Wednesday, November 18, 2009

Wireless Security


Background

Wireless network (wireless LAN) currently used by more and more companies in support of the company's business processes. Increased implementation of wireless LAN networking technology can not be separated from many advantages offered by technology in this. Excess among flexibility offered, because to implement wireless LAN technology is not constrained topology problems / conditions. This technology can be applied in which Just to reach a good signal depends on the quality of the device wireless LAN is used. Along with the many users of technology wireless-based network, then the more the parties trying to do a "crime" of this network.


This can be seen from the number of software / tool that was created to take the offensive for both wireless networks was the kind of active attacks and passive types of attacks. Such software is usually distributed through the internet for free and There are also some who paid. Requiring a security method the right to address security issues for wirelessLAN network.

Wireless networks are vulnerable to attack, it is because network with this technology can not be confined by a building like that in cable-based network protected by a wall in a building cable-based network which is attached. Radio frequency signals used by the wireless network in the data transmission process in these networks can be easily accepted / in caught by user other than the user's computer wireless network is only with using a wireless network card compatible / fit with the network wireless is installed on the computer user's computer. Security holes in wireless networks can be divided into 2 (two) types of attack, namely: passive attacks and active attacks.

Passive Attack
Passive attack is a real type of attack does not endanger of a network system. This type of attack does not cause loss of resources in a network or causes damage to the a network of systems that were attacked using this type of attack. Source power contained in the system including a data network, bandwidth network, printer, memory in a computer processing unit (processor) and more. The point of this attack is only to observe the all the resources contained in a computer network system. like network traffic monitor a computer network system. Information resulting from these observations is very useful for those who do not reserves the right to conduct further attacks against the system. so that this type of attack is very difficult to detect by the manager of a computer network systems. Wireless network communications are usually used common radio frequency that is not listed that can be accessed by anyone with a compatible network card. so to This type of network is very easy to tap by using the technique of "sniffing" or "wardriving". We have a lot of "sniffer" using software such as NetStumbler in combination with each other antennas work together with the card wireless network (wireless) to detect the network "access points" (AP) which in range and the signal can be accessed wirelessly network card it. Then the data traffic is happening in the wireless network in captured by the "sniffer" for later in the analysis by using tools such as Microsoft Network Monitor to microsoft windows operating system or using TCPDump to Linux Linux operating system.

Programs such as NetStumbler but can be used to detect network access point located within range can also be used to displays the information on the Service set identifiers (SSID) and manufacturer information access point is. So if the Access Point remain in the configuration is still using the default SSID settings are included by the manufacturer when the access point is purchased, then the wireless network use the access point device is very susceptible to problems security.

If the SSID contains information about organizations that provide services wireless network or the network may not use security methods such as encryption by Wireless Equivalent Privacy (WEP) is capable of doing encryption of all data traffic that occur within the wireless network, if it happens the right network security it would be easy to pass by the parties who are not interested (unauthorized users). Once a "sniffer" managed to get the SSID information an access point, the "sniffer" that can take pictures of traffic in wireless network and open information about all the things in the network these, such as user name and password. When a sniffer successfully perform have observed and use the information obtained to entered into the network and accessing or using the resources within system without permission, then at this stage passive attacks (passive attack) turned into a kind of active attacks (active attack).

To protect wireless networks against computer programs that mengeteksi existence capable wireless network signal, then a manager wireless networks (administrator) to do the reconfiguration of all the basic configuration of the wireless network device if the configuration is still using a standard onfiguration / defaults provided by the vendor maker wireless network devices such as the device was first purchased. Among them is to implement a security system that is closed with how to configure an Access Point that can not respond connection requests (request) to the status of his SSID that is usually requested by programs such as NetStumbler. In this way an access point in a fixed wireless network can not be detected (invisible) by the parties not entitled to access the wireless network.

Currently most devices access point for wireless network very easy to its configuration in order to facilitate its users and using the network. But with all these facilities was has weaknesses, too. By prioritizing ease of configuration, then some makers access point vendors do not provide a touch of aspects security in the basic configuration provided on the access point they production. This is due to the configuration of security in a network access point device is quite complicated and must consider many aspects. So if the included network security into the basic configuration of access point devices must process is not easy longer and requires special skills of the user.
Here are some basic things that can be done to protect the network wireless passive attacks and active attacks:

1. Secure the wireless router or interface page Administrator Access Point.
Almost all routers and access points have the password for the administrator required at the time of login into the wireless device and to make configuration settings in the access point device. Most access point device using the default password is very simple and not safe. For example the password with the keyword "password" as well or use keyword company names, and some even do not has a password at all. In such cases, the first step performed by an administrator during the first setting wireless router to the device or access point is to change The default password on the device with another password more secure. Because this password is rarely used because to do configuration the access point device is usually very rarely done, then use a password that is easy to remember but difficult to guess or can also be a way to write these passwords are not easily forgotten but stored in a safe place if it is to passsword written so as not to forget. If finally the password is forgotten then satusatunya way is to reset the access device point is that all the onfiguration is returned to the default configuration as previously when the wireless device was first purchased from the vendor.

So the administrator must do the reconfiguration of the device to aspects of wireless security.
Here are a few tricks to create a relatively secure password:
• passwords do not use personal information such as name, date of born.
• passwords must be easy to remember but difficult to predict.
• use a different password to access the system different.
• change the password regularly to prevent attacks on password using the program "password cracking".
• if the password should be written and stored in a computer file because it is difficult to remember so keep a safe place and files is the encryption.

2. Do not Make Broadcast of SSID access point.
Most access points and routers automatically broadcast process for the network name, or SSID (Service Set Identifier). This setting is of course facilitate the wireless network settings on the client and create a device access point can be seen by all wireless network systems are included in coverage access point device is. So by activating SSID on the access point that allows all parties to detect presence of a network access point is either by the party entitled or by parties who are not entitled to access the network. This is of course can lead to security holes in wireless networks are. To securing the feature should disable SSID broadcast on the network so that wireless is to become invisible (invisible) by the other users who do not eligible and not enrolled in these wireless networks. For ordinary users this This can not be detected, but for a "sniffer" of course this does not influential because by using computer programs specific like NetStumbler the "sniffer" can still detect the presence of the device access point for the wireless network.

3. Security Features Enable WPA encryption instead of WEP.
Keamaanan features WEP encryption (Wired Equipment Privacy) which during the many applied to the access point device has been known to have many weakness that is relatively easy for someone to open the code encryption and access the wireless network using only appropriate device. A better way to protect wireless networks current is to use WPA (Wi-Fi Protected Access). WPA provides more security features and ease of its use, unlike the WEP limit the use of characters password only on the numbers 0-9 and letters from AF. Support for WPA have been included in the operating system Windows XP (with latest service packs)

and virtually on the latest wireless networking devices today and in operating system. The latest version of the current WPA WPA2 which is to be found on the latest wireless network devices today and provides a mechanism better encryption. But to use this feature may be WPA2 must download the latest patch on Windows XP operating system. Because feature This relatively new and not all Windows XP operating system supports use.

4. Use WEP than not using at all.
If you find that there are several wireless devices on the market today only supports WEP encryption key (usually found on the device non-PC based such as media players, PDAs, and DVR), then use this feature WEP encryption, although relatively safe than not at all and use keys that are difficult to predict.

5. Use filtering to control access to wireless networks with using MAC filtering.
Unlike the use of IP address, MAC address of a unique nature to distinguish between one network device to another one. So that the switch uses MAC filtering feature it can be limited access to the wireless network by only those MAC addresses his MAC address of each user in the wireless network must be known first 12 characters are the MAC address of each network devices that will connect to the access point device.

Of course this means a little uncomfortable and inflexible because of a administrator must register all MAC addresses for each user / client which will be connected into the network. If the number of client users wireless network is of course a lot of trouble a administratori network. We have had many programs including the category of "hacking tools" which can be used to make counterfeiting / "spoofing" the address MAC. Necessitating careful enough attention from an administrator wireless network to determine which MAC addresses are valid and which addresses MAC false. So with falsified / MAC address spoofing in accordance with MAC address listed in the wireless network is the is not entitled to enter and access these wireless networks.

6. Reducing the beam power wireless devices (access points).
This feature is not available in all wireless routers and access points, but there are some wireless devices that provide features for lower power wireless devices in the transmit signal so that the narrower the range of the signal. Although not always possible to make the process of setting appropriate to the size of the signal but this still managed to reduce the potential for gaps security on wireless network system and minimize the chance of outside parties systems that are not entitled to access the wireless network device.

7. Turn off the features / remote administration service.
Almost all wireless routers provide the device features to be managed remotely through the Internet. Ideally, the use of this feature when deciding on a specific IP address or to limit the reach the use of IP addresses that may access the router device. instead for the two activities mentioned above, this feature should be disabled. because the This feature will enable everyone in range signal wireless router device has the potential to discover and access these wireless router devices. So that always turn off this feature as a policies in the management of the router device in a wireless network. So that an administrator can not perform network management wirelessnya remotely via the Internet. This feature is usually disabled by default by the vendor making the router device when it was first purchased for security reasons. But it never hurts to check on a regular basis against this feature in a wireless network device if it is true been disabled or still active.

Conclusion
Wireless network is a computer network is very open and vulnerable the security hole. This is due to constituent components This network is physically very difficult to secure. In contrast to the network cable-based physical security for the secured easily and at control, wireless-based networks is very difficult to control. Transmitting frequency signals used by wireless device allows all parties can detect and access this network while using the compatible wireless receiver and the signal can reach. Today many all types of computer programs that can be used to perform attacks on wireless networks, both types of passive attacks that nature does not destroy and steal just to the type of information to active attacks that can damaging the system and use all the resources contained in the these wireless networks. Because the characteristics of wireless devices that are difficult to physically secured so security can only be done by using policies or use a computer program that usually provided by vendors such wireless device makers with only perform simple settings and easy.

Bibliography


  • CompTIA Security+, Part 1 – security concepts., www.comptia.net

  • Network Security Essentials., Stalling W., Prentice Hall., 2004

  • http://www.more.net –Network Auditing-, 2007

1 comments:

Information Security Company said...

Nice post!!!
Thanks for the great information ...

Post a Comment

Please leave your message here..