A Wireless network is usually called as Wifi or WLan. The main advantages of Wireless Networks are that users are not bound to areas to plug into a Wall jack to connect to network and also it reduces the cost of cable used in Wired Networks.
The main disadvantage apart from network performance is lack of security. The wireless networks can be
easily compromised if they are not properly configured.
Basic Terminology
Service Set Identifier(SSID) :It is an alphanumeric string that differentiates the wireless networks .It can be
maximum of 32bit. There can be more than one network in a certain range or on a same channel, SSID
differentiates one from another. Simply it is the name of a network.
Wireless Access Point (WAP)
It is the point from where wireless network signals are generated. WAP is a device that receives radio signals from computers in network and send them to router.
Basic Service Set Identifier(BSSID)
Beacons :
What is Wireless Equivalent Privacy (WEP)?
WEP is an encryption scheme used to encrypt the WiFi data streams. WEP encryption uses a 64bit or 128bit key.
A WEP uses the combination of an encryption key and Initialization Vector (IV). IV is any 24bit random number and is attached to encryption key to make it difficult to crack.64bit WEP encryption uses a 40bit key and 24 bit IV. Similary 128bit WEP encryption uses a 104 bit key and 24bit IV.
2. Privacy
The WEP key can be easily cracked by an attacker because size of IV that is 24bit is very short.The vulnerability in WEP is that an IV which is randomly generated is repeated after certain number of packets as it is short (24bit) and less number of combinations are possible.
Due to this insecurity, Wi-Fi Protected Access(WPA) and WPA2 security protocols were released. They provide more security by generating complex and dynamic keys which are hard to crack. The method of creating IVs and encryption keys was improved. WEP,WPA,WPA2 are secure in increasing order.
Basic Security Measures for Wireless Networks :
1. MAC filtering- The MAC address is theoretically a unique 48bit address by which a network device is
recognised. The administrator might let the only the particular clients to connect to network by checking whether their MAC address is present in the list of registered MAC addresses or not.
2.Hiding SSID
3. Using encryption Keys
4. Intrusion Detection Systems(IDS)
Aneesh M Makker is the owner of www.explorehacking.com, He has written several guest post on this blog.
0 comments:
Post a Comment