Guys,Is security an issue with Wi-Fi? sagitraz 29-October-2008 11:46:47 PMComments http://www.wi-fiplanet.com/tutorials/article.php/3605601 You can read and read about Wi-Fi security, but nothing will get the point across as efficiently as actually seeing what eavesdroppers can see on an “unsecured wireless network.” You may think your network is secured after just changing the default SSID or disabling SSID broadcasting, especially after reading New York’s Westchester County's recent press release discussing a new Wi-Fi law for the city of White Plains. As mentioned in the press release, these two actions do take little effort, but by no means does this adequately secure your wireless network. Understanding the importance of securing a wireless network requires you to be aware of the issues resulting from not securing your network: Real-time Traffic is Compromised * People can see what Web sites you’re visiting. * Login information to unsecured sites (non-SSL) is compromised, along with the content. * Login information and content from services such as POP3 e-mail accounts and FTP connections is compromised. Network is Open for Others to Connect * Your internet connection may be used for sending and/or receiving illegal information, such as spam, music files or even child porn. * Others can access any shared files on PCs or servers connected to the network. A Wi-Fi Eavesdropper’s Look First, let’s take a look at what a Wi-Fi eavesdropper can see when you send an e-mail over a wireless network without encryption. To do this, I sent an e-mail (shown in Figure 1) from a computer on a wireless network with Microsoft Outlook using a POP3 account. Security Email FIGURE 1 At the same time, I captured packets from the network on my laptop using a free tool called Ethereal. As shown in Figure 2, you’re able to see exactly what was in the e-mail. Just imagine if this was an e-mail containing real sensitive information, and someone passing by in their car captured the wireless packets. Ethereal FIGURE 2 (click to enlarge) If that isn’t bad enough, see what I captured in the packet trace shown in Figure 3 when I synchronized my e-mail. This sensitive information includes the login information for the POP3 account! It clearly shows the main server, user name and password for the account. Ethereal shows POP3 info FIGURE 3 (click to enlarge) To clarify, the administrator of this wireless network could have changed the default SSID, disabled SSID broadcasting, enabled MAC address filtering, and many others things; however, we would still see the same information in Figures 2 and 3. You should also note that I did capture these packets in Ethereal via an Ethernet connection to the test network. It is possible, though, to use Ethereal to capture packets using a wireless adapter. This brings up another issue: make sure the wired connections to your network are secure, because interlopers can capture any of the Ethernet traffic. Securing your Private Wireless Network Now that you understand the importance of Wi-Fi security, you should implement methods like those discussed below to ensure your sensitive information is secure. To Secure Real-time Traffic * Use WEP encryption at the minimum; ideally, go with WPA encryption. To Prevent Others from Connecting * Try to keep wireless coverage within a controlled area. * Use MAC address filtering. * Limit DHCP addresses, or assign static addresses. * Disable SSID Broadcast. Keep in mind that the use of encryption is the only method that adequately secures the real-time traffic, such as e-mails and Web browsing, on your wireless network. Most other security methods, such as MAC address filtering and disabling SSID broadcast, are intended to help prevent others from successfully connecting to the wireless network. You can never be sure that your wireless network is completely secure. However, implementing multiple security methods means it will be much more difficult for Wi-Fi eavesdroppers to capture readable real-time data. Protecting Yourself on Public Hotspots When you’re using an unsecured wireless network, such as a hotspot in a hotel, cafe, airport or any other public location, you should take steps to make sure your sensitive information isn’t exposed: Secure Your Real-time Traffic * Use a VPN connection. * Make sure any services you use, such as POP3 and FTP, are secured if you are not using a VPN. * Don’t visit any private or sensitive Web site unless it’s secured (for example, implementing SSL) if you are not using a VPN. Prevent Others from Connecting to Your Laptop * Disable any sharing of files, folders and services. * Use personal firewall software. * Make sure your operating system is kept up to date. A VPN connection encrypts any data sent from your wireless adapter all the way to the VPN server and vice versa, therefore providing end-to-end encryption. Along with providing a great way to secure the data, this also enables access to the remote network hosting via VPN server, which is often used in businesses. If you aren’t provided with a VPN connection by your employer, you can either set up your own server, for example using Windows XP, or use a subscription-based, hosted service such as JiWire’s SpotLock. Posted by saqlain231 Introduction Wi-Fi is perhaps the hottest and fastest growing service telecommunications technology . SpeedClean Inc, a chain of modern Laundromats based out of Des Moines, Iowa, and primarily distributed throughout Iowa, should look at the opportunity to install and utilize Wi-Fi in its stores. An environment that involves sitting and waiting is naturally conducive to this technology. This paper is designed to answer questions regarding the background of Wi-Fi technology, how it works, the problems involved with said technology, what economic and regulatory constraints might influence a decision to move forward, and how successful application might be. To understand how SpeedClean might fully utilize the Wi-Fi technology, it’s important to know the background and how the technology works. What is Wi-Fi and How Does it work? Wi-Fi, or wireless fidelity, uses an unregulated part of the electromagnetic spectrum to send very high-speed data signals over the Internet from a wireless source to a router which is wired and in fixed location. The standardized name for Wi-Fi, 802.11b, transmits these signals at approximately 11 Mbps (million bites per second), a distance of 150-300 feet . This speed is around 100 times faster than a dial-up modem and about 10 times faster than a cable modem2. A transceiver located inside a building then allows customers to link to the Internet wirelessly, creating a wireless local area network (WLAN). This location for wireless Internet using Wi-Fi is often dubbed a “hotspot” for connectivity. Cost of the service still ranges in price both from the standpoint of businesses wanting access and customers potentially wanting wireless access. Price is set depend on the speed of the access point, existing infrastructure— types of wiring— and the number of access points requested. With regards to a charge to the customer several schools of thought have formulated. Some businesses offer access without a charge and see it as a chance to lure customers who might not ordinary visit such as hotels and cafes. Some, like Starbucks, see it as a chance for customers to linger longer in the establishment. This will be later addressed in the brief. Costs for an individual wanting to use Wi-Fi are relatively low. The bulk of the cost will obviously be from the hardware end and from where they choose to access the Internet from. Options include laptops, the most popular, PDA’s, and the ever-evolving cell phone technologies. For a laptop, one needs a wireless communication card and a Wi-Fi router. The card communicates wirelessly with the router, which is plugged into or wired to the source. Sources most likely include cable or DSL modems, but can include T1 or E1, the European identification, lines. Prices for a wireless or communication card start at 49 dollars for low-end models. Wi-Fi routers also vary in price depending on models and brands. It should also be noted that prices for Wi-Fi hardware are falling steadily due to the number of players getting involved in the market and development of technologies in this area. This leads us to “the who” in the game of Wi-Fi. A Linksys Wireless Dual-Band Router (left) and Netgear Wireless Communication Card. Photos from CNET Networks copyright 2002-2003. Who’s Promoting Wi-Fi? Just about every single major player is dipping their hands into the Wi-Fi market. Major manufacturers IBM, Dell, Apple and Sony all see that the time is now for the market. Many manufacturers are including the communication cards in new laptop models, including those in the previous statement. The manufacturers are only the tip of the Wi-Fi iceberg. Computer industry stalwarts Intel, 3Com, Cisco—who recently purchased Linksys, a leader in the wireless networking industry— and Nortel all are planning to grow even more as the Wi-Fi is poised to explode over the next few months and years. More proof that Wi-Fi is the “it” commodity in IT is Verizon’s plan in New York City. Verzion is taking some 1000 phone booths it operates in the city and converting them to “hotspots” hubs3. Wi-Fi is being promoted by several major companies. “Cometa Networks, an ambitious venture backed IBM, Intel, and AT&T, has vowed to launch 20,000 hotspots across America by 2008.”3 On the international scene, Paris, France, and Adelaide, Australia, have pledged to provide numerous Wi-Fi access areas.5 Other non-tech businesses recognize how Wi-Fi will impact the future and have established “hotspots” in their stores. Noted for leading this surge is Starbucks Corporation based in Seattle, Washington. In 2001, Starbucks announced it would provide Wi-Fi access to its customers3. While Starbucks is a pioneer in the wide-spread offering of Wi-Fi access, director of Wi-Fi business and alliance, Lovina McMurchy, pricing for access is a “learning experience.” She also said it’s hard to tell how different pricing plans or free services will play out. “At this point, a lot of companies are still just ‘dabbling’ in Wi-Fi through pilot projects.”4 Other businesses who are promoting Wi-Fi access include Borders and Kinkos. McDonalds is beginning to delve into providing hotspots.6 They have ten locations in New York City and plan on introducing them in the San Francisco area. If response is favorable, McDonalds plans on expanding access to Chicago and bigger markets as well. Other business locations and organizations who now are implementing Wi-Fi on a larger scale include hotels, airports, university campuses, and train stations. Cafes, coffee shops and restaurants are catching on to Wi-Fi’s popularity and adding access points too. Proxim G Access Hub. Photo from CNET Networks copyright 2002-2003. What Problems is Wi-Fi Designed to Solve? With all of this activity in the Wi-Fi world what can be said about the problems it is designed to solve? The main application of Wi-Fi is the thought of being wireless and having connectivity virtually anywhere. Wi-Fi’s design is allowing consumers and businesses to access a network or the Internet from the home, the field or any place in between. Transmission and/or reception of data from outside of the office, warehouse or even eventually in the air opens many arenas and solves headaches. For example, if one has a report to file and it needs have it done before leaving for the airport, one with Wi-Fi technology at a hotel with a hotspot simply connects wirelessly, and sends the report. The report is transmitted/received, deadline met, and problem solved. Some possible issues this might resolve include lowering overhead for companies with large offices and allowing work to be done from the home or on the road. This is evident in the increasing number of truck drivers who carry laptops to check in with headquarters and for personnel use. The drivers are attracted to truck stops that have Wi-Fi hotspots. Interconnectivity Wi-Fi’s flexibility and mobility make up backbone that allows users to take advantage of how it interconnects with other media. The portability of the devices utilizing Wi-Fi is the key. One can take his or her laptop increasingly anywhere and be connected. Being connected allows individuals to connect to the Internet to get news from numerous sources, watch movies or television, download media, optically link to printers and communicate with other Wi-Fi equipped media. The idea of interconnecting with various types of media from various locations is principle in the development and marketing of Wi-Fi. It also does this without the “mess” of wires. Something that might frustrate the average user with developing technologies is the fact that it has to be hooked up or wired. With Wi-Fi, there are no wires; it’s simply a matter of locating an access point, getting a signal with appropriate strength and connecting to the area network then your media preference. The advancement and the emergence of Personal Digital Assistants or PDAs will only perpetuate Wi-Fi popularity and demand. Wi-Fi and its constraints All of these benefits surely don’t come without a price. A closer look at the constraints which Wi-Fi must address follows. These include its use of unregulated portion of the electromagnetic spectrum, and security of Wi-Fi. First, as mentioned earlier in the brief, Wi-Fi uses an unregulated portion of the electromagnetic spectrum. The spectrum is already very crowded with traditional occupants, i.e. broadcast television, radio, and cell phones, but also includes microwaves, cordless telephones and Wi-Fi. The electromagnetic spectrum also includes gamma and x-rays. Wi-Fi’s frequency can be found at 2.4 GHz. With increasing demand spectrum space is becoming increasingly scarce. Wi-Fi avoids some of these problems because it occupies an unregulated portion, thus unlicensed. “Unlicensed spectrum is managed like a public highway: subject to certain rules of the road, access is open and free, and shared.”1 The issue of obtaining licenses for this unregulated portion of the spectrum will likely go unresolved for the near future. Another large issue with Wi-Fi is the matter of shared capability and concerns of its security. Addressing security on the Internet has always been a central concern. Gradually, users are learning to trust the security software available as it becomes more prevalent, reliable and as users have become more familiar with its applications. Although Wi-Fi is growing in popularity and familiarity, the vast majority of consumers seem uncertain if it provides adequate security, mainly because of the shared nature of the wireless data transmission. Over the last couple of years and certainly within the last few months Wi-Fi security specifications have undergone substantial change. Before looking into the updated security specifications a brief view of the preceding ones is in order. Wired Equivalent Privacy or WEP was the existing security protection device used in Wi-Fi. Wired Equivalent Privacy provided a fairly simple 128-bit key encryption and authentication format.7 This form of key encryption was shared by everyone accessing that particular area network and can basically be hacked into by using software available in stores, pre-existing software and applications on the Internet. As one can infer this was a monstrous concern for those with large networks due to the fact they were sharing an enormous amount of information on a shared network and considering each machine needed a manual encryption under the WEP format.7 The sole constraint has been the single source of wariness and hesitation to become possible Wi-Fi users. One might also infer the fact that a single constraint was not about to stand in the way of the huge potential Wi-Fi market and those who stood to economically benefit the most from it, the manufacturers of Wi-Fi equipment and software. To combat the weaknesses of WEP a new authenticity key was developed. The Institute of Electrical and Electronics Engineers (IEEE), in conjunction with the Wi-Fi Alliance, developed Wi-Fi Protected Access or WPA. Wi-Fi Protected Access is eradicating the now discredited WEP encryption. Wi-Fi Protected Access employs variant of methods to achieve encryption. A Temporal Key Integrity Protocol, or TKIP, and a Message Integrity Checker, or MIC, measure and ensure security on and to an access point.7 Wi-Fi Protected Access attempts to connect at the access point but will not grant full accessibility to the network until it establishes who the user is and then will authenticate said user on a server. The server will then authenticate the user with a 128-bit master session key.7 The TKIP will then distribute access, at the access point, to the user once acceptance has been granted. Once a user is on the network TKIP keys each packet of information automatically and individually upon transmission of the said data. During a session, the Message Integrity Checker continuously searches for and alerts the user once any tampering has occurred. Cisco Systems, Intel and Symbol Technologies have WPA technology in place as do other popular hardware providers such as D-link, 3Com, Linksys and Netgear.7 Those implementing WEP might be able to upgrade to WPA strength security through manufactures’ websites for a relatively low fee or in some cases at no additional charge. As of September 2003, new Wi-Fi products which are certified will incorporate WPA security technology.8 The future of Wi-Fi security bolsters itself on the notion that IEEE is already in development of new versions of the security applications. An 802.11i, or WPA2, could be in working order to establish even new measures of security for Wi-Fi.7 An Advance Encryption Standard, or AES, is already in use by governmental agencies with the real possibility of becoming the standard in Wi-Fi encryption security in the future.7 Evidence of federal government use should provide a strong indicator to businesses, those who are hesitant and possess lingering doubts of the serious nature and potential impact of the Wi-Fi market both in the short and long-term. Successful, Unsuccessful and the Future of Wi-Fi Successful and unsuccessful applications of Wi-Fi in the future also warrant a closer view. The pros and cons carry similar weight at this moment in Wi-Fi Technology. Primarily, the issue of connectivity arises. As the Wi-Fi attempts to further its own definition and to find its place in the Broadband-Digital Age the ease of access is front and center. With Verizon and many others converting and installing “hotspots” domestically and internationally it certainly looks as if Wi-Fi might find legs to stand on. While it might seem like is this a great distance—global coverage—the distance one can deviate from an access point drastically hinders its capabilities. Antennas, like the Hawking model pictured, are assisting with the connectivity and strength of signal. Hawking Wireless Antenna. Photo from CNET Networks copyright 2002-2003. Perhaps an application looming larger still is the one regarding security. As in most cases, the best way to learn something is to get burned by it. Surely that has happened too many, otherwise the serious effort to increase security technologies and protocols would not be made at the rate which programmers are currently working. It is also worth mentioning again that as of September 2003, the WPA Encryption technology takes a step closer to becoming a standard of now. In terms of economic factors, many of the companies mentioned earlier in the brief and several more have invested considerable resources into the Wi-Fi market. They would not do so without seeing its the potential. A Wi-Fi market also gaining considerable an amount of steam is the PDAs. Palm Solution’s new Tungsten C retails for around $499 dollars and has Wi-Fi technology and cellular technology built in, perhaps giving one the best of both worlds. 9 This price is lower than the cost of a laptop but nearly double the price of the high-end cellular phones currently on the market. If one’s laptop were not equipped with Wi-Fi technology then applications and benefits of the PDA have to be weighed. When will the trade-off begin? The 802.11g format which increases transfer rates up to 54 Mbps and Stanford University developed AGN 100 Wi-Fi chipset could increase speeds up to 108 Mbps.10 The 802.11g format is nearly five times the speed of the commonly used rate discussed in the brief, 802.11b. If the AGN 100 Wi-Fi chipset becomes viable and enters the market, it doubles the speed of 802.11g, and is about ten times faster than 802.11b A wireless application competing with and in some cases attempting to coexist with Wi-Fi is Bluetooth. This technology shares the same unregulated 2.4 GHz frequency band.11 Bluetooth gives one a very good signal inside of 30 feet. Bluetooth cell phones, cameras and printers are on the market currently. The drawbacks of Bluetooth, is that it is struggling to coexist with Wi-Fi and consumer awareness of the product. Additional sources for palatable information on Wi-Fi on the web include the following list: General Wi-Fi News Wi-Fi Networking News http://www.wifinetnews.com CNet Internet Services http://www.cnet.com Wi-Fi Planet http://www.wi-fiplanet.com Wired Online http://www.wired.com Hotspot Location Sites 802.11 Hot Spots http://www.802.11hotspots.com Wireless Node Datatbase http://www.nodedb.com2 Online Retailers CDW http://www.cdw.com Best Buy http://www.bestbuy.com Closing Comment Wi-Fi sits poised to be the next example of a classic technology. It has all the hallmarks; practical application, big time corporate backing, and on-going development. Concerns of connectivity and security not withstanding, Wi-Fi might be fit for a (Speed) Queen. Posted by saqlain231 It's true: using and hosting a Wi-Fi hotspot can threaten security Posted by waqasahmad Yes it is a great concern for WiFi. Posted by waqqas1 |
Posted: 25-November-2008 12:43:42 PM By: waqqas1 Yes it is a great concern for WiFi. | |
Posted: 08-January-2009 12:25:41 PM By: waqasahmad It's true: using and hosting a Wi-Fi hotspot can threaten security | |
Posted: 08-June-2009 12:17:52 PM By: saqlain231 Introduction Wi-Fi is perhaps the hottest and fastest growing service telecommunications technology . SpeedClean Inc, a chain of modern Laundromats based out of Des Moines, Iowa, and primarily distributed throughout Iowa, should look at the opportunity to install and utilize Wi-Fi in its stores. An environment that involves sitting and waiting is naturally conducive to this technology. This paper is designed to answer questions regarding the background of Wi-Fi technology, how it works, the problems involved with said technology, what economic and regulatory constraints might influence a decision to move forward, and how successful application might be. To understand how SpeedClean might fully utilize the Wi-Fi technology, it’s important to know the background and how the technology works. What is Wi-Fi and How Does it work? Wi-Fi, or wireless fidelity, uses an unregulated part of the electromagnetic spectrum to send very high-speed data signals over the Internet from a wireless source to a router which is wired and in fixed location. The standardized name for Wi-Fi, 802.11b, transmits these signals at approximately 11 Mbps (million bites per second), a distance of 150-300 feet . This speed is around 100 times faster than a dial-up modem and about 10 times faster than a cable modem2. A transceiver located inside a building then allows customers to link to the Internet wirelessly, creating a wireless local area network (WLAN). This location for wireless Internet using Wi-Fi is often dubbed a “hotspot” for connectivity. Cost of the service still ranges in price both from the standpoint of businesses wanting access and customers potentially wanting wireless access. Price is set depend on the speed of the access point, existing infrastructure— types of wiring— and the number of access points requested. With regards to a charge to the customer several schools of thought have formulated. Some businesses offer access without a charge and see it as a chance to lure customers who might not ordinary visit such as hotels and cafes. Some, like Starbucks, see it as a chance for customers to linger longer in the establishment. This will be later addressed in the brief. Costs for an individual wanting to use Wi-Fi are relatively low. The bulk of the cost will obviously be from the hardware end and from where they choose to access the Internet from. Options include laptops, the most popular, PDA’s, and the ever-evolving cell phone technologies. For a laptop, one needs a wireless communication card and a Wi-Fi router. The card communicates wirelessly with the router, which is plugged into or wired to the source. Sources most likely include cable or DSL modems, but can include T1 or E1, the European identification, lines. Prices for a wireless or communication card start at 49 dollars for low-end models. Wi-Fi routers also vary in price depending on models and brands. It should also be noted that prices for Wi-Fi hardware are falling steadily due to the number of players getting involved in the market and development of technologies in this area. This leads us to “the who” in the game of Wi-Fi. A Linksys Wireless Dual-Band Router (left) and Netgear Wireless Communication Card. Photos from CNET Networks copyright 2002-2003. Who’s Promoting Wi-Fi? Just about every single major player is dipping their hands into the Wi-Fi market. Major manufacturers IBM, Dell, Apple and Sony all see that the time is now for the market. Many manufacturers are including the communication cards in new laptop models, including those in the previous statement. The manufacturers are only the tip of the Wi-Fi iceberg. Computer industry stalwarts Intel, 3Com, Cisco—who recently purchased Linksys, a leader in the wireless networking industry— and Nortel all are planning to grow even more as the Wi-Fi is poised to explode over the next few months and years. More proof that Wi-Fi is the “it” commodity in IT is Verizon’s plan in New York City. Verzion is taking some 1000 phone booths it operates in the city and converting them to “hotspots” hubs3. Wi-Fi is being promoted by several major companies. “Cometa Networks, an ambitious venture backed IBM, Intel, and AT&T, has vowed to launch 20,000 hotspots across America by 2008.”3 On the international scene, Paris, France, and Adelaide, Australia, have pledged to provide numerous Wi-Fi access areas.5 Other non-tech businesses recognize how Wi-Fi will impact the future and have established “hotspots” in their stores. Noted for leading this surge is Starbucks Corporation based in Seattle, Washington. In 2001, Starbucks announced it would provide Wi-Fi access to its customers3. While Starbucks is a pioneer in the wide-spread offering of Wi-Fi access, director of Wi-Fi business and alliance, Lovina McMurchy, pricing for access is a “learning experience.” She also said it’s hard to tell how different pricing plans or free services will play out. “At this point, a lot of companies are still just ‘dabbling’ in Wi-Fi through pilot projects.”4 Other businesses who are promoting Wi-Fi access include Borders and Kinkos. McDonalds is beginning to delve into providing hotspots.6 They have ten locations in New York City and plan on introducing them in the San Francisco area. If response is favorable, McDonalds plans on expanding access to Chicago and bigger markets as well. Other business locations and organizations who now are implementing Wi-Fi on a larger scale include hotels, airports, university campuses, and train stations. Cafes, coffee shops and restaurants are catching on to Wi-Fi’s popularity and adding access points too. Proxim G Access Hub. Photo from CNET Networks copyright 2002-2003. What Problems is Wi-Fi Designed to Solve? With all of this activity in the Wi-Fi world what can be said about the problems it is designed to solve? The main application of Wi-Fi is the thought of being wireless and having connectivity virtually anywhere. Wi-Fi’s design is allowing consumers and businesses to access a network or the Internet from the home, the field or any place in between. Transmission and/or reception of data from outside of the office, warehouse or even eventually in the air opens many arenas and solves headaches. For example, if one has a report to file and it needs have it done before leaving for the airport, one with Wi-Fi technology at a hotel with a hotspot simply connects wirelessly, and sends the report. The report is transmitted/received, deadline met, and problem solved. Some possible issues this might resolve include lowering overhead for companies with large offices and allowing work to be done from the home or on the road. This is evident in the increasing number of truck drivers who carry laptops to check in with headquarters and for personnel use. The drivers are attracted to truck stops that have Wi-Fi hotspots. Interconnectivity Wi-Fi’s flexibility and mobility make up backbone that allows users to take advantage of how it interconnects with other media. The portability of the devices utilizing Wi-Fi is the key. One can take his or her laptop increasingly anywhere and be connected. Being connected allows individuals to connect to the Internet to get news from numerous sources, watch movies or television, download media, optically link to printers and communicate with other Wi-Fi equipped media. The idea of interconnecting with various types of media from various locations is principle in the development and marketing of Wi-Fi. It also does this without the “mess” of wires. Something that might frustrate the average user with developing technologies is the fact that it has to be hooked up or wired. With Wi-Fi, there are no wires; it’s simply a matter of locating an access point, getting a signal with appropriate strength and connecting to the area network then your media preference. The advancement and the emergence of Personal Digital Assistants or PDAs will only perpetuate Wi-Fi popularity and demand. Wi-Fi and its constraints All of these benefits surely don’t come without a price. A closer look at the constraints which Wi-Fi must address follows. These include its use of unregulated portion of the electromagnetic spectrum, and security of Wi-Fi. First, as mentioned earlier in the brief, Wi-Fi uses an unregulated portion of the electromagnetic spectrum. The spectrum is already very crowded with traditional occupants, i.e. broadcast television, radio, and cell phones, but also includes microwaves, cordless telephones and Wi-Fi. The electromagnetic spectrum also includes gamma and x-rays. Wi-Fi’s frequency can be found at 2.4 GHz. With increasing demand spectrum space is becoming increasingly scarce. Wi-Fi avoids some of these problems because it occupies an unregulated portion, thus unlicensed. “Unlicensed spectrum is managed like a public highway: subject to certain rules of the road, access is open and free, and shared.”1 The issue of obtaining licenses for this unregulated portion of the spectrum will likely go unresolved for the near future. Another large issue with Wi-Fi is the matter of shared capability and concerns of its security. Addressing security on the Internet has always been a central concern. Gradually, users are learning to trust the security software available as it becomes more prevalent, reliable and as users have become more familiar with its applications. Although Wi-Fi is growing in popularity and familiarity, the vast majority of consumers seem uncertain if it provides adequate security, mainly because of the shared nature of the wireless data transmission. Over the last couple of years and certainly within the last few months Wi-Fi security specifications have undergone substantial change. Before looking into the updated security specifications a brief view of the preceding ones is in order. Wired Equivalent Privacy or WEP was the existing security protection device used in Wi-Fi. Wired Equivalent Privacy provided a fairly simple 128-bit key encryption and authentication format.7 This form of key encryption was shared by everyone accessing that particular area network and can basically be hacked into by using software available in stores, pre-existing software and applications on the Internet. As one can infer this was a monstrous concern for those with large networks due to the fact they were sharing an enormous amount of information on a shared network and considering each machine needed a manual encryption under the WEP format.7 The sole constraint has been the single source of wariness and hesitation to become possible Wi-Fi users. One might also infer the fact that a single constraint was not about to stand in the way of the huge potential Wi-Fi market and those who stood to economically benefit the most from it, the manufacturers of Wi-Fi equipment and software. To combat the weaknesses of WEP a new authenticity key was developed. The Institute of Electrical and Electronics Engineers (IEEE), in conjunction with the Wi-Fi Alliance, developed Wi-Fi Protected Access or WPA. Wi-Fi Protected Access is eradicating the now discredited WEP encryption. Wi-Fi Protected Access employs variant of methods to achieve encryption. A Temporal Key Integrity Protocol, or TKIP, and a Message Integrity Checker, or MIC, measure and ensure security on and to an access point.7 Wi-Fi Protected Access attempts to connect at the access point but will not grant full accessibility to the network until it establishes who the user is and then will authenticate said user on a server. The server will then authenticate the user with a 128-bit master session key.7 The TKIP will then distribute access, at the access point, to the user once acceptance has been granted. Once a user is on the network TKIP keys each packet of information automatically and individually upon transmission of the said data. During a session, the Message Integrity Checker continuously searches for and alerts the user once any tampering has occurred. Cisco Systems, Intel and Symbol Technologies have WPA technology in place as do other popular hardware providers such as D-link, 3Com, Linksys and Netgear.7 Those implementing WEP might be able to upgrade to WPA strength security through manufactures’ websites for a relatively low fee or in some cases at no additional charge. As of September 2003, new Wi-Fi products which are certified will incorporate WPA security technology.8 The future of Wi-Fi security bolsters itself on the notion that IEEE is already in development of new versions of the security applications. An 802.11i, or WPA2, could be in working order to establish even new measures of security for Wi-Fi.7 An Advance Encryption Standard, or AES, is already in use by governmental agencies with the real possibility of becoming the standard in Wi-Fi encryption security in the future.7 Evidence of federal government use should provide a strong indicator to businesses, those who are hesitant and possess lingering doubts of the serious nature and potential impact of the Wi-Fi market both in the short and long-term. Successful, Unsuccessful and the Future of Wi-Fi Successful and unsuccessful applications of Wi-Fi in the future also warrant a closer view. The pros and cons carry similar weight at this moment in Wi-Fi Technology. Primarily, the issue of connectivity arises. As the Wi-Fi attempts to further its own definition and to find its place in the Broadband-Digital Age the ease of access is front and center. With Verizon and many others converting and installing “hotspots” domestically and internationally it certainly looks as if Wi-Fi might find legs to stand on. While it might seem like is this a great distance—global coverage—the distance one can deviate from an access point drastically hinders its capabilities. Antennas, like the Hawking model pictured, are assisting with the connectivity and strength of signal. Hawking Wireless Antenna. Photo from CNET Networks copyright 2002-2003. Perhaps an application looming larger still is the one regarding security. As in most cases, the best way to learn something is to get burned by it. Surely that has happened too many, otherwise the serious effort to increase security technologies and protocols would not be made at the rate which programmers are currently working. It is also worth mentioning again that as of September 2003, the WPA Encryption technology takes a step closer to becoming a standard of now. In terms of economic factors, many of the companies mentioned earlier in the brief and several more have invested considerable resources into the Wi-Fi market. They would not do so without seeing its the potential. A Wi-Fi market also gaining considerable an amount of steam is the PDAs. Palm Solution’s new Tungsten C retails for around $499 dollars and has Wi-Fi technology and cellular technology built in, perhaps giving one the best of both worlds. 9 This price is lower than the cost of a laptop but nearly double the price of the high-end cellular phones currently on the market. If one’s laptop were not equipped with Wi-Fi technology then applications and benefits of the PDA have to be weighed. When will the trade-off begin? The 802.11g format which increases transfer rates up to 54 Mbps and Stanford University developed AGN 100 Wi-Fi chipset could increase speeds up to 108 Mbps.10 The 802.11g format is nearly five times the speed of the commonly used rate discussed in the brief, 802.11b. If the AGN 100 Wi-Fi chipset becomes viable and enters the market, it doubles the speed of 802.11g, and is about ten times faster than 802.11b A wireless application competing with and in some cases attempting to coexist with Wi-Fi is Bluetooth. This technology shares the same unregulated 2.4 GHz frequency band.11 Bluetooth gives one a very good signal inside of 30 feet. Bluetooth cell phones, cameras and printers are on the market currently. The drawbacks of Bluetooth, is that it is struggling to coexist with Wi-Fi and consumer awareness of the product. Additional sources for palatable information on Wi-Fi on the web include the following list: General Wi-Fi News Wi-Fi Networking News http://www.wifinetnews.com CNet Internet Services http://www.cnet.com Wi-Fi Planet http://www.wi-fiplanet.com Wired Online http://www.wired.com Hotspot Location Sites 802.11 Hot Spots http://www.802.11hotspots.com Wireless Node Datatbase http://www.nodedb.com2 Online Retailers CDW http://www.cdw.com Best Buy http://www.bestbuy.com Closing Comment Wi-Fi sits poised to be the next example of a classic technology. It has all the hallmarks; practical application, big time corporate backing, and on-going development. Concerns of connectivity and security not withstanding, Wi-Fi might be fit for a (Speed) Queen. | |
Posted: 08-June-2009 12:18:33 PM By: saqlain231 http://www.wi-fiplanet.com/tutorials/article.php/3605601 You can read and read about Wi-Fi security, but nothing will get the point across as efficiently as actually seeing what eavesdroppers can see on an “unsecured wireless network.” You may think your network is secured after just changing the default SSID or disabling SSID broadcasting, especially after reading New York’s Westchester County's recent press release discussing a new Wi-Fi law for the city of White Plains. As mentioned in the press release, these two actions do take little effort, but by no means does this adequately secure your wireless network. Understanding the importance of securing a wireless network requires you to be aware of the issues resulting from not securing your network: Real-time Traffic is Compromised * People can see what Web sites you’re visiting. * Login information to unsecured sites (non-SSL) is compromised, along with the content. * Login information and content from services such as POP3 e-mail accounts and FTP connections is compromised. Network is Open for Others to Connect * Your internet connection may be used for sending and/or receiving illegal information, such as spam, music files or even child porn. * Others can access any shared files on PCs or servers connected to the network. A Wi-Fi Eavesdropper’s Look First, let’s take a look at what a Wi-Fi eavesdropper can see when you send an e-mail over a wireless network without encryption. To do this, I sent an e-mail (shown in Figure 1) from a computer on a wireless network with Microsoft Outlook using a POP3 account. Security Email FIGURE 1 At the same time, I captured packets from the network on my laptop using a free tool called Ethereal. As shown in Figure 2, you’re able to see exactly what was in the e-mail. Just imagine if this was an e-mail containing real sensitive information, and someone passing by in their car captured the wireless packets. Ethereal FIGURE 2 (click to enlarge) If that isn’t bad enough, see what I captured in the packet trace shown in Figure 3 when I synchronized my e-mail. This sensitive information includes the login information for the POP3 account! It clearly shows the main server, user name and password for the account. Ethereal shows POP3 info FIGURE 3 (click to enlarge) To clarify, the administrator of this wireless network could have changed the default SSID, disabled SSID broadcasting, enabled MAC address filtering, and many others things; however, we would still see the same information in Figures 2 and 3. You should also note that I did capture these packets in Ethereal via an Ethernet connection to the test network. It is possible, though, to use Ethereal to capture packets using a wireless adapter. This brings up another issue: make sure the wired connections to your network are secure, because interlopers can capture any of the Ethernet traffic. Securing your Private Wireless Network Now that you understand the importance of Wi-Fi security, you should implement methods like those discussed below to ensure your sensitive information is secure. To Secure Real-time Traffic * Use WEP encryption at the minimum; ideally, go with WPA encryption. To Prevent Others from Connecting * Try to keep wireless coverage within a controlled area. * Use MAC address filtering. * Limit DHCP addresses, or assign static addresses. * Disable SSID Broadcast. Keep in mind that the use of encryption is the only method that adequately secures the real-time traffic, such as e-mails and Web browsing, on your wireless network. Most other security methods, such as MAC address filtering and disabling SSID broadcast, are intended to help prevent others from successfully connecting to the wireless network. You can never be sure that your wireless network is completely secure. However, implementing multiple security methods means it will be much more difficult for Wi-Fi eavesdroppers to capture readable real-time data. Protecting Yourself on Public Hotspots When you’re using an unsecured wireless network, such as a hotspot in a hotel, cafe, airport or any other public location, you should take steps to make sure your sensitive information isn’t exposed: Secure Your Real-time Traffic * Use a VPN connection. * Make sure any services you use, such as POP3 and FTP, are secured if you are not using a VPN. * Don’t visit any private or sensitive Web site unless it’s secured (for example, implementing SSL) if you are not using a VPN. Prevent Others from Connecting to Your Laptop * Disable any sharing of files, folders and services. * Use personal firewall software. * Make sure your operating system is kept up to date. A VPN connection encrypts any data sent from your wireless adapter all the way to the VPN server and vice versa, therefore providing end-to-end encryption. Along with providing a great way to secure the data, this also enables access to the remote network hosting via VPN server, which is often used in businesses. If you aren’t provided with a VPN connection by your employer, you can either set up your own server, for example using Windows XP, or use a subscription-based, hosted service such as JiWire’s SpotLock. |