by April 12, 2002 0 comments

Though wireless technology has been around for a long time, it’s just entered the networking market. Setting up wireless devices is pretty easy since they seamlessly integrate with your existing network. However, security on wireless networks is still a much talked about issue, despite the various safeguards that are built in. Here, we’ll discuss some of the safeguards provided, how they can be compromised, and what you can do to tighten security. 

On guard, by default
802.11b, the main standard for wireless LANs has several safeguards built into it, but none of them are foolproof. 
ESSID. The first line of defense is the Extended Service Set ID. Think of this as the workgroup that one specifies on a Windows network. A person must know the ESSID before he can access the network. The wireless AP (Access Point) periodically broadcasts this ESSID, which makes it easy for anyone with a wireless node and packet capture utility to know about it. The best way to solve this issue is to disable the broadcast, since it serves no real purpose. 

Building a fortress

  • No matter what, always run WEP. Nearly all Wi-Fi devices support WEP, but have it disabled as a default option. Also, try buying products that offer 128-bit encryption instead of 64-bit.

  • Change the default SSID as many manufacturers might give the same SSID over their entire product range, and disable SSID broadcasting. 

  • If the access point allows you to, make a list of authorized MACs that should be offered access. 

  • One of the biggest dangers is having other wireless APs run without the administrator’s knowledge. No matter how secure your official network may be, if an employee connects an AP to the network without adequate precaution he’ll end up offering open access. Thus, the premises should be routinely scanned for unknown wireless networks.

  • Use Virtual Private Networks (VPNs). A firewall between the LAN and wireless network can be configured to pass only VPN traffic. This way, a wireless user can have all the wireless data encrypted through the VPN tunnel.

  • Even if you are unable to set up a VPN, use protocols that include their own encryption. Eg. SSL can be used to secure applications like POP3/IMAP or Web access.

  • Change your WEP keys and ESSIDs once every few weeks. 

WEP. WEP (Wired Equivalent Privacy) is an encryption scheme for wireless networks based on 64 or 128-bit RC4 stream cipher. Being a symmetric encryption algorithm, the same key is used to encrypt and decrypt data. It has been observed that WEP can be cracked in a matter of few hours using freely-available utilities on the Internet. 

Access lists. These are lists of MAC (Media Access Center) addresses of the wireless NICs (Network Interface Card) authorized to access your network. While the original idea behind MAC addresses was for each NIC to have its own unique MAC, nowadays almost all NICs are programmable to use any MAC address. Authorised MACs, like ESSIDs, can be sniffed out of the air.

Authentication. 802.11 provides two methods of authentication: open system and shared key. An open system lets any client authenticate as long as it conforms to any MAC rules that have been set. All authentications take place without any encryption. On the other hand, in a shared key system, both the client and the AP have a key that is used to encrypt/decrypt the authentication packets. Shared key requires WEP. When establishing a connection, the client requests authentication and is delivered some random text. The client then proceeds to encrypt the text using its own key, and transmits this data back to the AP. The AP then analyzes this data and verifies its validity using its own key. A connection is established if this data is validated, which happens only when both devices have the same key. 

Watch out for vandals
With most wireless APs, logging into a network (or sniffing/ tampering the data flowing over it) is as simple as tuning into a radio broadcast. Unfortunately, this claim is not as exaggerated as it sounds. This is so because while with wired networks one requires actual physical access to the medium over which the network is running, in the case of wireless networks there is no such medium. Thus, a hacker might very well sit in your parking lot with a laptop and wireless NIC, or even many blocks away with a directional antenna, and still use your network like any other user. Security measure like WEP can be
compromised by a competent individual given some time, and serve only as a mild deterrent. 

Another minor threat is the possibility of losing a wireless enabled-host since it will have all the necessary WEP keys and ESSID to access your network. 

Can wireless LANs hurt you?
Wireless networks use electromagnetic waves (radio frequencies) for data transmission. Radio waves cause motion of electrical charges in the atmosphere and convert energy into heat. This process is called ‘Thermal biological effect’ and can be dangerous if the body is exposed to high power radio waves for longer durations. Absorption of RF fields in body tissues is measured as SAR (Specific Absorption Rate) and is measured in Watts per Kilogram. A limit of 2 w/kg has been defined as the safe limit by most standards’ organizations. Human eye is extremely prone to RF waves and may act as a ‘heat sink’ if placed in front of RF sources. These thermal effects may cause eye cataracts. However, don’t get alarmed because all this may not happen at all to you as a user. Let’s see why.

War driving

A term derived from war-dialing (calling up telephone numbers sequentially looking for a modem signal), this refers to the act of driving around a city with a laptop, wireless NIC and sometimes high-gain antennas, with the sole purpose of finding wireless networks that will grant you access. From there on, the network can be used for any purpose ranging from harmless net surfing to stealing corporate secrets. 

You would have heard of possible health issues with cellular phones. Wireless LANs operate at much lower power than mobile phones and have shorter ranges of say 100-300 feet compared to several miles in case of mobile phones. Also, compared to cellular phones, these devices are not constantly connected. A typical wireless LAN operating in 2.4 GHz range works at around 100 mw when transmitting which is less then 1/1000th the power level of a microwave oven. Also, these waves fade rapidly as the distance increases, very little exposure is provided to people in a wireless LAN. 

There have been lots of discussions on these health issues through out the world but no scientific evidence is present to prove the ill effects of these waves on the human body. And most importantly, most of these devices adhere to specific emission limits that have been set and are regulated by different organizations like ANSI (American National Standards Institute), IEEE (Institute of Electrical and Electronics Engineers), FCC (Federal Communications Commission) and NCRP (National Council on Radiation Protection and Measurements). They recommend, as a precaution though, that users remain at least 2” from a wireless LAN PC card and 8” from a base station.

Anuj Jain and Ankur Saxena

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.