Wireless LAN Security

Noman Quadri (1604-09-735-168)

 Introduction Need of WLAN Advantages and Applications of WLAN WLAN security

 Wireless LANs based on the 802.11 standard are the

most likely candidate to become widely prevalent in corporate environments. Current 802.11b products operate at 2.4GHz, and deliver up to 11Mbps of bandwidth An upcoming version called 802.11a moves to a higher frequency range, and promises significantly faster speeds. This provides low cost, combined with strong performance and ease of deployment Many departments and individuals already use 802.11b, at home or at work But security management administrators do not yet

 A wireless LAN (WLAN) is a flexible data communication system

implemented as an extension to a wired LAN within a building or campus using electro magnetic waves.

Wireless LAN provides a new layer of flexibility and serves to

environments and to users that cannot serves by the traditional LAN.

Thus, WLANs combine data connectivity with user mobility.

 Over the past few years, wired LANs have lost their

In Wiring LANs, the roving users can be in direct Similarly, situation in which people have to move Wireless LANs can also move to higher power
around to various locations to perform their work are candidates for wireless LANs. plateaus, which will extend their distances from hundreds of feet to several tens of thousands of feet. two-way contact with the full resources of the enterprises information systems.

need and interest to wireless LAN s

 In wireless LANs the users or clients access the data The data is to be transferred in the form of
1.SPREAD SPECTRUM TECHNIQUE
Most wireless LAN systems use spread-spectrum technology
It provides secure , reliable and efficient.

or information from the server through the Access Point. Microwaves or Spread Spectrum or Infrared technique.

2. INFRARED TECHNOLOGY

Infrared (IR) systems use very high frequencies, just below

visible light in the electromagnetic spectrum, to carry data.

Like light , IR cannot penetrate opaque objects .

3.MICROWAVE TECHNOLOGY

Microwave WLANs use the frequencies in the 18 GHz to 24 GHz Long distance microwave towers can send their waves to
around 30 miles, depending upon the size of the tower.
range to encapsulate and transfer the LAN data packets .

Roaming Speed Cost Flexibility Fast setup Efficient Reliable

If any client in the wireless LAN want to

communicate with other clients or with the server the connection must be established . They are three types of connections:-

1. ONE - TO - ONE OPERATIONS 2. ONE -TO - MANY OPERATIONS 3. MANY - TO - MANY OPERATIONS

 Healthcare
The WLAN technology can help healthcare professionals such as: 1. Keep patient records current and accessible. 2. Maintain network connectivity for mobile, roaming staff. 3.Link departmental wired LANs in separate buildings to central facilities.

Education

WLAN can help educators and administrators meet a variety of education such as: 1.Low-cost campus area networks for access to local and

Internet services.

 Offices
With WLAN, people can done their work done and make the office infrastructure more efficient such as: 1.Reliable connectivity for individual workers and whole workgroups to networked applications and data from any office location. 2.Sales and services persons spend almost all their time out of the office. It is possible to connect them with officers.

 WLAN security Is the process of preventing unauthorized

access or damage to computers (damage data or damage application) using wireless network . WLAN vulnerabilities: 1- Weak device only authentication Client device are authenticated , user arent authenticated 2- Weak data encryption 3- No message integrity

WLAN threats 1- Unstructured threats : - It happened by hackers who arent technical , they use
simple tools to steal the passwords.

2- Structured threats: It happened by hackers who are more technical - They can know the network vulnerabilities then they can provide a script or a code or a program to use it in accessing to the network. 3- External threats: - It may be happened by a person or organized group from the outside of the network , they arent authorized to access to the network. 4- Internal threats : - It happened by a person who has the permission and authorized to access to the network from the internal employees , he can damage the network.

 Spy To gather information isnt allowed to be known Access - Unauthorized person access to the network ( doesnt have
any account ), he can access by guessing the password or he know that the password is weak.

DOS (Denial Of Service) - Disable or corrupts wireless network. - The more danger and is difficult to prevent.

 1-Provide a process to audit existing wireless security. 2- Provide a general frame work for implementing security. 3- Define behavior that is allowed and that isnt allowed . 4- Help determine which tools are needed for the
organization.

5- Help communication among a group of key decision

makers and define responsibilities of users and administrators.

6- Define a process for handling wireless breaches. 7- Create a basic for legal action

 On a wired network, authentication is implicitly provided by the

physical cable from the PC to the switch.

Authentication is the process to ensure that stations attempting

to associate with the network (AP) are allowed to do so.

802.11 specifies two types of authentication:

Open-system

Open System Authentication

The following steps occur when two devices use Open System
Authentication:
The station sends an authentication request to the access point. The access point authenticates the station. The station associates with the access point and joins the network.

The process is illustrated below.

2- Shared key authentication:

Require the client and the access point to have the same WEP
key.

Access Point (AP) using shared key authenticated send a

challenge text packet to the client .

If client has the wrong key or no key , it will fail (client fail)

 - WEP ( Wired Equivalent Privacy ) - IEEE 802.11 standard include WEP ( Wired Equivalent Privacy ) to
protect authorized user of WLAN from attack .

It Is a technology which encrypt the traffic on your network. When using WEP , both the wireless client and the access point must
have a matching WEP key.

WEP keys : First scheme : Set of up to four default key are shared by all station , so
when the keys are distributed over the stations , it is easy to be known by unauthorized person .

Second scheme : Each client establish a key mapping relationship with other station. This is more secure

 WPA has two modes : 1- Personal : For small installation ( single password). 2- Enterprise :
For large installation ( username , password).

End- to End Encryption Mean that all conversation is encrypted from your PC to the service
or the station you talking to.

SSL ( Secure Socket Layer) The most common , it makes private

conversation.

WLAN is widely used in various corporates and can be made secured and reliable by using various security techniques available.