Foundation of wireless security

wireless spectrum

Continuum of electromagnetic waves

- Data, voice communication
- Arranged by frequencies which is from lowest to highest frequency

Spans 9 KHz and 300 GHz

signal propagation

LOS (line-of-sight)

Signal travels in straight line
• Directly from transmitter to receiver

obstacle effect signal travel, signal may

Pass through them
– Be absorbed into them
– Be subject to three phenomena
• Reflection: bounce back to source
• Diffraction: splits into secondary waves
• Scattering: diffusion in multiple different directions

Signal degradation

Fading

Variation in signal strength
• Electromagnetic energy scattered, reflected, diffracted

Attenuation

Signal weakens
• Moving away from transmission antenna
Correcting signal attenuation
• Amplify (analog), repeat (digital)
Noise

Noise

Significant problem
• No wireless conduit, shielding

WLAN (Wireless LAN) Architecture

Ad hoc WLAN

Wireless nodes transmit directly to each other
– Use wireless NICs
• No intervening connectivity device
– Poor performance
• Many spread out users, obstacles block signals

Wireless access point (WAP)

Accepts wireless signals from multiple nodes
• Retransmits signals to network
– Base stations, wireless routers, wireless gateways

Infrastructure WLAN

Stations communicate with access point
• Not directly with each other
Access point requires sufficient power, strategic
placement

WLAN may include several access points

Dependent upon number of stations
– Maximum number varies: 10-100

What attacker can do?

- Steal personal data
- View wireless transmissions
- With freely available wireless packet sniffer
- Inject malware
- Download harmful content
- Cause loss of equipment
- Cause violation of an ISP agreement
- Identify “weak link” users

Wireless in our world

bussiness

“Flatter” organizations
Business
– Employees are involved in team meetings that occur
away from their desks
• Wireless technology
– Has dramatically changed how and where business
meetings take place
• Has made the meetings more focused and productive
• Wireless LANs benefits
– Increased productivity, time/financial savings
Voice over wireless LAN (VoWLAN)
– Emerging wireless technology
– Uses the existing data WLAN to make and receive
telephone calls
– VoWLAN devices can forward business calls to their
mobile phones during regular business hours

travel

Travel industry is a leader in adopting wireless
technologies
– Most airports provide wireless access hotspots
– Some airports use wireless technology to keep track
of passenger luggage
• Wireless PDAs now replace walkie-talkies
• WLAN technology is used to communicate with the
aircraft
– Once it has parked or is taxiing on the ground
• WLAN technologies are not restricted to airplanes

education

WLANs are ideal for colleges and schools
• Educational institutions were early users of WLANs
• Wireless LAN connections offer teachers and
students an important degree of freedom
– Teachers create classroom presentations on laptops
– Can access the school network wirelessly from
almost any location
• Most schools publish maps showing the location of
wireless access points
CWSP Guide to Wireless Security 17

health care

The health care industry has embraced wireless
technology to improve patient care
Wireless LAN point-of-care computer systems
– Allow medical staff to access and update patient
records immediately
– Verify that medication is being administered to the
correct patient in the correct dosage

Wireless Advantages & disadvantages

Advantages

Mobility
– Primary advantage of wireless technology
– Enables individuals to use a laptop computer that is
always in contact with the network

Easier and less expensive installation
– Installing network cabling can be expensive
– Significant time required to install network cabling
– Wireless technologies allow creation of an office in a
space where the traditional infrastructure doesn’t exist

Increased reliability
– Wireless LAN technology eliminates cable failures and
increases the overall reliability of the network

Disaster recovery
– Hot site has all the equipment needed for an
organization to continue running

Generally run by a commercial disaster recovery service
– Cold site provides office space but the customer must
provide and install all the equipment
– Many businesses use cold sites and WLANs as a major
piece of their disaster recovery plan

Disadvantages

Radio frequency interference
– Signals from other devices can disrupt wireless

Health risks
– High levels of RF can produce biological damage
through heating effects
– It is not known if or to what extent lower levels of RF
might cause adverse health effects

Security
– Greatest disadvantage to wireless LANs
– Attacks on wireless networks: denial-of-service,
stealing passwords, altering messages


What is information security

Information security protects devices that store,
manipulate, and transmit the information

Information security is achieved through a combination
of three entities
– Innermost layer consists of the products that provide the
necessary security
– Middle layer is people
– Outmost layer consists of procedures

Factor that make security increasingly difficult

– Speed of attacks
– Sophistication of attacks
– Attackers now detect weaknesses faster
– Distributed attacks
– User confusion