Rogue Access Point Network Security - Term Paper Example

Rogue Access Point Network Security Introduction In the daily operations of organizations, firms are exposed to various vulnerabilities, particularly as a result of the engagement of activities through a network. In most occasions, firms have been known to use wide area and local area networks for communication purposes between it and the numerous mail and web servers that it interacts with. As such, it is essential to note that a control system’s security analysis requires the sealing of all possible means by which vulnerable activities of hackers and hacking may be expounded (Chen, Ji & Zhang, 2013). This implies that it is essential to determine the vulnerabilities that are associated with an organization’s control system networks through the seeking of understanding into operations and communication types that could be concomitant to the system. In this study, the main concern was the understanding of ways by which organizations network securities can be exposed to any form of network dangers, and the assessment of the security requirements and approach needed to fully comprehend and address the weaknesses of the network system’s access points. Consequently, the completion of this project is aimed at enabling the student to gain relevant practical knowledge on the aspects of network security requirements of an organization that are needed to harden the access points and prevent known network vulnerabilities. This shall be done with the core point of reference being the rogue access points (APs). Security Analysis and Implications of Rogue Access Points (APs) A rogue access point refers to a wireless access point mounted on a safe network without explicitly receiving authorization form the administrator of the local network. In another sense, the rogue access points may be created by hackers in the process of trying to gain access to the system’s components through the conduct of man-in-the-middle attacks. Rogue access points, whether wireless or otherwise have often posed great security threats to an organization. Considering that if the rogue access points are of the first kind, then the organization will be deemed to lose in the sense that due to its large employee capacity, anyone with a right of entry to the premises would have the capacity to maliciously or non-maliciously install inexpensive wireless routers that could be used to potentially allow for the access of secure networks of the organization to unauthorized locations/parties. If the rogue access point is of a second kind, then the target would be the organization’s network that don’t engage the client-server and server-client relationship (mutual authentication) that is required to safeguard the organization’s network systems. In this sense, this kind of rogue access point may be used in concurrence with the rogue RADIUS servers to target the organization’s servers, but based on the security configuration used by the firm. In this regard, the emphasis for this report is on the elaboration of the fact that rogue access points can be used to disrupt the operations of an organization’s wireless LAN if the authentic network clients are hijacked through the use of plain text, man-in-the-middle or denial-of-service attacks. The real threat for the organization is in the capturing of the sensitive information and data such as passwords and access codes to secure places within the organization by the hacker. The nature of the threat may be advanced supposing that the hackers chooses to transmit these codes through a series of clear-to-send (CTS) frames; hence, simulating the access points to inform a third party unauthorized wireless LAN client adapter to transmit the information, while commanding the other clients/servers to wait. To this extent, I would like to note that the notifiable rogue access points for this organization that should be brought to the attention of the senior management are in relation to the first and second kinds rogue access points. Particularly, the main access point may be on the free and easy access and pass given to employees to the server rooms. This can act as a serious point for advancing rogue activities in the organization given that no password of key codes are required of the employees in order to access the server rooms. Second, this report recognizes that the sharing of computers in the organization by the staff without segregation of the access paths and points may be a security threat point given that all the data is often transmitted via a single line of communication. This appears dangerous in that it can be easy for third parties with unauthorized access to such information to eavesdrop on the system’s transmission of information and use the same to their advantage, due to the reliance on one network channel (Chaouchi & Laurent-Maknavicius, 2013). In another context, it may be possible for an organization to lose information through the rogue access points to hackers by the use of inappropriate or weak firewall for their network. Or it could be that the firewalls that are in use are not properly configured or are out of date. With this, the security threat to the organization may be of the form that it is even possible for virus attacks to be enhanced into the system in a manner that would corrupt the system and hinder constructive application of the information contained therein. Identifiable Network Security Omissions Having noted that the rogue access points are unsecured gateways by which an organization’s data can be accessed, it is imperative to acknowledge the following network omissions that are likely to be encountered; hence, the formulation of the best mechanisms by which to cope up with the rogue access security threats. In the first instance, a network may be attacked based on the lack of network patches. A hacker or a rogue insider would only require to identify a missing patch in the network server that can permit it an unauthenticated command prompt into the web environs. The success in attaining this will be sufficient for exposing the network system to vulnerabilities. Therefore, as the management to the organization, it is essential that proper enforcements are ascertained during the network installation stages so as to ensure that all the patches are applied to the network and in the correct format (Shetty, Song & Ma, 2007). Subsequently, this error can be avoided by the network team and system administrators ensuring that they adopt good practices of updating the operating system and other software run by the network with their latest versions of security patches. Second, the use of weak or default passwords in the organization aid in fronting the rogue activities given that all employees in the organization are informed of these codes; thus, are able to misuse them granted opportunities (Beyah, Kangude, Yu, Strickland & Copeland, 2004). The observance of good network security practices requires that passwords be not used as part of the network security means as they even enhance the vulnerabilities of the network. Therefore, the management should ensure that reliance on passwords as forms of maintaining network security are avoided or if used, then minimal reliance put on such and appropriate security tests done on the weak passwords. Additionally, the organization should consider the use of password management tools as an implement to lock out network intruders by setting maximum number of login trials accepted in the system. Third, the organization is exposed to rogue access point vulnerabilities due to its usage of firewalls that are misconfigured. If the hacker is able to dig into a firewall rule base and find that it has never been analyzed, it would be catastrophic for the organization’s network given that weakness in the configurations will easily grant the rogue agent access into the system. To avoid this, the organization should review the security policy and implement strong firewall configurations. Fourth, the threat to the organization’s network can be boosted by the usage of mobile devices such as unencrypted laptops, phones and tablets that are always used in accessing web environment while within the organization’s premises. These gadgets are security threats in the sense that at times an employee may store cached passwords, VPN connections and email having sensitive organizational data, and when accessed from unsecured (rogue) Wi-Fi, chances of them being attacked and hacked are high. As a solution to this omission, the management should ensure that it acquires and implements a strict data management policy to be adhered to by all employees. Data encryption should also be made mandatory as part of the security policy so that personal gadgets are not allowed access to the main network client servers of the organizations or any unwarranted path (Shetty, Song & Ma, 2007). Finally, rogue access points to an organization’s network security system may be made vulnerable or enhanced into vulnerability through the use of USB flash drives. These gadgets, although liked by almost all employees and the management together, are dangerous as they can be easily used to infect a network from inside its firewall. To this regard, the management should set clear security policies that would define the usage of personal storage devices without having to use them to compromise the security situation of the organization’s network and control systems. Therefore, the safest way for the company to avoid network attacks and vulnerabilities, it would be essential that these security vulnerabilities are not overlooked. Instead, the management should ensure that it regularly oversees the performance of an in-depth scan of the network system so as to ensure that all things that relate to its web environment are adequately reviewed before being granted access. The network reality is that even in the case of wireless access points, it is key that precaution is taken regardless of the encryption being used since the wireless protocols are commonly known to contain network vulnerabilities. In remedying this situation, an organization should invest in ensuring that its WPA2 Enterprise only utilizes the recommended RADIUS and along with an access point that can perform authentication and enforce security measures (Chen, Ji & Zhang, 2013). References Beyah, R., Kangude, S., Yu, G., Strickland, B., & Copeland, J. (2004, December). Rogue access point detection using temporal traffic characteristics. In Global Telecommunications Conference, 2004. GLOBECOM04. IEEE (Vol. 4, pp. 2271-2275). IEEE. Chaouchi, H., & Laurent-Maknavicius, M. (2013). Wireless and Mobile Networks Security. New York, NY: John Wiley & Sons. Chen, L., Ji, J., & Zhang, Z. (2013). Wireless Network Security: Theories and Applications. Berlin, Heidelberg: Imprint: Springer. Shetty, S., Song, M., & Ma, L. (2007, October). Rogue access point detection by analyzing network traffic characteristics. In Military Communications Conference, 2007. MILCOM 2007. IEEE (pp. 1-7). IEEE. Read More