Wlan Security

In: Computers and Technology

Submitted By RLBRANDT66
Words 504
Pages 3
Two ways to secure a WLAN, and the ramification if the WLAN is breached.
Sebastian Bach

Two ways to secure a WLAN, and the ramification if the WLAN is breached.

There is an added vulnerability when securing a WLAN than there is with a LAN. The multitude of packets floating around going from one or more access points to a variety of electronic devices can be a tempting arena for those wanting to gain illicit access. There are several ways to increase the security level of a WLAN. The most basic of these would be a router with an integrated firewall. This is almost exclusively found in residential settings. Keeping to the same architecture, firewalls can be quite complex in their modus operandi. Where basic firewalls work on the first three or four layers of the OSI model, the more complex firewalls operate on all seven levels of the OSI model. Often times accompanying these higher end firewalls, there is what is known as a bastion. A bastion is located on the public side of the firewall and acts as bait for would be attackers. The thought behind a bastion is to get the would-be attackers to go there, thinking they have accessed the protected network. Bastions are completely unguarded to make this process easier. Another method of making a WLAN secure is to encrypt data that is on the network. If this is done, the users will authenticated, which will yet again further strengthen the WLAN. For this it is recommended to utilize either WPA or WPA 2 wireless encryption. In conjunction to the encryption, use VLAN or MAC address control lists, to further increase the level of difficulty for the hackers. If the security needs of an organization are such that they require these measures in their security plan, then it is almost certain that all communications, e-mails, files copied, files altered, files downloaded, and files accessed are recorded.

Similar Documents

How to Plan for Security

...How to Plan for Security i). Statement of Policy This policy statement seeks to address the optimum and responsible use of the wireless local area network WLAN facility available at the university in relation to specific network security issues. The issue of concern in this policy is the promotion of responsible use of the WLAN facility among the university’s student and workers. The strategy aims at preventing security problems that may arise from the misuse and malicious exploitation of the facility by people granted approval to access the university’s WLAN information systems. a) Scope and Applicability The scope of this policy statement covers the hardware, software and access protocols associated with the WLAN use by students and workers at the university. The policies adopted will seek to regulate access permissions for the users of the WLAN facility and to promote responsible use in line with policies outlined in this policy document and by industry standards and legal requirements of use. b) Definition of Technology Address The WAN is available for use by the students and workers within the university. The WLAN facility provides access to information systems meant to facilitate the learning and worker needs by providing information access and software platforms. c) Responsibilities The administration and management of the WLAN facility is the responsibility of appointed network administrators at the university’s faculty of Information and Communication Technology. The...

Words: 1907 - Pages: 8

Projekt Sieci Lan I Wlan Dla Hotelu

...działania 2.2 Zalety i wady 2.3 Topologie WLAN 1.4 Główne standardy w sieciach bezprzewodowych 2. Zabezpieczenia wykorzystywane w sieciach komputerowych 3.4 Protokoły szyfrowania 3.5 Usługi ochronne 3. Urządzenia 4.6 Hosty 4.7 Serwery 4.8 Oprogramowanie 4.9 Sprzęt sieciowy 4.10 Anteny 4. Projekt sieci bezprzewodowej dla budynku hotelowego 5.11 Projekt logiczny sieci 5.12 Plan budynku (hotelu) 5.13 Stacje robocze, komputery przenośne, drukarki. 5.14 Konfiguracja serwera sieciowego 5.15 Analiza bezpieczeństwa 5.16 Kosztorys 5. Podsumowanie 6. Literatura WSTĘP Sieć komputerową możemy najogólniej zdefiniować jako zbiór urządzeń elektronicznych połączonych ze sobą w sposób umożliwiający im wymianę informacji o różnym przeznaczeniu i formacie oraz pozwalający na dzielenie sie rozmaitymi zasobami. Przykłady urządzeń sieciowych: - komputer, laptop - serwer - drukarka - router, most (bridge), brama (gateway) - przełącznik (switch) i koncentrator (hub) Zasoby współdzielone przez urządzenia sieciowe i ich użytkowników można rozumieć wielopłaszczyznowo, miedzy innymi jako: - sprzęt, np. drukarki i skanery - pojedyncze pliki lub ich zbiory - programy - bazy danych plików i użytkowników - moc obliczeniowa - przestrzeń dyskowa Bezprzewodowa sieć lokalna WLAN (Wireless Local Area Network) W ciągu kilku ostatnich lat......

Words: 752 - Pages: 4


...Having a secure WLAN is very important, I would even go to say more important than a normal LAN. One way to secure a WLAN is to use encryption. This uses a key that will encrypt and decrypt data on the WLAN so only people what the key would be able to connect to the network. The encryption needs to be strong or a sniffer will crack the key so using a WPA2 would be best. Another way would be to simple change the SSID or ESSID. The reason this is a good way to secure a WLAN is because in most cases if you didn’t change the SSID a hack would think that you didn’t do anything to your network, making it easier to hack. “Though knowing the SSID does not allow anyone to break into your network, it usually indicates that the person hasn't taken any steps to protect their network, thus these networks are the most common targets” ("How to secure," 2007). The ramification of your WLAN being breached could be many things. The first thing I can think of is data theft and by that personal or secret information if someone can get on your WLAN. Also they could be trying to disrupt your network to cause damage or just want to ride on your wireless to gain access to the Internet. I think that stolen information would be the biggest threat. Reference: How to secure a wlan. (2007, February 15). Retrieved from http://www.comparebusinessproducts.com/briefs/secure-wireless-lan...

Words: 254 - Pages: 2

Wlan Security

...WLAN Security First of all I want to talk about WPA. There are two types of WPA authentication: WPA and WPA2. WPA is designed to work with all wireless network adapters, but it might not work with older routers or access points. WPA2 is more secure than WPA, but it will not work with some older network adapters. WPA is designed to be used with an 802.1X authentication server, which distributes different keys to each user. This is referred to as WPA-Enterprise orWPA2-Enterprise. It can also be used in a pre-shared key (PSK) mode, where every user is given the same passphrase. This is referred to as WPA-Personal or WPA2-Personal. The third type of security is WEP. WEP is an older network security method that's still available to support older devices, but it's no longer recommended. When you enable WEP, you set up a network security key. This key encrypts the information that one computer sends to another computer across your network. However, WEP security is relatively easy to crack, and I recommend using WPA2, if possible. WPA or WPA2 are more secure. Stating that above I recommend using WPA2 for everything Sure maybe WPA2 isn’t the “best” option for home use but it’s better to be safe than sorry. Next are the security features other than encryption that can be used on wireless LANs. I suggest changing the default network name. When you set up your network equipment, change the default name to make it more difficult for hackers to find. Do not choose a name that is......

Words: 501 - Pages: 3

Network Security

...108 Lab #8 | Design a Layered Security Strategy for an IP Network Infrastructure Lab #8 – aSSESSmENT WORkSHEET Design a Layered Security Strategy for an IP Network Infrastructure Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you designed a layered security strategy, similar to the seven domains of a typical IT infrastructure, for the Cisco Mock IT infrastructure shown in Figure 8.2. You based your design on a set of functional and technical requirements. You also provided a written functional overview and description of how your security strategy meets the defined requirements. Lab Assessment Questions & Answers 1. Explain why a layered security strategy helps mitigate risk and threats both external and internal. 2. Why is it a good idea to put shared servers and services on a DMZ when both internal and external users need access? Assessment Worksheet 3. What recommendations do you have for the future e-commerce server and deployment in regard to 109 physical location and backend security for privacy data and credit card data? 4. What recommendations do you have to secure the server farm from unauthorized access? 5. If the organization implemented wireless LAN (WLAN) technology, what would you recommend regarding the use of VPNs or encryption within the internal network when accessing the server farm? 6. What is the purpose of a proxy server on a DMZ? 7. What is the purpose of an......

Words: 314 - Pages: 2


...Week 3 iLab Report Mark Mayle DeVry University NETW360: Wireless Technologies and Services MIXED 11B/11G WLAN PERFORMANCE Submitted to: Professor: Raef Yassin Date: 7/26/2014 Mixed 11b/11g WLAN Performance Specific questions from iLab Guidelines * Answer each of the following questions using the sequence and data from the iLab instructions. Answer all questions in full college-level sentences. 1. In your opinion, what is the purpose of our dropping the transmit power to such a low level? Dropping the transmit power does not affect the speed of the signal, it changes the distance the signal will travel. For example, if you want to protect your network so that the signal doesn’t extend far from your house you would lower the transmit power. 2. What do access point connectivity statistics collected for the roaming station show? 3. What do you think the Wireless LAN control traffic received by the roaming 11b node when it is in the engineering building is composed of? 4. How much did our roaming node reduce the total throughput in our heavily loaded WLAN? 5. What caused this reduction in “goodput” on the 11g WLAN? General questions concerning mixing 11b and 11g clients Guidelines: Answer each of the following questions using knowledge gained from the iLab, readings from the textbook, and individual research on the Web. Answer all questions in full college-level sentences and paragraphs. 6. Supposedly, 802.11b is......

Words: 450 - Pages: 2

Wireless Security Policy

...Wireless security policy for a medium-sized banking organization using the following structure: Wireless Security Policy - A wireless policy for a medium-sized banking organization will needed to deploy a wireless LAN to the network and there will not need an onsite IT. The remote can be manage by a standalone intelligent access point which will integrated the wireless LAN by streamline the configuration and management the system. The Network infrastructure wills us a Cisco system for Layer 2 and 3 switching, routing platforms, and voice over IP (VoIP) along with a security management. The Cisco Integrated Services Router will give all data a robust excellence quality for service, VPN, firewall, network security, and encryption for all medium sized origination with an intrusion detection that will address the business needed. To extend the value of the wireless LAN you can use a Cisco Wireless LAN Controller Module for the environments of a medium size origination. The mobility services that are enables by the robust which will include a guest network voice by the WLAN and location tracking. The Cisco 2800 or 3800 Series Integrated Services Router will give the medium size business faster upgrades with a streamline management and a greater reliability. It’s also have a backbone for infrastructure and deploy is cost effectively along with a secure WLANs management. This will give the medium size origination the greatest wireless system secure for the enterprise.......

Words: 467 - Pages: 2

Designing for Security

...Midterm Examination Written Responses Presented in ITS-331 Designing for Security By QUESTION 1 In Chapter 1 of Weaver, Weaver, and Farwood (2013), we considered various THREATS to network security, the FUNDAMENTAL goals of network security, and how LAYERED approaches to defense contributed to the overall security posture of an organization’s information infrastructure. Chapter 2 explored Transmission Control Protocol / Internet Protocol (TCP/IP), the Open Systems Interconnect (OSI) Model, and how various protocols operated within, as well as across OSI layers to enable telecommunications to function. In a scholarly peer-reviewed journal article entitled: "Cyber security in the Smart Grid: Survey and challenges," Wang and Lu (2013) examined security requirements, network vulnerabilities, attack countermeasures, secure communication protocols and architectures in the U.S. Smart Grid. Based upon what you read in Chapters, one, and two of Weaver et al. (2013), as well as the journal article, COMPARE and CONTRAST Vulnerabilities, Attacks, or Threats shared from the text against those provided within the journal article. IDENTIFY Three Similarities AND Three Differences that exists between the text and literature. Wang, W., & Lu, Z. (2013). Cyber security in the Smart Grid: Survey and challenges. Computer Networks, 57(5), 1344-1371. Weaver, R., Weaver, D., & Farwood, D. (2013). Guide to Network Defense and Countermeasures (third Ed.). Boston, MA: Course......

Words: 1934 - Pages: 8


...Security Students Name Institutions Name How to resolve a security issue in a situation where the need for security is great but the available funds are limited Community participation is a very important aspect in enhancing security. Through the community’s leaders individuals can be sensitized on the need to protect each other and also help them to create a ‘we’ feeling in the management of the important resources in a region. This will enable the community members to identify with the resources and wealth of a region and hence strive to protect it by all means. Governments and administrative officials should also involve the locals in making of decisions that are of utmost importance to the people’s welfare (Bakari, Magnusson, Tarimo, & Yngström, 2006). The benefits if personnel in security management develop skills as educators for their organization's security Having high skilled employees who are given the potential to grow their expertise is a great benefit to any organization. An organizations success can often be attributed to individual expertise and skills of its employees. The benefits are as follows: 1. Cuts on the costs of hiring external consultants; many organizations spend a lot of money in hiring third party consultants to cover essential tasks within the organization such as periodic network vulnerability scans and developing security programs. The cost of sending employees to the requisite training may be relatively cheaper (McCoy &......

Words: 1066 - Pages: 5


...Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organization. As noted by the Institute for Security and Open Methodologies (ISECOM) in the OSSTMM 3, security provides "a form of protection where a separation is created between the assets and the threat." These separations are generically called "controls," and sometimes include changes to the asset or the threat.[1] Perception of security may be poorly mapped to measureable objective security. For example, the fear of earthquakes has been reported to be more common than the fear of slipping on the bathroom floor although the latter kills many more people than the former.[2] Similarly, the perceived effectiveness of security measures is sometimes different from the actual security provided by those measures. The presence of security protections may even be taken for security itself. For example, two computer security programs could be interfering with each other and even cancelling each other's effect, while the owner believes s/he is getting double the protection. Security theater is a critical term for deployment of measures primarily aimed at raising subjective security without a genuine or commensurate concern for the effects of that measure on objective security. For example, some consider the screening of airline passengers based on static databases to have been Security Theater and Computer......

Words: 436 - Pages: 2

Pki and Wireless Security

...PKI and Wireless Security There are several advantages of using a commercial PKI rather than implementing such a capability in-house with the software developers you already have. While in-house PKI solution can highly cost an organization with licenses and necessary infrastructure, a commercial PKI solution offers a service package with reliability, strong support, and indemnification. Considering an in-house PKI structure, a company must factor in the cost of setting up a network infrastructure, network security, storage, redundancy, backup, and maintenance. Compare that to a commercial PKI solution, it is considered more profitable in the long run to pay for the service and not worry about all the factors above. It is mainly the control ability that drives companies toward an in-house PKI solution. In return, in-house PKI costs rise because it requires a separate security model including hardware storage solution in order to contain certificate repositories and public keys. The additional security model includes server, router, firewall, and IDS to keep hackers out. Additional software associated with a PKI infrastructure includes operating system for the server, Microsoft Certificate Server software or commercial based software, licensing, and secure backups. Due to the higher level of security requirements associated with PKI structures and private keys, the secure backups would be separated from the everyday backups found in a standard corporate backup......

Words: 841 - Pages: 4

Mixed 11b/11g Wlan Performance

...Mixed 11b/11g WLAN Performance Specific questions from iLab Guidelines • Answer each of the following questions using the sequence and data from the iLab instructions. Answer all questions in full graduate-level sentences. 1. In your opinion, what is the purpose of our dropping the transmit power to such a low level? 2. What do access point connectivity statistics collected for the roaming station show? 3. What do you think the Wireless LAN control traffic received by the roaming 11b node when it is in the engineering building is composed of? 4. How much did our roaming node reduce the total throughput in our heavily loaded WLAN? 5. What caused this reduction in “goodput” on the 11g WLAN?   General questions concerning mixing 11b and 11g clients Guidelines • Answer each of the following questions using knowledge gained from the iLab, readings from the textbook, and individual research on the Web. Answer all questions in full graduate-level sentences and paragraphs. 6. Supposedly, 802.11b is “backwards compatible” with 802.11g, yet this lab demonstrates there are significant problems with allowing the two to coexist. What is the primary “incompatibility” between b and g? 7. There is another mechanism besides RTS/CTS that helps the incompatibility. Explain briefly the difference between RTS/CTS and CTS-to-self and when each is used. 8. What is the “protection” scheme talked about in the standard? In short, how do 11g nodes......

Words: 366 - Pages: 2

Wlan Security

...Practical WLAN security Abstract This report covers the basics security standards in today’s wireless networks, how they work, existing flaws and vulnerability’s. We will go trough the basic architecture of 802.11, the security it provides like WEP, WPA and WPA2. Further more we will go trough some practical experiment exploiting the flaws described in the article. The result of our practical experiments show upon how easy it is to break encryptions and deploying Evil twins, even with very little understanding of the security structure. 2.1 802.11 Standards The architecture of the wireless LANs is specified by the 802.11 standard created by IEEE [1]. There are a few versions of the standard with differences in frequency and speed. Briefly these are a few of the current standards 802.11 (1997): 2.4Ghz, 2Mbps 802.11a (1999): 5Ghz, 54Mbps 802.11b (1999): 2.4Ghz, 11Mbps 802.11g (2003): 2.4Ghz, 54Mbps Even when things like speed and frequency differ, most things are the same as the original 802.11 standard. They all are using the same medium access protocol, CSMA/CS and have features for increasing range by the cost of speed. They also support the two connection modes of ad-hoc and infrastructure, but since this reports is about practical WLAN security we'll not go any further in on that and just care about the infrastructure mode. 1. Introduction Where ever you go, either it’s an workplace, coffeeshop, library or even a park there is a high chance today......

Words: 4798 - Pages: 20

It 242 Security

...are not as expensive. T1 leased lines also offers uninterrupted and reliable data transfer that is best for video and voice communication. Each site should use this type of line as it will give a boost to communication between sites. The distribution offices in Atlanta, Seattle, and Miami require constant communication as they are the ones receiving the orders. The company is currently using a T3 circuit which gives them internet access, also it is compatible with my recommendation. Each location should be able to communicate with each other. The corporate office should have access to each location for the required weekly meetings to be efficient. I recommend the distribution offices and the Japan office to connect to corporate through a WLAN that connects to the WAN. The type of signaling I recommend is PBX because the company will own and operate the system. Eliminating the phone company will cut cost and cut down on any unwanted interference. All that it requires is IP telephones, IP routers, and a connection to the internet which they already have. Telecommunication The type of telecommunication I recommend is the Voice Over IP (VOIP) as it offers a cheaper solution for long distance communication. Voice and fax calls to and from the Japan site will probably be high as this site is the newest. Using VOIP will grant single session access to all forms of incoming and outgoing messages. VOIP will also help the expanding company increase its resources, increase customer......

Words: 1061 - Pages: 5

It Security

...Information Security Policy University of Phoenix IT/244 Intro to IT Security Instructor’s Name: Mark Cherry Date: 03/11/2012 * Table of Contents 1. Executive Summary 1 2. Introduction 1 3. Disaster Recovery Plan 1 3.1. Key elements of the Disaster Recovery Plan 1 3.2. Disaster Recovery Test Plan 1 4. Physical Security Policy 1 4.1. Security of the facilities 1 4.1.1. Physical entry controls 1 4.1.2. Security offices, rooms and facilities 1 4.1.3. Isolated delivery and loading areas 2 4.2. Security of the information systems 2 4.2.1. Workplace protection 2 4.2.2. Unused ports and cabling 2 4.2.3. Network/server equipment 2 4.2.4. Equipment maintenance 2 4.2.5. Security of laptops/roaming equipment 2 5. Access Control Policy 2 6. Network Security Policy 3 7. References 3 Executive Summary This plan seeks to provide the best security available while keeping cost at a minimum. The security plan will implement the best software available along with other security measures to keep all information as secure as possible. The plan should be able to provide top notch security measures with the least amount of monitoring and maintenance. The plan should be fully active and available in the least amount of time with the least amount of disruption from day to day business. Project constraints will be mostly likely be in the cost sector, this may delay certain implantation of security measures but should not delay......

Words: 2076 - Pages: 9