Tags |
|
|
Links |
|
|
Casual Articles - Wireless Security - Getting It Right
Is making money blogging even possible, and a full-time income at that?Well, I have been reading an e-book that talks all about making money BLOGGING.The title of this book is 'Blogging to the Bank,' written by Rob Benwell.According to this book, making money doesn't necessarily come from blogging insomuch as it comes from advertisements (affiliate links, etc.) optimally placed in and around your blog. You also have to have a specific focus for your blog, one that people will want to read about.Of course, you can have more than one blog talking about more than one topic, but the money seems to be in focused/targeted topics. It is a somewhat aggressive approach to blogging since you are actually having to blog about topics that will make you money. That way you will get targeted traffic to your site, traffic that will more than likely click on your links (Google Adsense links, affiliate links, etc.) since they are interested in the information in your bl
The above implementations are open to attack. Even when you do turn on WEP, there are still problems inherent within it. The problem lies in the protocol's encryption key mechanism, which is implemented in such a way that the key can be recovered by analysing the data flow across the network over a period of time. This has been estimated at between 15 minutes and several days. The SSID attached to the header of packets sent over a wireless Lan - is sent as unencrypted text and is vulnerable to being sniffed by third parties. Unfortunately most supplier equipment is configured to broadcast the SSID automatically, essentially giving new devices a ticket to join the network. While this is useful for public wireless networks in places such as airports and retail establishments - in the US for example, Starbucks is offering 802.11b access in
First impressions are lasting impressions! Whether buying a house, a book, or even a product from a web site, we buy what looks attractive or reliable from the outside.Colors, like words, are used to communicate. Color is central to our lives - we rely on color to convey both emotional and psychological impacts that work subtly on the unconscious. For example, when was the last time you went into a restaurant and didn’t eat? Reason? Look at the color combinations - orange, red, yellow! With all of those "hungry" colors, who wouldn’t eat?The purpose of color in your business’ web site design is not solely to attract attention, but to enhance the browsing experience of your customers. Through effective use of color, you can influence the mood of your customers. Blue, for example, relaxes, refreshes, cools; produces tranquil feelings and peaceful moods.By adhering to a few simple rules, you TOO can make the most of color on your web site.1. CONSULT the col
In the old world of wired local area networks, the architecture provides some inherent security. Typically there is a network server and multiple devices with an Ethernet protocol adapter that connect to each other physically via a LAN backbone. If you are not physically connected, you have no access to the LAN.
Compare it with the new wireless LAN architecture. The LAN backbone of the wired world is replaced with radio access points. The Ethernet adapters in devices are replaced with a radio card. There are no physical connections – anyone with a radio capability of sniffing can connect to the network.
What can go wrong?
Unlike the wired network, the intruder does not need physical access in order to pose the following security threats:
Eavesdropping. This involves attacks against the confidentiality of the data that is being transmitted across the network. In the wireless network, eavesdropping is the most significant threat because the attacker can intercept the transmission over the air from a distance away from the premises of the company.
Tampering. The attacker can modify the content of the intercepted packets from the wireless network and this results in a loss of data integrity.
Unauthorized access. The attacker could gain access to privileged data and resources in the network by assuming the identity of a valid user. This kind of attack is known as spoofing. To overcome this attack, proper authentication and access control mechanisms need to be put up in the wireless network.
Denial of Service. In this attack, the intruder floods the network with either valid or invalid messages affecting the availability of the network resources.
How to protect?
There are 3 types of security options – basic, active and hardened. Depending upon your organisation needs, you can adopt any of the above.
Basic
You can achieve the basic security by implementing Wired Equivalent Standard 128 or WEP 128. The IEEE 802.11 task group has established this standard. WEP specifies generation of encryption keys. The information source and information target uses these keys to prevent any eavesdroppers (who do not have these keys) to get access to the data.
Network access control is implemented by using a Service Set Identifier (SSID – a 32 character unique identifier) associated with an access point or a group of access points. The SSID acts as a password for network access.
Another additional type of security is Access Control List (ACL). Each wireless device has a unique identifier called Media Access Control address (MAC). A MAC list can be maintained at an access point or a server of all access points. Only those devices are allowed access to the network that have their MAC address specified.
The above implementations are open to attack. Even when you do turn on WEP, there are still problems inherent within it. The problem lies in the protocol's encryption key mechanism, which is implemented in such a way that the key can be recovered by analysing the data flow across the network over a period of time. This has been estimated at between 15 minutes and several days. The SSID attached to the header of packets sent over a wireless Lan - is sent as unencrypted text and is vulnerable to being sniffed by third parties. Unfortunately most supplier equipment is configured to broadcast the SSID automatically, essentially giving new devices a ticket to join the network. While this is useful for public wireless networks in places such as airports and retail establishments - in the US for example, Starbucks is offering 802.11b access in
In today’s fast paced world there are few people that are enjoying prosperity. I mean true prosperity. I am talking about those people who wake up when they are done sleeping. They are people who can go on a vacation whenever they want to. People who when they shop for a car, they go with the intention of buying a new Ferrari or Porsche. 95 % of the people in this country do not have that kind of lifestyle. Most will fall in to one of the categories below. See which one you fit into, and if you fit into category 3, then congratulations you are truly prosperous.Group 1- People with No Financial SecurityMost people are working harder for less real money. Many are living paycheck-to-paycheck just be able to rent movies for the weekend until Monday rolls around so they can grind out another week. Some may even be working 2 or 3 jobs just to make ends meet. Corporate layoffs, downsizing, corporate accounting scandals are abundant. The cost of benefits and cost of living g
Compare it with the new wireless LAN architecture. The LAN backbone of the wired world is replaced with radio access points. The Ethernet adapters in devices are replaced with a radio card. There are no physical connections – anyone with a radio capability of sniffing can connect to the network.
What can go wrong?
Unlike the wired network, the intruder does not need physical access in order to pose the following security threats:
Eavesdropping. This involves attacks against the confidentiality of the data that is being transmitted across the network. In the wireless network, eavesdropping is the most significant threat because the attacker can intercept the transmission over the air from a distance away from the premises of the company.
Tampering. The attacker can modify the content of the intercepted packets from the wireless network and this results in a loss of data integrity.
Unauthorized access. The attacker could gain access to privileged data and resources in the network by assuming the identity of a valid user. This kind of attack is known as spoofing. To overcome this attack, proper authentication and access control mechanisms need to be put up in the wireless network.
Denial of Service. In this attack, the intruder floods the network with either valid or invalid messages affecting the availability of the network resources.
How to protect?
There are 3 types of security options – basic, active and hardened. Depending upon your organisation needs, you can adopt any of the above.
Basic
You can achieve the basic security by implementing Wired Equivalent Standard 128 or WEP 128. The IEEE 802.11 task group has established this standard. WEP specifies generation of encryption keys. The information source and information target uses these keys to prevent any eavesdroppers (who do not have these keys) to get access to the data.
Network access control is implemented by using a Service Set Identifier (SSID – a 32 character unique identifier) associated with an access point or a group of access points. The SSID acts as a password for network access.
Another additional type of security is Access Control List (ACL). Each wireless device has a unique identifier called Media Access Control address (MAC). A MAC list can be maintained at an access point or a server of all access points. Only those devices are allowed access to the network that have their MAC address specified.
The above implementations are open to attack. Even when you do turn on WEP, there are still problems inherent within it. The problem lies in the protocol's encryption key mechanism, which is implemented in such a way that the key can be recovered by analysing the data flow across the network over a period of time. This has been estimated at between 15 minutes and several days. The SSID attached to the header of packets sent over a wireless Lan - is sent as unencrypted text and is vulnerable to being sniffed by third parties. Unfortunately most supplier equipment is configured to broadcast the SSID automatically, essentially giving new devices a ticket to join the network. While this is useful for public wireless networks in places such as airports and retail establishments - in the US for example, Starbucks is offering 802.11b access in
Just what is a name worth to a new company? It is really all that important? And why not use the employee suggestion box and simply give the winner a free lunch or a day off? (Hey… sometimes it works!)In fact, a lot of time and research has gone into defining the exact monetary value a good brand name delivers to the bottom line. And while some academicians claim they have actually derived that number (a 7% or greater pricing premium and over 35% greater market capitalization), the benefits actually go way beyond the balance sheet.Brilliant brand names point the way. They create expectations that can “pre-sell” and predispose a customer to buy. They imply a promise that will be met in the experience. Most of all, they enlighten. And that’s where expertise comes in and guess work goes out.The basis of brilliant branding hinges on congruency. It’s finding the thread of commonality that exists in an organization and then defining that quality in as simple and nat
Tampering. The attacker can modify the content of the intercepted packets from the wireless network and this results in a loss of data integrity.
Unauthorized access. The attacker could gain access to privileged data and resources in the network by assuming the identity of a valid user. This kind of attack is known as spoofing. To overcome this attack, proper authentication and access control mechanisms need to be put up in the wireless network.
Denial of Service. In this attack, the intruder floods the network with either valid or invalid messages affecting the availability of the network resources.
How to protect?
There are 3 types of security options – basic, active and hardened. Depending upon your organisation needs, you can adopt any of the above.
Basic
You can achieve the basic security by implementing Wired Equivalent Standard 128 or WEP 128. The IEEE 802.11 task group has established this standard. WEP specifies generation of encryption keys. The information source and information target uses these keys to prevent any eavesdroppers (who do not have these keys) to get access to the data.
Network access control is implemented by using a Service Set Identifier (SSID – a 32 character unique identifier) associated with an access point or a group of access points. The SSID acts as a password for network access.
Another additional type of security is Access Control List (ACL). Each wireless device has a unique identifier called Media Access Control address (MAC). A MAC list can be maintained at an access point or a server of all access points. Only those devices are allowed access to the network that have their MAC address specified.
The above implementations are open to attack. Even when you do turn on WEP, there are still problems inherent within it. The problem lies in the protocol's encryption key mechanism, which is implemented in such a way that the key can be recovered by analysing the data flow across the network over a period of time. This has been estimated at between 15 minutes and several days. The SSID attached to the header of packets sent over a wireless Lan - is sent as unencrypted text and is vulnerable to being sniffed by third parties. Unfortunately most supplier equipment is configured to broadcast the SSID automatically, essentially giving new devices a ticket to join the network. While this is useful for public wireless networks in places such as airports and retail establishments - in the US for example, Starbucks is offering 802.11b access in
Walk around any trade or consumer show and you will be able to collect a bag full of advertising specialties, or giveaway items all designed to promote. But look a little more closely. How many really do an effective job? How clearly do they get a message across? Is the message sufficiently visible? Is the giveaway useful or unique enough that you would want to keep and use it? All these questions, and more, need to be considered before jumping into the giveaway game.Everyone enjoys receiving a gift, even if it is "just a little something." Gift giving creates a favorable impression. It can build goodwill, be an incentive, communicate a message and create awareness.When thinking about advertising specialties for your next show, consider the following ten questions:1. What do you want to achieve by giving away a premium item?Your giveaway items should be designed to increase your memorability, communicate, motivate, promote or increase recognition. It is
Basic
You can achieve the basic security by implementing Wired Equivalent Standard 128 or WEP 128. The IEEE 802.11 task group has established this standard. WEP specifies generation of encryption keys. The information source and information target uses these keys to prevent any eavesdroppers (who do not have these keys) to get access to the data.
Network access control is implemented by using a Service Set Identifier (SSID – a 32 character unique identifier) associated with an access point or a group of access points. The SSID acts as a password for network access.
Another additional type of security is Access Control List (ACL). Each wireless device has a unique identifier called Media Access Control address (MAC). A MAC list can be maintained at an access point or a server of all access points. Only those devices are allowed access to the network that have their MAC address specified.
The above implementations are open to attack. Even when you do turn on WEP, there are still problems inherent within it. The problem lies in the protocol's encryption key mechanism, which is implemented in such a way that the key can be recovered by analysing the data flow across the network over a period of time. This has been estimated at between 15 minutes and several days. The SSID attached to the header of packets sent over a wireless Lan - is sent as unencrypted text and is vulnerable to being sniffed by third parties. Unfortunately most supplier equipment is configured to broadcast the SSID automatically, essentially giving new devices a ticket to join the network. While this is useful for public wireless networks in places such as airports and retail establishments - in the US for example, Starbucks is offering 802.11b access in
Starting a home based business always starts with an idea. The ideas can come from numerous areas but one of the best things to ask yourself is what need in your life isn't being fulfilled? You can even ask others what they would like to have in their life that would make things easier.It's all about solving people's problems. For instance, several years ago while buying coffee at a local coffee shop downtown, one of my co-workers said he wold love to start a business delivering coffee to the local businesses in the area. He felt there was a need to fulfill as most of the business people were big coffee drinkers and preferred to purchase the "designer" coffee rather drink the regular brew in their break rooms. The idea was only a whim but with some planning and maybe another good idea to include with the coffee delivery, it may have been viable.If you want to be sure there is a market for your ideas, try giving surveys to your friends and family, or ask around o
The above implementations are open to attack. Even when you do turn on WEP, there are still problems inherent within it. The problem lies in the protocol's encryption key mechanism, which is implemented in such a way that the key can be recovered by analysing the data flow across the network over a period of time. This has been estimated at between 15 minutes and several days. The SSID attached to the header of packets sent over a wireless Lan - is sent as unencrypted text and is vulnerable to being sniffed by third parties. Unfortunately most supplier equipment is configured to broadcast the SSID automatically, essentially giving new devices a ticket to join the network. While this is useful for public wireless networks in places such as airports and retail establishments - in the US for example, Starbucks is offering 802.11b access in some of its stores - it represents another security loophole for corporates that do not switch it off. Finally any MAC address can be change!
d to another (spoofed), so the use of ACL is not foolproof either.
Active
To implement an Active type of security, you need to implement the IEEE 802.1x security standard. This covers two areas – network access restriction through mutual authentication and data integration through WEP key rotation. Mutual authentication between the client station and the access points helps ensure that clients are communicating with known networks and dynamic key rotation reduces exposure to key attacks.
Due to weaknesses in WEP, some standard alternatives to WEP have emerged. Most of the Wi-Fi manufacturers have agreed to use a temporary standard for enhanced security called Wi-Fi Protected Access (WPA).
In WPA, the encryption key is changed after every frame using Temporary Key Integrity Protocol (TKIP). This protocol allows key changes to occur on a frame-by-frame basis and to be automatically synchronized between the access point and the wireless client. The TKIP is really the heart and soul of WPA security. TKIP replaces WEP encryption. And although WEP is optional in standard Wi-Fi, TKIP is required in WPA. The TKIP encryption algorithm is stronger than the one used by WEP but works by using the same hardware-based calculation mechanisms WEP uses.
Hardened
There are organisations like banks, which have very stringent security requirements. They need to implement the hardened type of security systems. These are solutions certified in accordance with the Federal Information Protection Standard (FIPS 1.40). Products in this category offer point-to-point security for wireless information communication and include offerings such as AirFortress and IPSec Virtual Private Networks (VPNs). A VPN will increase the cost of your network, but you can base your decision on whether to implement it by using the same course of action that you should be taking with all other parts of your infrastructure. Map the risks against the business data that you will be passing over radio, and assess the financial impact of a breach. If the data is too critical, reassess what should be passed over the network, or use a VPN to enhance your protection.
Summary
The vendors are working towards implementing newer standards and this year we should see products implementing IEEE 802.11i that will further the authentication and encryption gains implemented by WPA. Most notably, it will add a ground up encryption standard known as Advanced Encryption Standard (AES) as well as various other enhancements.
Newer standards apart, organisations must understand that achieving wireless security is essential and the good part is that it is easy. An organisation must define its security needs and use the features available in the systems accordingly. Choose a good vendor who can help you implement your requirements through standards based solutions. A good implementation must be supported by a security policy, which is well understood by everyone in the organisation. Make your employees aware that they all are responsible for security and share the cost of security breaches. Assign authority & ownership to few employees for the various parts in the security policy and make periodic reviews of their performance. Most important is to monitor your systems for any possible breaches and adapt if necessary. Never sleep well.
HTTP = HTML link (for blogs, profiles,phorums):
<a href="http://www.casualarticles.com/article/170003/casualarticles-Wireless-Security--Getting-It-Right.html">Wireless Security - Getting It Right</a>
BB link (for phorums):
[url=http://www.casualarticles.com/article/170003/casualarticles-Wireless-Security--Getting-It-Right.html]Wireless Security - Getting It Right[/url]
Related Articles:
Defining Online Branding-Part 2
Budget Friendly Catalog Printing Jobs
Acquiring Quality Opt-In Addresses Is Key To Email Marketing Success
Bookmark it:
|