everyone else. Now what if you has a sensitive information that was being broadcasted out and you didn't want non-authorized users to get it. The best way would be to jumble up the information so that only the correct receiver would know how to unjumble it to get the information.
Encryption in wireless network does just as you think it would, all data is scrambled and encoded with the same key that allows you to attach to the network.
No comments:
Post a Comment