Foundation of wireless security
wireless spectrum
Continuum of electromagnetic waves
- Data, voice communication
- Arranged by frequencies which is from lowest to highest frequency
Spans 9 KHz and 300 GHz
signal propagation
LOS (line-of-sight)
Signal travels in straight line
• Directly from transmitter to receiver
obstacle effect signal travel, signal may
Pass through them
– Be absorbed into them
– Be subject to three phenomena
• Reflection: bounce back to source
• Diffraction: splits into secondary waves
• Scattering: diffusion in multiple different directions
Signal degradation
Fading
Variation in signal strength
• Electromagnetic energy scattered, reflected, diffracted
Attenuation
Signal weakens
• Moving away from transmission antenna
Correcting signal attenuation
• Amplify (analog), repeat (digital)
Noise
Noise
Significant problem
• No wireless conduit, shielding
WLAN (Wireless LAN) Architecture
Ad hoc WLAN
Wireless nodes transmit directly to each other
– Use wireless NICs
• No intervening connectivity device
– Poor performance
• Many spread out users, obstacles block signals
Wireless access point (WAP)
Accepts wireless signals from multiple nodes
• Retransmits signals to network
– Base stations, wireless routers, wireless gateways
Infrastructure WLAN
Stations communicate with access point
• Not directly with each other
Access point requires sufficient power, strategic
placement
WLAN may include several access points
Dependent upon number of stations
– Maximum number varies: 10-100
What attacker can do?
- Steal personal data
- View wireless transmissions
- With freely available wireless packet sniffer
- Inject malware
- Download harmful content
- Cause loss of equipment
- Cause violation of an ISP agreement
- Identify “weak link” users
Wireless in our world
bussiness
“Flatter” organizations
Business
– Employees are involved in team meetings that occur
away from their desks
• Wireless technology
– Has dramatically changed how and where business
meetings take place
• Has made the meetings more focused and productive
• Wireless LANs benefits
– Increased productivity, time/financial savings
Voice over wireless LAN (VoWLAN)
– Emerging wireless technology
– Uses the existing data WLAN to make and receive
telephone calls
– VoWLAN devices can forward business calls to their
mobile phones during regular business hours
travel
Travel industry is a leader in adopting wireless
technologies
– Most airports provide wireless access hotspots
– Some airports use wireless technology to keep track
of passenger luggage
• Wireless PDAs now replace walkie-talkies
• WLAN technology is used to communicate with the
aircraft
– Once it has parked or is taxiing on the ground
• WLAN technologies are not restricted to airplanes
education
WLANs are ideal for colleges and schools
• Educational institutions were early users of WLANs
• Wireless LAN connections offer teachers and
students an important degree of freedom
– Teachers create classroom presentations on laptops
– Can access the school network wirelessly from
almost any location
• Most schools publish maps showing the location of
wireless access points
CWSP Guide to Wireless Security 17
health care
The health care industry has embraced wireless
technology to improve patient care
Wireless LAN point-of-care computer systems
– Allow medical staff to access and update patient
records immediately
– Verify that medication is being administered to the
correct patient in the correct dosage
Wireless Advantages & disadvantages
Advantages
Mobility
– Primary advantage of wireless technology
– Enables individuals to use a laptop computer that is
always in contact with the network
Easier and less expensive installation
– Installing network cabling can be expensive
– Significant time required to install network cabling
– Wireless technologies allow creation of an office in a
space where the traditional infrastructure doesn’t exist
Increased reliability
– Wireless LAN technology eliminates cable failures and
increases the overall reliability of the network
Disaster recovery
– Hot site has all the equipment needed for an
organization to continue running
Generally run by a commercial disaster recovery service
– Cold site provides office space but the customer must
provide and install all the equipment
– Many businesses use cold sites and WLANs as a major
piece of their disaster recovery plan
Disadvantages
Radio frequency interference
– Signals from other devices can disrupt wireless
Health risks
– High levels of RF can produce biological damage
through heating effects
– It is not known if or to what extent lower levels of RF
might cause adverse health effects
Security
– Greatest disadvantage to wireless LANs
– Attacks on wireless networks: denial-of-service,
stealing passwords, altering messages
What is information security
Information security protects devices that store,
manipulate, and transmit the information
Information security is achieved through a combination
of three entities
– Innermost layer consists of the products that provide the
necessary security
– Middle layer is people
– Outmost layer consists of procedures
Factor that make security increasingly difficult
– Speed of attacks
– Sophistication of attacks
– Attackers now detect weaknesses faster
– Distributed attacks
– User confusion