Maintain your old Siemens Hipath system

Security Risks and Ways to Decrease Vulnerabilities in a 802.11b Wireless Environment


This document explains topics relating to wireless networks. The main topics discussed include, what type of vulnerabilities exist today in 802.11 networks and ways that you can help prevent these vulnerabilities from happening. Wireless networks have not been around for many years. Federal Express has been using a type of wireless networks, common to the 802.11 networks used today, but the general public has recently just started to use wireless networking technology. Because of weak security that exists in wireless networks, companies such as Best Buy have decided to postpone the roll-out of wireless technology. The United States Government has done likewise and is suspending the use of wireless until a more universal, secure solution is available.


What is Wireless?

Wireless LANs or Wi-Fi is a technology used to connect computers and devices together. Wireless LANs give persons more mobility and flexibility by allowing workers to stay connected to the Internet and to the network as they roam from one coverage area to another. This increases efficiency by allowing data to be entered and accessed on site.

Besides being very simple to install, WLANs are easy to understand and use. With few exceptions, everything to do with wired LANs applies to wireless LANs. They function like, and are commonly connected to, wired Ethernet networks.

The Wireless Ethernet Compatibility Alliance [WECA] is the industry organization that certifies 802.11 products that are deemed to meet a base standard of interoperability. The first family of products to be certified by WECA is that based on the 802.11b standard. This set of products is what we will be studying. Also more standards exist such as 802.11a and 802.11g.

The original 802.11 standard was published in 1999 and provides for data rates at up to 2 Mbps at 2.4 GHz, using either FHSS or DSSS. Since that time many task groups have been formed to create supplements and enhancements to the original 802.11 standard.

The 802.11b TG created a supplement to the original 802.11 standard, called 802.11b, which has become the industry standard for WLANs. It uses DSSS and provides data rates up to 11 Mbps at 2.4 Ghz. 802.11b will eventually be replaced by standards which have better QoS features, and better security.

Network Topology

There are two main topologies in wireless networks which can be configured:

Peer-to-peer (ad hoc mode) ? This configuration is identical to its wired counterpart, except without the wires. Two or more devices can talk to each other without an AP.

Client/Server (infrastructure networking) ? This configuration is identical to its wired counterpart, except without the wires. This is the most common wireless network used today, and what most of the concepts in this paper apply to.

Benefits of Wireless LANs

  • WLANs can be used to replace wired LANs, or as an extension of a wired infrastructure. It costs far less to deploy a wireless LAN than to deploy a wired one. A major cost of installing and modifying a wired network is the expense to run network and power cables, all in accordance with local building codes. Example of additional applications where the decision to deploy WLANs include:

  • Additions or moves of computers.

  • Installation of temporary networks

  • Installation of hard-to-wire locations

Wireless LANs give you more mobility and flexibility by allowing you to stay connected to the Internet and to the network as you roam.

Cons of Wireless LANs

Wireless LANs are a relatively new technology which has only been around since 1999. With any new technology, standards are always improving, but in the beginning are unreliable and insecure. Wired networks send traffic over a dedicated line that is physically private; WLANs send their traffic over shared space, airwaves. This introduces interference from other traffic and the need for additional security. Besides interference from other wireless LAN devices, the 2.4 GHz is also used by cordless phones and microwaves.

Security Issues of WLANs

  • War-driving

    War-driving is a process in which an individual uses a wireless device such as a laptop or PDA to drive around looking for wireless networks. Some people do this as a hobby and map out different wireless networks which they find. Other people, who can be considered hackers, will look for wireless networks and then break into the networks. If a wireless is not secure, it can be fairly easy to break into the network and obtain confidential information. Even with security, hackers can break the security and hack. One of the most prevalent tools used on PDAs and Microsoft windows devices is, Network Stumbler, which can be downloaded at Equipped with the software and device, a person can map out wireless access points if a GPS unit is attached. Adding an antenna to the wireless card increases the capabilities of Wi-Fi. More information can be found at: and to name a few.

  • War-chalking

    War-chalking is a method of marking wireless networks by using chalk most commonly. War-driving is usually the method used to search for networks, and then the person will mark the network with chalk that gives information about the network. Some of the information would include, what the network name is, whether the network has security, and possibly the contact information of who owns the network. If your wireless network is War-chalked and you don't realize it, your network can be used and/or broken into faster, because of information shown about your network.

Eavesdropping & Espionage

Because wireless communication is broadcast over radio waves, eavesdroppers who just listen over the airwaves can easily pick up unencrypted messages. These intruders put businesses at risk of exposing sensitive information to corporate espionage. Wireless LAN Security ? What Hackers Know That You Don't Copyright 2002

Internal Vulnerabilities

Within an organization network security can be compromised by ways such as, Rouge WLANs (or Rouge Aps), Insecure Network Configuration, and Accidental Associations to name a few.

Rouge Access Points ? An employee of an organization might hook up an access point without the permission or even knowledge of IT. This is simple to do, all a person has to do is plug an Access point or wireless router into an existing live LAN jack and they are on the network. One statistic in 2001 by Gartner said that, "at least 20 percent of enterprises already have rouge access points." Another type of attack would be if, someone from outside the organization, enters into the workplace and adds an Access Point by means of Social Engineering.

Insecure Network Configurations- Many companies think that if they are using a firewall or a technology such as VPN, they are automatically secure. This is not necessarily true because all security holes, big and small, can be exploited. Also if devices and technologies, such as VPNs, firewalls or routers, are mis-configured, the network can be compromised.

Accidental Associations ? This can happen if a wireless network is setup using the same SSID as your network and within range of your wireless device. You may accidentally associate with their network without your knowledge. Connecting to another wireless LAN can divulge passwords or sensitive document to anyone on the neighboring network. Wireless LAN Security ? What Hackers Know That You Don't Copyright 2002

Social Engineering ? Social Engineering is one of the most effective and scariest types of attacks that can be done. This type of attack really scares me and can be done for many other purposes besides compromising security in wireless networks. A scenario: Someone dressed up as a support person from Cisco enters the workplace. The secretary sees his fake credentials and lets him get pass the front desk. The impersonator walks from cubicle to cubicle, collecting user names and passwords as he/she goes. After finding a hidden corner, which seems to be lightly traveled, he plugs an insecure Access Point into the network. At the same time he configures the Access Point to not broadcast its SSID and modifies a few other settings to make it hard for the IT department to find this Rouge Access Point. He then leaves without ever being questioned by anyone because it looks like he just fits in. Now, all he has to do is be within 300 feet from the access point, (more if he added an antenna), and now has access to all kinds of secure documents and data. This can be a devastating blow to any corporation and could eventually lead to bankruptcy if the secrets of the company were revealed to competitors.

Bruce Schneier came to my classroom and said the following about Social Engineering, "Someone is just trying to do their job, and be nice. Someone takes advantage of that by targeting this human nature. Social Engineering is unsolvable."

Securing Wireless Networks

According to Bruce Schneier and others such as Kevin Mitnick, you can never have a totally secure computing environment. What is often suggested is to try and control the damage which can be done if security is breached. One can try many different tools on the market which can help prevent security breaches.

WEP ? WEP supports both 64 and 128-bit keys. Both are vulnerable, however, because the initialization vector is only 24-bits long in each case. Its RC4 algorithm, which is used securely in other implementations, such as SSL, is quite vulnerable in WEP. Http:// Wireless Insecurities By Dale Gardner. Different tools exist to break WEP keys, including AirSnort, which can be found at Although this method is not a secure solution, it can be used to help slowdown an attacker if other means are not possible financially or otherwise.

VPN and IPSec- IPSec VPNs let companies connect remote offices or wireless connections using the public Internet rather than expensive leased lines or a managed data service. Encryption and authentication systems protect the data as it crosses the public network, so companies don't have to sacrifice data privacy and integrity for lower costs. A lot of VPN's exist on the market today. An important note about VPNs is, interoperability does not really exist, and whatever you use for your server has to be the same brand as your clients most of the time. Some VPNs include:

  • Borderware

  • BroadConnex Networks

  • CheckPoint

  • Cisco

  • Computer Associates

DMZ ? Adding this to your network enables you to put your wireless network on an untrusted segment of your network.

Firewalls ? Firewalls are all over the place. Firewalls range from hardware to software versions. By adding a firewall between the wireless network and wired network helps prevent hackers from accessing your wired network. This paper doesn't go into specifics about different firewalls and how to set them up, but there are many. Some of the firewalls include:

  • ZoneAlarm (an inexpensive based software firewall)

  • Symantec has many different firewalls depending what you require.

PKI - Public-key infrastructure (PKI) is the combination of software, encryption technologies, and services that enables enterprises to protect the security of their communications and business transactions on the Internet. What is PKI?

Site Surveys ? Site Surveys involve using a software package and a wireless device to probe your network for Access Points and security risks.

Proactive Approaches

Since wireless technology is insecure, companies or anyone can take a proactive approach to try and identify hackers trying to gain access via wireless networks.

Honeypots ? are fake networks setup to try and lure in hackers. This enables administrators to find out more about what type of techniques hackers are using to gain access. One product is Mantrap created by Symantec.

"ManTrap has the unique ability to detect both host- and network-based attacks, providing hybrid detection in a single solution. No matter how an internal or external attacker tries to compromise the system, Symantec ManTrap's decoy sensors will deliver holistic detection and response and provide detailed information through its system of data collection modules."

I ntrusion Detection ? Intrusion Detection is software that monitors traffic on the network. It sounds out a warning if a hacker it trying to access the network. One such free product is Snort.

"Before we proceed, there are a few basic concepts you should understand about Snort. There are three main modes in which Snort can be configured: sniffer, packet logger, and network intrusion detection system. Sniffer mode simply reads the packets off of the network and displays them for you in a continuous stream on the console. Packet logger mode logs the packets to the disk. Network intrusion detection mode is the most complex and configurable configuration, allowing Snort to analyze network traffic for matches against a user defined rule set and perform several actions based upon what it sees."

Network Monitoring- Network Monitoring would be products such as snort that monitor the flow of traffic over the network.

Quick tips and tricks

  • When setting up wireless networks and access points there are a few quick steps that can be taken to immediately secure the network, even though it does not make it secure. Some of these ways include:

  • Change your default SSID: each router or access point comes with a default SSID. By changing this it can take longer for an attacker to know what type of device he is trying to hack.

  • Change the default password ? generic default passwords are assigned to access points and routers. Sometimes the password is admin. By changing this password, the attacker cannot modify settings on your router as easily.

  • Disable broadcasting SSID: By default AP's broadcast their SSIDs, if you shutoff this setting it is harder for outsiders to find your AP.

  • Enable MAC filtering: WARNING: this can only work in smaller environments where a centralized access list does not need to be maintained. You can enable only specific wireless cards to access the AP by only enabling those MAC addresses.

  • Turn off shares: If security is important, scanning for shares and turning off the shares on the network can help. Also encrypting sensitive data can prevent hackers from accessing the data.

  • Put your wireless access points in a hard to find and reach spot.

  • Keep your drivers on all wireless equipment updated. This helps patch existing security vulnerabilities.

  • Read current press releases about emerging wireless news.

About The Author

Richard J Johnson

Network+ Certified

RJ Computer Consulting

In The News:

UK arms sales to Saudi Arabia rise by two thirds
Thu, 18 Oct 2018 11:25:00 +0100
UK military sales to Saudi Arabia increased by two thirds in 2017 from 2016 - an increase of more than £450m, Sky News can reveal.

Alleged member of Khashoggi 'hit squad' seen at consulate
Thu, 18 Oct 2018 12:24:00 +0100
An alleged member of a hit squad was seen entering the building where journalist Jamal Khashoggi vanished hours before his disappearance.

UK and US pull out of Saudi summit over missing journalist
Thu, 18 Oct 2018 13:01:00 +0100
Dr Liam Fox has pulled out of a conference in Saudi Arabia, following the disappearance and alleged murder of dissident journalist Jamal Khashoggi.

Putin: Russia would use nuclear arms if under attack
Thu, 18 Oct 2018 15:01:00 +0100
Russia would use its nuclear weapons in response to an incoming missile attack, Vladimir Putin has said.

Trump threatens to send army to US-Mexico border
Thu, 18 Oct 2018 13:59:00 +0100
Donald Trump has threatened to deploy soldiers to the border with Mexico and close it off to stop the "large caravans" of migrants from Central America coming to the US.

Erfahrungen mit Pallhuber Wein
Agen Bola SBOBET Terpercaya

Travel in comfort and at your leisure with CT Airlink Limousine & Car Service for top quality private transportation and exceptional customer service. We operate Sedans, SUVs & Vans for CT Car Services to covering all Connecticut airports including Car Service from CT to Newark Airport , Mohegan Casino Uncasville CT, Foxwoods Casino Mashantucket CT, Manhattan Cruise Terminal NYC, Brooklyn Cruise Terminal NYC and Bayonne Cruise Terminal NJ. CT Airlink hire licensed and friendly chauffeurs who have in-depth knowledge of the Areas.

10 Solid Reasons To Make Your Next PC A Notebook

Notebook computers are becoming very popular. They seem to be... Read More

How To Choose The Best Student Laptop?

How To Choose the Best Student Laptop?Merchants are singing those... Read More

Printer Cartridge Economics -- Four Ways To Make Your Ink Last Longer

Printer cartridge overheads can be a major expense for any... Read More

Printer Ink Cartridges - The History

You are working at your computer and trying to print... Read More

A Guide to Refurbished IBM Laptops

IBM boasts a very large array of older and newer... Read More

Intel Celeron vs Pentium

The Celeron and Pentium Processors are two of Intel's best... Read More

How to Solve Multiple Paper Loading Problem in HP5L and HP6L Laser Printer

Have you ever encountered before the problem of having multiple... Read More

Understanding Transistor Data and Replacement

If, for some reason, you can't get an exact replacement... Read More

Video Encryption

What is Video Encryption?Video Encryption is an extremely useful method... Read More

A Look at Laser Toners

Laser toner is the ink for laser printers. It is... Read More

Learn How To Diagnose Power Supply Problems

The Power Supply convert's your regular household current into low... Read More

Rackmount Computer Keyboards

The other piece of vital equipment to accompany the rack... Read More

Alternatives to Tape Backup

You may ask, isn't tape an anachronism in the age... Read More

An Introduction to Tape Backup

If you run a small business, chances are you're saving... Read More

What is EEPROM ?

EEPROM stands for Electrical Erasable Programmable Read Only Memory and... Read More

RAID Disk Recovery

RAID is short for Redundant Array of Independent (or Inexpensive)... Read More

Selecting an Ink Jet printer?With Low Operating Cost

Printer technology has made tremendous advances in the past five... Read More

Expert Guide to DVD Camcorders

Thinking about a mini DVD camcorder? You're not alone, it's... Read More

Bluetooth Basics - Bluetooth Technology Tutorial

Bluetooth BasicsBluetooth technology is nothing new, but in many respects... Read More

Used Laptop Computer: Your Quick Purchase Inspection Guide ? Part 3

Used laptop computers are everywhere these days. How can you... Read More

Wireless Notebooks: What You Need To Know About Going Wireless!

It's not exactly breaking news that our world is becoming... Read More

The Printer Cartridge Review

Years ago computers were huge and their accompanying printers were... Read More

Getting A New Laptop At A Great Price

With all the wheeling and dealing that seems to take... Read More

Flash Your ATI Video Cards BIOS

Flash your ATI video card BIOS.You will need the following:1.... Read More

Getting The Proper Laptop Screen Size

Are you sick of viewing everything on that small screen... Read More