The wireless communication system through which workstations and computers exchange data with each other is called wireless network. In this network radio waves are used as the transmission medium. Wireless network gives freedom to move from one place to another with mobiles, laptops etc. without the loss of network connectivity and without any need of wires. Wireless network can be used many areas like universities, hospitals, banks, shops, organizations, airports, coffee shops etc, therefore the need arises to protect the wireless network from any unauthorized access. Various security protocols have been defined like WEP, 802.1x standard, WPA and WPA2. Since in wireless network, transmission is through air, attackers get an opportunity to intercept the information. Therefore, it is important to know various security protocols that can be used to protect wireless network. In this paper, we examine the concept of wireless security and various wireless security protocols and tools that are used in order to protect wireless network.
A network that uses radio waves for connecting the devices like smart phones, laptops etc. to the internet or to the business network and other applications is called wireless network. Wi-Fi hotspots can be provided anywhere at hotel, homes, café, airport lounges and other public places. Wireless networks are beneficial as the complicated and costly process of introducing cables into the building is avoided and the network resources can be accessed from any location within the coverage area of the wireless networks. Wireless networks provide freedom of movement and the applications can be extended to different parts of the city nearby. Since wireless network reduces wiring costs, they are less costly than wired networks. Wireless networks also provide robust security protections.
Wireless Security Protocols
Prevention of any unauthorized damage or access to the wireless network’s resources is called wireless security. In order to protect the wireless network, various wireless security protocols have been developed. In addition to providing protection from unauthorized access to the network, wireless security protocols also provide encryption of the private data when sent over the airways. Wireless network is subjected to various threats and vulnerabilities and wireless security protocols help in preventing the network against such security issues. Most common types of wireless security protocols that are supported by the security routers are as follows:
WEP Encryption: Wired equivalent privacy (WEP) was the first security solutions for the wireless networks that used the pre-shared key to connect to the wireless network. In this encryption method, both the wireless station and the router should be configured with the same WEP key. This method is generally not much recommended as the password can be cracked easily with the easily available software tools and the laptop. There are many security flaws with WEP, it can be broken easily and it is difficult to configure.
802.1x EAP: A wireless client is authenticated to the network by using the layer 2 protocol called Extensible authentication protocol. In this protocol, the authentication information (like digital certificate or username and password) is encapsulated and RADIUS protocol defines how the information can move in the network by packetizing the EAP information.
WPA (Wi-Fi Protected Access): This security method was designed as the temporary security method that could provide the use of 802.1x and certain enhancements in the WEP method until 802.11i standard was available. In this solution, a pre-shared key is used to authenticate the user and the same key is configured on the Access points and the client. The authentication server is not necessarily needed in this protocol as it is required in 802.1x standard. The authentication encryption key is periodically changed by the PA-personal which is called rekeying. WPA is best recommended for small networks as wireless data can be encrypted and authenticated.
WPA2: WPA2 is IEEE 802.11i implementation. Instead of using the weak cipher method RC4 used by WEP and WPA, this security method uses much more secured ciphering standard, AES (advanced encryption standard) with CCMP algorithm. The AES encryption method along with CBC-MAC algorithm helps in providing both stronger confidentiality and integrity of the message than WPA and WEP protocols security methods. When the wireless network is using WPA2 security methods, the Zone Alarm restricts the access to the wireless network.
Network Security and Management tools
Wi-Fi networks are subjected to various vulnerabilities; there are various tools and techniques that can be used for penetration testing and protect against threats to the wireless network. Some of the Network Security tools are:
Stumblers and Sniffers: Kismet: this is an open source Wi-Fi packet sniffer and stumbler tool that can show the Access point details and SSID of the hidden network. It can run on Linux, Windows, and Mac OS X. raw wireless packets can also be captured by this tool, which can later on by analyzed in the Wireshark tool.
Wi-Fi Analyzer: Access points on the Android based tablets or smart phones can be found with the help of free application of Android called Wi-Fi Analyzer. The graph of the signals showing usage rating, history and channel can also be shown on this analyzer.
Aircrack: Aircrack is the tool that can be used for WPA and 802.11 WEP cracking. It gathers enough encrypted packets and then uses the best cracking algorithms known to recover wireless keys. It can also be downloaded as Live CD and VMware image.
NetStumbler: Open wireless access points can be best found with the help of best-known windows based tool called NetStumbler. It is an active sniffer and uses an active approach to find Wi-Fi Access points as compared to other passive sniffers like Kismet or KisMAC.
inSSIDer: It is the Android, Windows and OS X based scanner for wireless networks. All the limitations of NetStumbler like not working on Windows Vista and Windows 64 are overcome by this tool. This tool is very helpful in saving logs with GPS records, signal strength can be tracked over time, and wireless access points that are open can be found easily.
Methods of Implementing Firewalls and IDS Systems
Intrusion detection system (IDS) is used in computer security for monitoring network activities and computer and analyzing these events to verify the signs of intrusion into the system. An IDS is a passive-monitoring system since it only warns of the suspicious activity and does not prevent them. Network-based and Host-based Intrusion detection systems are the two types of IDS system. N-IDS detector analyses all outgoing and incoming traffic through the network passively and generates alarms when the end of the packet is detected dangerous. H-IDS detector is installed on the local host and analyzes the traffic to that host and identifies any intrusion attempts. The location of the IDS system can be done at three possible positions:
Downstream: The IDS system is placed before the firewall in this position, and it can detect the intrusions from outside, but the attacks on the internal network are not detected.
Upstream: The IDS system is placed beyond the firewall and detects the attacks coming from outside in this position, but a large number of alerts may not be detected by the firewall.
Before the DMZ: In this position, the intrusions are not filtered by the firewall and are detected by the IDS, but the internal network is prone to intrusions.
Implementation of IDS: First of all, the antivirus internet security which has in built IDS system is installed on the central server which gives updates to all the client computers connected to the network. Secondly, an intrusion detection SNORT as an alert node is installed on networks’ different zones to check all the intrusion attempts. If the intrusion attempts have already been blocked by the firewall, SNORT does nothing and an intrusion attempt is logged into the log file. Thus, intrusion detection on all the zones of the network and all connected computers is provided by this facility. The figure below shows how nodes are installed in the network:
Figure 1 Positioning of nodes
Network Security Design for a Small Company
The WLAN can be protected from internet threats through a DMZ. Wireless Access points are less trusted entities and should be placed within a DMZ or outside the firewall but not inside the firewall. The list of MAC addresses needed to be allowed or blocked should be configured on the Access points. IEEE 802.11 can apply the EAP protocol to LAN to prevent any unauthorized access to the Network. An example of Network security topology can be designed for a company is displayed in the figure2 below. In this three topologies are indicated: i) when smart access points are used with integrated VPN functionality, data is tunneled over air link only from station to the AP. ii) When APs do not serve as VPN gateway, data is sent from stations to the VPN gateway at the edge of the wired network which can be served by either traditional VPN firewall or VPN enabled wireless gateways.
Figure 2 Network Security Design
Network Administration tools
Various Network Administration tools that are used are as follows:
Microsoft Network Monitor: It is a packet analyzer tool that is used for viewing, capturing and analyzing the traffic flow from the network. The tool is very useful for troubleshooting of various network problems and applications in the network.
Nagios: In order to ensure that critical services, applications, and systems are always working in the network, a very powerful monitoring tool is available i.e. Nagios. It consists of a basic web GUI and a core monitoring engine that allows monitoring metrics, services, and applications. The tool also has add-ons for graphs, data visualization, and load distribution.
Advanced IP Scanner: This scanner can detect any network device like the router, printer, computer, laptop or mobile on the network. It is very easy to use and faster than other scanners. It can be connected to the remote machine through FTP, HTTP and shared folders.
Fiddler: Fiddler is an important debugging tool for HTTP traffic which gives important information for HTTP traffic. The HTTP traffic between the internet and the personal computer can be captured easily by this tool. It also analyzes the outgoing and incoming data to modify responses and requests. On launching this tool, the HTTP traffic is captured automatically.
The Dude: It is a network monitoring tool that can scan all the devices on a given network, monitor the devices and can raise the alarm when there is a problem in the network. This tool can also draw and layout full plan of the network.
Xirrus Wi-Fi Inspector: Searching of Wi-Fi networks, locating Wi-Fi devices, verifying coverage of Wi-Fi devices, detection of access points that are rogue, troubleshooting and managing connections can be done with the help of network monitoring tool called Xirrus Wi-FI Inspector. It is available with built-in –connection and speed tests.
Thus wireless networks are widely used for connecting devices like computer, laptop, smart phones, tablets and other applications to the internet network. Wireless networks offer a lot of advantages as compared to traditional wired network. With the help of wireless networks, people can be mobile and can still be in connection to the internet which helps in accessing the data at anytime. Robust security measures should be adopted in order to prevent any unauthorized access to the wireless network and thus taking maximum profit from the same.
Beasley, J. S., & Nilkaew, P. (2012). Networking Essentials. Indiana: Pearson Education.
Bensky, A., Bradley, T., & Hurley, C. (2009). Wireless Security-Know it all. Burlington: Elsevier.
Geier, E. (2012, 4 20). Network World. Retrieved from networkworld.com: http://www.networkworld.com/article/2289470/wi-fi/wi-fi-15-free-or-almost-free-wi-fi-security-testing-tools.html#slide11
IJCSI.org. (2012). Implementation of an Intrusion Detection System. IJCSI International Journal of Computer Science Issues , 420-424.
Tabona, A. (2015, May 15). The Top 20 Free Network Monitoring and Analysis Tools for Sys Admins. Retrieved from www.gfi.com: http://www.gfi.com/blog/the-top-20-free-network-monitoring-and-analysis-tools-for-sys-admins/
techtarget.com. (2015). WLAN security: Best practices for wireless network security. Retrieved from http://searchsecurity.techtarget.com: http://searchsecurity.techtarget.com/WLAN-security-Best-practices-for-wireless-network-security