Assignment 1: How Safe Is Your Wireless Network?
How safe is your wireless network?
Ever since the introduction of the first mobile computer device, there has been a growing need and want for more and more mobile computing devices. Once users got the first taste of harnessing the power of the mobile device that was all they needed. Today, you cannot walk down any public road or walk into a public building without seeing users talking and connecting to the internet via mobile devices. Today, there are two ways that data can be transmitted. Either through a physical cable or through free space. There are a number of security considerations when using a physical cable. However, there are an even greater number of security considerations when transmitting through the free space. …show more content…
This free space transmission is known as wireless transmission and the security of this wireless transmission is what this paper is about. There are many different types of mobile devices that have swamped the market because of a high demand by users of these devices for a better looking, better price and faster mobile device. There are the traditional laptop computers, which have served a genuine purpose since their invention. Today’s laptop computers have changed drastically in just the last five years or so. Today’s laptop computers resemble tablets more than traditional laptops. This is thanks to Moore’s Law of processing capability and transistors being smaller and smaller and due to diligent research on cooling technologies for these very small processors that operate very well in very small, thin laptops. It is not a stretch to see an average laptop user with a fourteen inch by eight inch laptop with a width under one inch. In fact, these are the norm as laptop manufacturers must try to compete with the smaller mobile devices. Besides laptops, we have a wide range of mobile cellular phones that come with a wide range of capabilities. These mobile cell phones have adopted the new name of smartphones. In 2013, the top manufacturers of these smartphones are Samsung, Nokia, Apple, and LG(TOI Tech, 2013). Smartphones have the regular ability to send and receive phone calls and messages. However, they are capable of so much more than that. Smartphone work off of a mobile operating system and the first smartphones were a combination of non-smartphone and a PDA. The latest smartphones have so many capabilities to choose from. Anything that can be done on a laptop computer can be done on a smartphone now. This includes things such as word processing, watching movies, and checking online accounts. They have camera capabilities that rival regular cameras, and have armed users with the ability to capture anything they happen to be nearby and with fancy apps they can post it immediately after. Speaking of apps, there is an app for anything any user may want to do, such as language translations and calorie counting apps. The PDA is a popular mobile device that has been used before smartphones came out. The early PDA was a mobile electronic organizer and was very handy instead of having to write down everything. Today’s PDA has evolved into an all-in-one device. The PDA still has its organizing functions, but now also includes internet access, GPS, and various apps. Many of the latest smartphones are a combination of the PDA and the smartphone, with larger screens that resemble PDA screens(Freudenrich & Carmack, 2003). A recent and highly popular innovation is the tablet. Bigger than a smartphone, but smaller than a laptop. It combines the best of both worlds. However, the only thing it does not include is phone call capabilities. Generally, the hardware in a tablet is the same as in a laptop. It has a CPU or GPU, memory, network access card or Wi-Fi chip and a battery(Strickland, 2011).
The iPad was the first successful tablet on the market and is still a favorite of tablet users. It was developed by Apple and was kept a secret until the successful unveiling. Other popular tablets are the Samsung Galaxy Note, the Amazon Kindle Fire, and the Microsoft Surface Pro(TechRadar, 2013).
The latest smartphones, PDAs, tablets and other mobile devices have 3G,4G, or LTE broadband technology which enable them to connect to networks, such as the internet.
These network technologies use radio waves to connect to networks. Today’s smartphones also can act as their own mobile hotspot. Other ways that mobile devices can connect wirelessly are by using public Wi-Fi hotspots. Home users tend to have a variety of devices they like to connect wirelessly to the internet and to each other. While at home, users can use a wireless router provided by their ISP or they buy a wireless router that can be connected to the home wired network to provide wireless functionality. Because of the high-price of smartphone hotspots use, few home users use their smartphone network to connect their other devices to the internet. Other ways that home users can connect wirelessly are through ISPs that provide satellite or microwave connections. Businesses are increasingly using mobile employees with mobile devices that connect to the company’s infrastructure wirelessly. When business employees are out and about they have many different options for connecting. They can use their smartphones, create a hotspot with their smartphone to connect other devices to the network or use public Wi-Fi
hotspots. Wi-Fi hotspots are used quite often in our world today. There are ISP provided hotspots and there are businesses that create hotspots for their customers to use. There are even internet cafes that specialize in providing internet access to customers for a small fee. Wi-Fi hotspots create their own security vulnerabilities by themselves. However, they are still used when the users network is not available. Many users connect to hotspots while vacation or on a business trip around world. Being able to connect with any and all of these various mobile devices has its advantages and makes life a lot easier and simpler because multi-tasking is needed in this fast-paced world. However, this has led to many users connecting wirelessly with their smartphones without securing that wireless connection. In my opinion, there is a definite lack of knowledge on how to do this exactly among average users. This leads to hackers having a gourmet feast of wireless connections to poke at. There are a large number of common wireless network malicious attacks that users should be aware of. One of these is the rogue hotspot or access point. A growing problem with mobile wireless users is that they know how to use their device to find available open networks to join, and then they can get free internet access. While this may be true, sometimes they are getting more than they bargained for. The rogue hotspot is the wireless variation of a man-in-the-middle attack. A man-in-the-middle attack is when an attacker places themselves between a user and the server the user is using. From this vantage point, there are numerous things the attackers can do(Man-in-the-middle attack, 2009). In a rogue access point attack, the attacker puts their own access point within the range of a wireless station. The attack needs to know the SSID, which many users broadcast unknowingly, and have a good signal. Rogue access points are highly dangerous because there is only one way to detect them, site surveys. Site surveys will be addressed later on in this paper(Shimonski, 2003). Another common wireless attack is password cracking and it is common to all networks. A quick search on the internet will reveal many password cracking downloads and some tout they can crack a password in just a few minutes. I wish I could say that was not so, but it is possible. There are a variety of tools at the attackers disposal that can crack passwords, such as WEPcrack and Dweputils. This is why it is of the utmost importance for wireless users to follow wireless security best practices and password best practices. These are addressed later in this paper(Morgan, 2006). Another common wireless attack is wardriving. Wardriving is when an attacker maps out wireless network in a given area. They do this with a mobile device and they need to be moving. Attackers do this as a prelude to an attack. Just like rogue access points, the attacker does not need to be very near the network to map it(Schwartz, 2011).
There are various software packages used for wardriving and many have started it as a hobby without malicious intent. A few of the more popular wardriving softwares are NetStumbler and Kismet. One of the biggest problems with this being a non-malicious hobby is that many will post the wireless networks they find online and then the malicious attacker already has half of his job already done for him. There are things that can be done to detect the various wardriver software programs, but they are confined to “listening” for the signatures of those specific programs. In the end, the best prevention is utilizing the best practices(Etter, 2002). Eavesdropping is another common hobby that is not always used maliciously. For those that use eavesdropping maliciously, there are a great number of packet sniffing and capturing and network vulnerability software packages to choose from. There are many IT security professionals who use these software packages to test their company network. However, there are always attackers that will end up using it maliciously. The biggest threat from eavesdropping on a wireless network is because the network is wireless, the data being transmitted is using radio waves. These radio waves are very easy to capture. Those packets that are captured have the data that the user is transmitting though and if the user is transmitting sensitive data then the attacker now has it and can use it with malicious intent. To defend against eavesdropping, encryption best practices are necessary. If the attacker has a packet, but it is gibberish to him then he cannot do anything with it. This is the goal. Recently, there has been a rash of malware hiding inside legitimate apps and inside non-legitimate apps that function like they are supposed to originally so the user is unaware they have downloaded any malicious software at all. One of the more well-known malware attacks is called Zeus. It is a Trojan and was found masquerading as an app for security. However, it is completely fake and takes users text messages and sends them to attackers. This is a very dangerous type of malware because many users will not be able to detect it is malware and there may be sensitive data contained in the user’s messages that attackers can use maliciously(Gonsalves, 2012). Recently, in July of 2013, Tumblr had a breach in the security of their mobile app for iPhones and iPads. Attackers were able to perform network packet sniffing to gather Tumblr users passwords. Thankfully, Tumblr caught it quickly and released an update and advisory to change their passwords immediately(Ribeiro, 2013). For some reason the Android devices have become a very popular target among attackers. The FBI has even issued an official warning to Android users about malware specifically targeting android devices(Kunzler, 2012). One of the more common ones to come out is called Android Fakedefender. The android user gets a warning screen that indicates they have malware infections on their device after a scan was completed by Android Defender. It then informs them that the infections can be removed by installing the software. The user pays for the software and installs it. However, when the user installs it, they are really installing actual malware itself(Bradley, 2013). This is reminiscent of fake antivirus software that runs rampant on the internet and infects tons of desktop and laptop users daily. Common wireless attacks are too numerous to mention every type. Suffice to say that there is a growing problem with unsecured wireless networks. Maybe ISPs that provide wireless routers could also provide a pamphlet with it that informs users of the various things they can do to secure their wireless networks. There are many devices that are made specifically or in combination with other devices for securing wired and wireless networks. The very best device for securing a wired and wireless network is a firewall. There are two different firewalls that should be used. The first is a personal software firewall and only one can be in use at a time. There a numerous software firewall solutions. Most anti-virus programs have a software firewall solution built in. The new Windows 8 OS has an integrated security solution that includes windows firewall also. There are also many other free software firewalls to choose from(Tyson, 2000).
A hardware firewall is a powerful security device that should also be used whenever possible. A firewall is just as its name implies. It is a wall or barrier against malicious activity that wants into your network. Just as a firewall in a car protects the inside passengers from fires that may happen in the engine compartment, a computer firewall protects the network users from attacks from the outside. This is when firewall best practices come into play and will be discussed later in this paper(Tyson, 2000). Fortunately, the next strongest of security devices usually have hardware firewall functionality built into the devices. These devices are routers, and in this cased the wireless router and/or access point. ISPs will provide a wireless router and/or access point to their users with a strong hardware firewall set up because it is in their best interest not to allow attacks into their network either. If one is not provided by an ISP, there are many option available to buy that have the integrated functionality. Many routers today come integrated with not just a hardware firewall, but many other functions also. One of these other functions are WIPS and WIDS. These are wireless intrusion prevention systems and wireless intrusion detection systems. WIPS monitor the network for suspicious activity and can block it or stop it if necessary and report it to the user. WIDS monitors and notifies the user, so that the user can decide what should be done next. There are hardware WIPS/WIDS systems and there are also software WIPS/WIDS solutions and open-source solutions. Most home and mobile users do not use these systems, but businesses should always use them on their wireless networks(Chaskar, 2009). Another powerful device that all wireless users is a VPN. There is no good reason not to use a VPN because there are many open-source VPN software solutions to choose from. A VPN is quick and easy to use and creates a tunnel within the network that is hard for attackers to detect. Furthermore, a VPN takes the data packets before they are transmitted and puts those packets within another packet. This is called encapsulation and provides a secure environment for the packets to travel. Though it is important to note that no network is 100% secure ever! It only takes a minute to connect to VPN and it is well worth it(Moceri & Ruths, 2007). Another important device is anti-virus software. Every wireless device, even smartphones, should have an anti-virus program running all the time. There are very powerful paid programs and there are numerous free programs to choose from also. Best practices for anti-virus programs should be followed. The last device is not for the layperson as it can be very confusing. I suggest a network penetration and vulnerability scanner. There are many open-source scanners online to choose from. Using a scanner puts the user in the attackers seat for a little while. The user is basically trying to find the holes in the wireless network. When the user finds holes in the wireless network, a plan can be implemented to close those holes so a real attacker cannot enter through them. The rest of this paper will consist of best practices for securing wireless networks and will address defenses for the common wireless malicious attacks that were stated earlier. Password best practices are often overlooked, but just as important as many of the other practices. A strong password should be chosen with at least 8 characters and should include at least one special character and at least one capital letter. Change passwords every three months and do not use the same password on any other site. Passwords can be difficult to keep track of, but there are password managers that are open-source and very secure that can be downloaded to make it easier to handle. In smartphones, password locks should always be used. Any devices that have integrated biometric readers should be enabled. The next topic is best practices for authentication on wireless networks. Authentication deals with only allowing the proper users to enter the system. Whenever possible two-factor authentication should be used(Cooney, 2012). In businesses, two-factor authentication with concealed smart cards or flash drives and/or RADIUS should be used(Morgan, 2006). The next important wireless security best practice is encryption. If an attacker can see your transmitted data but cannot understand it then he cannot do anything malicious with it. That is the goal of encryption. Never use WEP encryption because a 5 year old can crack it. Instead use WPA2 with the AES method if possible. This gives the strongest encryption for any device(Mitchell, 2008). Another wireless security best practice is maintaining and updating devices and software properly. This includes staying maintaining and updating the operating system of the device. Maintaining and updating any software programs, such as anti-virus programs, firewalls, VPNs, and web browsers. This means every device, including smartphones. This is often overlooked on smartphones and leads to vulnerabilities. The next important wireless security best practice concerns routers and access points. The user needs to establish a connection with the router or access point. Once the connection is established, there are various things that need to be enabled, disabled and changed. The first thing is to shield the SSID. The SSID is used to identify the network. The default name, usually given by the user’s ISP, should be changed. Make sure all devices are calling on the new name of the network to connect properly. Make sure to change the SSID just as often as regular passwords are changed. Also, disable SSID broadcasting as that just invites an attacker to come take a look at the network. For small networks, users should use MAC address filtering to specify which devices are allowed and which are not allowed on the network. Last but not least, in a smaller network, disable DHCP so if an attacker is allowed into the network, they won’t be assigned an IP address by DHCP because it will be disabled(Shimonski, 2003). Investing a little bit of time to download and install a WIPS/WIDS and VPN open-source software solution can save a lot of headaches down the road. If a user often connects to hotspots or transmits personal data, then these can be life-savers. As far as rogue access points, the WIPS/WIDS solution will scan and monitor for malicious or suspicious activity and will also detect any rogue access points and let you know or automatically stop or block them. The VPN will provide a secure enough tunnel to transmit sensitive data through(Moceri & Ruths, 2007). In addition, if not using the wireless network for a period of time it is best to disable it. Most devices have a setting to connect automatically to a previously connected network. This setting should be checked to verify there are no automatic connections. When connecting to a hotspot, if a SSL certificate not valid warning pops up, do not accept it. Only use valid SSL certificate when on wireless hotspot networks(Preventing Fraud and, 2013). For all mobile devices, download and install apps to find and remotely wipe data if needed. It is LoJack for mobile devices and there are numerous free software downloads. There are many wireless security best practices. The preceding should cover the majority of the best practices involved in wireless network security. A few other important things to remember are properly configuring and enabling things such as firewalls and antivirus programs. Wireless security is a very important part of cybersecurity. Many users are not knowledgeable or do not understand how to implement wireless security best practices. For the sake of all users and all networks, this should change and more users should be educated on how to secure their information. According to Alcatel-Lucent, a global communications technology corporation, malware cases security breaches are on the rise on smartphone and mobile devices in 2013. As more consumers use mobile wireless devices more and more, attackers are more and more trying to find ways to exploit them(Alcatel-Lucent, 2013). Though no network, wired or wireless, is 100% secure, the best way to come as close as possible is to be educated in wireless security best practices and to implement each one of them whenever possible.
References
Alcatel-Lucent. (2013). Alcatel-Lucent reports rising cases of malware and breaches of cyber- security on broadband devices and smartphones. Retrieved from http://www3.alcatel- lucent.com/wps/portal/!ut/p/kcxml/04_Sj9SPykssy0xPLMnMz0vM0Y_QjzKLd4x3tXD UL8h2VAQAURh_Yw!!?LMSG_CABINET=Docs_and_Resource_Ctr&LMSG_CONT ENT_FILE=News_Releases_2013/News_Article_002879.xml.
Bradley, T. (2013). Fake AV and ransomware: Coming soon to an Android device near you. Retrieved from http://www.pcworld.com/article/2042693/fake-av-and-ransomware- coming-soon-to-an-android-device-near-you.html.
Chacos, B. (2013). Mobile security reality check: What you really need for protecting your phone. Retrieved from http://www.techhive.com/article/2038836/mobile-security-reality- check-what-you-really-need-for-protecting-your-phone.html.
Chaskar, H. (2009). Clarifying the WIDS/WIPS Jargon – Overlay, Integrated etc. Retrieved from http://blog.airtightnetworks.com/clarifying-the-widswips-jargon-overlay-integrated-etc.
Cooney, M. (2012). 10 common mobile security problems to attack. Retrieved from http://www.pcworld.com/article/2010278/10-common-mobile-security-problems-to- attack.html.
Coustan, D. & Strickland, J. (2001). How Smartphones Work. Retrieved from http://electronics.howstuffworks.com/smartphone.htm.
Etter, A. (2002). A Guide to Wardriving and Detecting Wardrivers. Retrieved from http://www.sans.org/reading-room/whitepapers/wireless/guide-wardriving-detecting- wardrivers-174?show=guide-wardriving-detecting-wardrivers-174&cat=wireless.
Freudenrich, C. & Carmack, C. (2003). How PDAs Work. Retrieved from http://electronics.howstuffworks.com/gadgets/travel/pda.htm.
Gonsalves, A. (2012). Android malware variant pretends to be a security app. Retrieved from http://www.techhive.com/article/2013535/android-malware-variant-pretends-to-be-a- security-app.html.
Kunzler, G. (2012). FBI Issues Official Warning to Users About Android Malware. Retrieved from http://www.mactrast.com/2012/10/fbi-warns-that-android-phones-are-havens-for- malware.
Man-in-the-middle attack. (2009). Open Web Application Security Project (OWASP). Retrieved from https://www.owasp.org/index.php/Man-in-the-middle_attack.
Mitchell, B. (2008). AES vs TKIP for Wireless Encryption. Retrieved from http://compnetworking.about.com/b/2008/08/21/aes-vs-tkip-for-wireless-encryption.htm.
Moceri, P. & Ruths, T. (2007). Cafe Cracks: Attacks on Unsecured Wireless Networks. Washington University in St. Louis. Department of Computer Science & Engineering. Retrieved from http://www1.cse .wustl.edu/~jain/index.html.
Morgan, B. (2006). Wireless Authentication Solutions. Retrieved from http://www.windowsecurity.com/whitepapers/Wireless_Security/Wireless- Authentication-Solutions.html.
Morgan, B. (2006). Wireless Cracking Tools. Retrieved from http://www.windowsecurity.com/whitepapers/Wireless_Security/Wireless-Cracking- Tools.html.
Preventing Fraud and Identity Theft Wi-Fi Hacking and Hotspot Dangers. (2013). City of San Diego Police Department. Retrieved from http://www.sandiego.gov/police/services/prevention/tips/fraud/wifi.shtml.
Reisinger, D. (2013). Mobile Malware Threats Getting Steadily Worse. Retrieved from http://www.cioinsight.com/security/slideshows/mobile-malware-threats-getting-steadily- worse-10.
Ribeiro, J. (2013). Tumblr tells users to change passwords, patches security hole in iOS apps. Retrieved from http://www.pcworld.com/article/2044515/tumblr-tells-users-to-change- passwords-patches-security-hole-in-ios-apps.html.
Shimonski, R. (2003). Wireless Attacks Primer. Retrieved from http://netsecurity.about.com/od/secureyourwifinetwork/a/aa081604.htm.
Schwartz, M. (2011). Wardriving Burglars Hacked Business Wi-Fi Networks. Retrieved from http://www.informationweek.com/security/attacks/wardriving-burglars-hacked-business- wi-f/231602047.
Strickland, J. (2011). How Tablets Work. Retrieved from http://computer.howstuffworks.com/tablets/tablet.htm.
TechRadar. (2013). Best tablets 2013: our top 10 ranking. Retrieved from http://www.techradar.com/us/news/mobile-computing/tablets/10-best-tablet-pcs-in-the- world-today-1079603.
TOI Tech. (2013). 10 biggest mobile phone makers globally. Retrieved from http://timesofindia.indiatimes.com/tech/slideshow/10-biggest-mobile-phone-makers- globally/itslideshow/21858976.cms.
Tyson, J. (2000). How Firewalls Work. Retrieved from http://computer.howstuffworks.com/firewall.htm.
Ever since the introduction of the first mobile computer device, there has been a growing need and want for more and more mobile computing devices. Once users got the first taste of harnessing the power of the mobile device that was all they needed. Today, you cannot walk down any public road or walk into a public building without seeing users talking and connecting to the internet via mobile devices. Today, there are two ways that data can be transmitted. Either through a physical cable or through free space. There are a number of security considerations when using a physical cable. However, there are an even greater number of security considerations when transmitting through the free space. …show more content…
This free space transmission is known as wireless transmission and the security of this wireless transmission is what this paper is about. There are many different types of mobile devices that have swamped the market because of a high demand by users of these devices for a better looking, better price and faster mobile device. There are the traditional laptop computers, which have served a genuine purpose since their invention. Today’s laptop computers have changed drastically in just the last five years or so. Today’s laptop computers resemble tablets more than traditional laptops. This is thanks to Moore’s Law of processing capability and transistors being smaller and smaller and due to diligent research on cooling technologies for these very small processors that operate very well in very small, thin laptops. It is not a stretch to see an average laptop user with a fourteen inch by eight inch laptop with a width under one inch. In fact, these are the norm as laptop manufacturers must try to compete with the smaller mobile devices. Besides laptops, we have a wide range of mobile cellular phones that come with a wide range of capabilities. These mobile cell phones have adopted the new name of smartphones. In 2013, the top manufacturers of these smartphones are Samsung, Nokia, Apple, and LG(TOI Tech, 2013). Smartphones have the regular ability to send and receive phone calls and messages. However, they are capable of so much more than that. Smartphone work off of a mobile operating system and the first smartphones were a combination of non-smartphone and a PDA. The latest smartphones have so many capabilities to choose from. Anything that can be done on a laptop computer can be done on a smartphone now. This includes things such as word processing, watching movies, and checking online accounts. They have camera capabilities that rival regular cameras, and have armed users with the ability to capture anything they happen to be nearby and with fancy apps they can post it immediately after. Speaking of apps, there is an app for anything any user may want to do, such as language translations and calorie counting apps. The PDA is a popular mobile device that has been used before smartphones came out. The early PDA was a mobile electronic organizer and was very handy instead of having to write down everything. Today’s PDA has evolved into an all-in-one device. The PDA still has its organizing functions, but now also includes internet access, GPS, and various apps. Many of the latest smartphones are a combination of the PDA and the smartphone, with larger screens that resemble PDA screens(Freudenrich & Carmack, 2003). A recent and highly popular innovation is the tablet. Bigger than a smartphone, but smaller than a laptop. It combines the best of both worlds. However, the only thing it does not include is phone call capabilities. Generally, the hardware in a tablet is the same as in a laptop. It has a CPU or GPU, memory, network access card or Wi-Fi chip and a battery(Strickland, 2011).
The iPad was the first successful tablet on the market and is still a favorite of tablet users. It was developed by Apple and was kept a secret until the successful unveiling. Other popular tablets are the Samsung Galaxy Note, the Amazon Kindle Fire, and the Microsoft Surface Pro(TechRadar, 2013).
The latest smartphones, PDAs, tablets and other mobile devices have 3G,4G, or LTE broadband technology which enable them to connect to networks, such as the internet.
These network technologies use radio waves to connect to networks. Today’s smartphones also can act as their own mobile hotspot. Other ways that mobile devices can connect wirelessly are by using public Wi-Fi hotspots. Home users tend to have a variety of devices they like to connect wirelessly to the internet and to each other. While at home, users can use a wireless router provided by their ISP or they buy a wireless router that can be connected to the home wired network to provide wireless functionality. Because of the high-price of smartphone hotspots use, few home users use their smartphone network to connect their other devices to the internet. Other ways that home users can connect wirelessly are through ISPs that provide satellite or microwave connections. Businesses are increasingly using mobile employees with mobile devices that connect to the company’s infrastructure wirelessly. When business employees are out and about they have many different options for connecting. They can use their smartphones, create a hotspot with their smartphone to connect other devices to the network or use public Wi-Fi
hotspots. Wi-Fi hotspots are used quite often in our world today. There are ISP provided hotspots and there are businesses that create hotspots for their customers to use. There are even internet cafes that specialize in providing internet access to customers for a small fee. Wi-Fi hotspots create their own security vulnerabilities by themselves. However, they are still used when the users network is not available. Many users connect to hotspots while vacation or on a business trip around world. Being able to connect with any and all of these various mobile devices has its advantages and makes life a lot easier and simpler because multi-tasking is needed in this fast-paced world. However, this has led to many users connecting wirelessly with their smartphones without securing that wireless connection. In my opinion, there is a definite lack of knowledge on how to do this exactly among average users. This leads to hackers having a gourmet feast of wireless connections to poke at. There are a large number of common wireless network malicious attacks that users should be aware of. One of these is the rogue hotspot or access point. A growing problem with mobile wireless users is that they know how to use their device to find available open networks to join, and then they can get free internet access. While this may be true, sometimes they are getting more than they bargained for. The rogue hotspot is the wireless variation of a man-in-the-middle attack. A man-in-the-middle attack is when an attacker places themselves between a user and the server the user is using. From this vantage point, there are numerous things the attackers can do(Man-in-the-middle attack, 2009). In a rogue access point attack, the attacker puts their own access point within the range of a wireless station. The attack needs to know the SSID, which many users broadcast unknowingly, and have a good signal. Rogue access points are highly dangerous because there is only one way to detect them, site surveys. Site surveys will be addressed later on in this paper(Shimonski, 2003). Another common wireless attack is password cracking and it is common to all networks. A quick search on the internet will reveal many password cracking downloads and some tout they can crack a password in just a few minutes. I wish I could say that was not so, but it is possible. There are a variety of tools at the attackers disposal that can crack passwords, such as WEPcrack and Dweputils. This is why it is of the utmost importance for wireless users to follow wireless security best practices and password best practices. These are addressed later in this paper(Morgan, 2006). Another common wireless attack is wardriving. Wardriving is when an attacker maps out wireless network in a given area. They do this with a mobile device and they need to be moving. Attackers do this as a prelude to an attack. Just like rogue access points, the attacker does not need to be very near the network to map it(Schwartz, 2011).
There are various software packages used for wardriving and many have started it as a hobby without malicious intent. A few of the more popular wardriving softwares are NetStumbler and Kismet. One of the biggest problems with this being a non-malicious hobby is that many will post the wireless networks they find online and then the malicious attacker already has half of his job already done for him. There are things that can be done to detect the various wardriver software programs, but they are confined to “listening” for the signatures of those specific programs. In the end, the best prevention is utilizing the best practices(Etter, 2002). Eavesdropping is another common hobby that is not always used maliciously. For those that use eavesdropping maliciously, there are a great number of packet sniffing and capturing and network vulnerability software packages to choose from. There are many IT security professionals who use these software packages to test their company network. However, there are always attackers that will end up using it maliciously. The biggest threat from eavesdropping on a wireless network is because the network is wireless, the data being transmitted is using radio waves. These radio waves are very easy to capture. Those packets that are captured have the data that the user is transmitting though and if the user is transmitting sensitive data then the attacker now has it and can use it with malicious intent. To defend against eavesdropping, encryption best practices are necessary. If the attacker has a packet, but it is gibberish to him then he cannot do anything with it. This is the goal. Recently, there has been a rash of malware hiding inside legitimate apps and inside non-legitimate apps that function like they are supposed to originally so the user is unaware they have downloaded any malicious software at all. One of the more well-known malware attacks is called Zeus. It is a Trojan and was found masquerading as an app for security. However, it is completely fake and takes users text messages and sends them to attackers. This is a very dangerous type of malware because many users will not be able to detect it is malware and there may be sensitive data contained in the user’s messages that attackers can use maliciously(Gonsalves, 2012). Recently, in July of 2013, Tumblr had a breach in the security of their mobile app for iPhones and iPads. Attackers were able to perform network packet sniffing to gather Tumblr users passwords. Thankfully, Tumblr caught it quickly and released an update and advisory to change their passwords immediately(Ribeiro, 2013). For some reason the Android devices have become a very popular target among attackers. The FBI has even issued an official warning to Android users about malware specifically targeting android devices(Kunzler, 2012). One of the more common ones to come out is called Android Fakedefender. The android user gets a warning screen that indicates they have malware infections on their device after a scan was completed by Android Defender. It then informs them that the infections can be removed by installing the software. The user pays for the software and installs it. However, when the user installs it, they are really installing actual malware itself(Bradley, 2013). This is reminiscent of fake antivirus software that runs rampant on the internet and infects tons of desktop and laptop users daily. Common wireless attacks are too numerous to mention every type. Suffice to say that there is a growing problem with unsecured wireless networks. Maybe ISPs that provide wireless routers could also provide a pamphlet with it that informs users of the various things they can do to secure their wireless networks. There are many devices that are made specifically or in combination with other devices for securing wired and wireless networks. The very best device for securing a wired and wireless network is a firewall. There are two different firewalls that should be used. The first is a personal software firewall and only one can be in use at a time. There a numerous software firewall solutions. Most anti-virus programs have a software firewall solution built in. The new Windows 8 OS has an integrated security solution that includes windows firewall also. There are also many other free software firewalls to choose from(Tyson, 2000).
A hardware firewall is a powerful security device that should also be used whenever possible. A firewall is just as its name implies. It is a wall or barrier against malicious activity that wants into your network. Just as a firewall in a car protects the inside passengers from fires that may happen in the engine compartment, a computer firewall protects the network users from attacks from the outside. This is when firewall best practices come into play and will be discussed later in this paper(Tyson, 2000). Fortunately, the next strongest of security devices usually have hardware firewall functionality built into the devices. These devices are routers, and in this cased the wireless router and/or access point. ISPs will provide a wireless router and/or access point to their users with a strong hardware firewall set up because it is in their best interest not to allow attacks into their network either. If one is not provided by an ISP, there are many option available to buy that have the integrated functionality. Many routers today come integrated with not just a hardware firewall, but many other functions also. One of these other functions are WIPS and WIDS. These are wireless intrusion prevention systems and wireless intrusion detection systems. WIPS monitor the network for suspicious activity and can block it or stop it if necessary and report it to the user. WIDS monitors and notifies the user, so that the user can decide what should be done next. There are hardware WIPS/WIDS systems and there are also software WIPS/WIDS solutions and open-source solutions. Most home and mobile users do not use these systems, but businesses should always use them on their wireless networks(Chaskar, 2009). Another powerful device that all wireless users is a VPN. There is no good reason not to use a VPN because there are many open-source VPN software solutions to choose from. A VPN is quick and easy to use and creates a tunnel within the network that is hard for attackers to detect. Furthermore, a VPN takes the data packets before they are transmitted and puts those packets within another packet. This is called encapsulation and provides a secure environment for the packets to travel. Though it is important to note that no network is 100% secure ever! It only takes a minute to connect to VPN and it is well worth it(Moceri & Ruths, 2007). Another important device is anti-virus software. Every wireless device, even smartphones, should have an anti-virus program running all the time. There are very powerful paid programs and there are numerous free programs to choose from also. Best practices for anti-virus programs should be followed. The last device is not for the layperson as it can be very confusing. I suggest a network penetration and vulnerability scanner. There are many open-source scanners online to choose from. Using a scanner puts the user in the attackers seat for a little while. The user is basically trying to find the holes in the wireless network. When the user finds holes in the wireless network, a plan can be implemented to close those holes so a real attacker cannot enter through them. The rest of this paper will consist of best practices for securing wireless networks and will address defenses for the common wireless malicious attacks that were stated earlier. Password best practices are often overlooked, but just as important as many of the other practices. A strong password should be chosen with at least 8 characters and should include at least one special character and at least one capital letter. Change passwords every three months and do not use the same password on any other site. Passwords can be difficult to keep track of, but there are password managers that are open-source and very secure that can be downloaded to make it easier to handle. In smartphones, password locks should always be used. Any devices that have integrated biometric readers should be enabled. The next topic is best practices for authentication on wireless networks. Authentication deals with only allowing the proper users to enter the system. Whenever possible two-factor authentication should be used(Cooney, 2012). In businesses, two-factor authentication with concealed smart cards or flash drives and/or RADIUS should be used(Morgan, 2006). The next important wireless security best practice is encryption. If an attacker can see your transmitted data but cannot understand it then he cannot do anything malicious with it. That is the goal of encryption. Never use WEP encryption because a 5 year old can crack it. Instead use WPA2 with the AES method if possible. This gives the strongest encryption for any device(Mitchell, 2008). Another wireless security best practice is maintaining and updating devices and software properly. This includes staying maintaining and updating the operating system of the device. Maintaining and updating any software programs, such as anti-virus programs, firewalls, VPNs, and web browsers. This means every device, including smartphones. This is often overlooked on smartphones and leads to vulnerabilities. The next important wireless security best practice concerns routers and access points. The user needs to establish a connection with the router or access point. Once the connection is established, there are various things that need to be enabled, disabled and changed. The first thing is to shield the SSID. The SSID is used to identify the network. The default name, usually given by the user’s ISP, should be changed. Make sure all devices are calling on the new name of the network to connect properly. Make sure to change the SSID just as often as regular passwords are changed. Also, disable SSID broadcasting as that just invites an attacker to come take a look at the network. For small networks, users should use MAC address filtering to specify which devices are allowed and which are not allowed on the network. Last but not least, in a smaller network, disable DHCP so if an attacker is allowed into the network, they won’t be assigned an IP address by DHCP because it will be disabled(Shimonski, 2003). Investing a little bit of time to download and install a WIPS/WIDS and VPN open-source software solution can save a lot of headaches down the road. If a user often connects to hotspots or transmits personal data, then these can be life-savers. As far as rogue access points, the WIPS/WIDS solution will scan and monitor for malicious or suspicious activity and will also detect any rogue access points and let you know or automatically stop or block them. The VPN will provide a secure enough tunnel to transmit sensitive data through(Moceri & Ruths, 2007). In addition, if not using the wireless network for a period of time it is best to disable it. Most devices have a setting to connect automatically to a previously connected network. This setting should be checked to verify there are no automatic connections. When connecting to a hotspot, if a SSL certificate not valid warning pops up, do not accept it. Only use valid SSL certificate when on wireless hotspot networks(Preventing Fraud and, 2013). For all mobile devices, download and install apps to find and remotely wipe data if needed. It is LoJack for mobile devices and there are numerous free software downloads. There are many wireless security best practices. The preceding should cover the majority of the best practices involved in wireless network security. A few other important things to remember are properly configuring and enabling things such as firewalls and antivirus programs. Wireless security is a very important part of cybersecurity. Many users are not knowledgeable or do not understand how to implement wireless security best practices. For the sake of all users and all networks, this should change and more users should be educated on how to secure their information. According to Alcatel-Lucent, a global communications technology corporation, malware cases security breaches are on the rise on smartphone and mobile devices in 2013. As more consumers use mobile wireless devices more and more, attackers are more and more trying to find ways to exploit them(Alcatel-Lucent, 2013). Though no network, wired or wireless, is 100% secure, the best way to come as close as possible is to be educated in wireless security best practices and to implement each one of them whenever possible.
References
Alcatel-Lucent. (2013). Alcatel-Lucent reports rising cases of malware and breaches of cyber- security on broadband devices and smartphones. Retrieved from http://www3.alcatel- lucent.com/wps/portal/!ut/p/kcxml/04_Sj9SPykssy0xPLMnMz0vM0Y_QjzKLd4x3tXD UL8h2VAQAURh_Yw!!?LMSG_CABINET=Docs_and_Resource_Ctr&LMSG_CONT ENT_FILE=News_Releases_2013/News_Article_002879.xml.
Bradley, T. (2013). Fake AV and ransomware: Coming soon to an Android device near you. Retrieved from http://www.pcworld.com/article/2042693/fake-av-and-ransomware- coming-soon-to-an-android-device-near-you.html.
Chacos, B. (2013). Mobile security reality check: What you really need for protecting your phone. Retrieved from http://www.techhive.com/article/2038836/mobile-security-reality- check-what-you-really-need-for-protecting-your-phone.html.
Chaskar, H. (2009). Clarifying the WIDS/WIPS Jargon – Overlay, Integrated etc. Retrieved from http://blog.airtightnetworks.com/clarifying-the-widswips-jargon-overlay-integrated-etc.
Cooney, M. (2012). 10 common mobile security problems to attack. Retrieved from http://www.pcworld.com/article/2010278/10-common-mobile-security-problems-to- attack.html.
Coustan, D. & Strickland, J. (2001). How Smartphones Work. Retrieved from http://electronics.howstuffworks.com/smartphone.htm.
Etter, A. (2002). A Guide to Wardriving and Detecting Wardrivers. Retrieved from http://www.sans.org/reading-room/whitepapers/wireless/guide-wardriving-detecting- wardrivers-174?show=guide-wardriving-detecting-wardrivers-174&cat=wireless.
Freudenrich, C. & Carmack, C. (2003). How PDAs Work. Retrieved from http://electronics.howstuffworks.com/gadgets/travel/pda.htm.
Gonsalves, A. (2012). Android malware variant pretends to be a security app. Retrieved from http://www.techhive.com/article/2013535/android-malware-variant-pretends-to-be-a- security-app.html.
Kunzler, G. (2012). FBI Issues Official Warning to Users About Android Malware. Retrieved from http://www.mactrast.com/2012/10/fbi-warns-that-android-phones-are-havens-for- malware.
Man-in-the-middle attack. (2009). Open Web Application Security Project (OWASP). Retrieved from https://www.owasp.org/index.php/Man-in-the-middle_attack.
Mitchell, B. (2008). AES vs TKIP for Wireless Encryption. Retrieved from http://compnetworking.about.com/b/2008/08/21/aes-vs-tkip-for-wireless-encryption.htm.
Moceri, P. & Ruths, T. (2007). Cafe Cracks: Attacks on Unsecured Wireless Networks. Washington University in St. Louis. Department of Computer Science & Engineering. Retrieved from http://www1.cse .wustl.edu/~jain/index.html.
Morgan, B. (2006). Wireless Authentication Solutions. Retrieved from http://www.windowsecurity.com/whitepapers/Wireless_Security/Wireless- Authentication-Solutions.html.
Morgan, B. (2006). Wireless Cracking Tools. Retrieved from http://www.windowsecurity.com/whitepapers/Wireless_Security/Wireless-Cracking- Tools.html.
Preventing Fraud and Identity Theft Wi-Fi Hacking and Hotspot Dangers. (2013). City of San Diego Police Department. Retrieved from http://www.sandiego.gov/police/services/prevention/tips/fraud/wifi.shtml.
Reisinger, D. (2013). Mobile Malware Threats Getting Steadily Worse. Retrieved from http://www.cioinsight.com/security/slideshows/mobile-malware-threats-getting-steadily- worse-10.
Ribeiro, J. (2013). Tumblr tells users to change passwords, patches security hole in iOS apps. Retrieved from http://www.pcworld.com/article/2044515/tumblr-tells-users-to-change- passwords-patches-security-hole-in-ios-apps.html.
Shimonski, R. (2003). Wireless Attacks Primer. Retrieved from http://netsecurity.about.com/od/secureyourwifinetwork/a/aa081604.htm.
Schwartz, M. (2011). Wardriving Burglars Hacked Business Wi-Fi Networks. Retrieved from http://www.informationweek.com/security/attacks/wardriving-burglars-hacked-business- wi-f/231602047.
Strickland, J. (2011). How Tablets Work. Retrieved from http://computer.howstuffworks.com/tablets/tablet.htm.
TechRadar. (2013). Best tablets 2013: our top 10 ranking. Retrieved from http://www.techradar.com/us/news/mobile-computing/tablets/10-best-tablet-pcs-in-the- world-today-1079603.
TOI Tech. (2013). 10 biggest mobile phone makers globally. Retrieved from http://timesofindia.indiatimes.com/tech/slideshow/10-biggest-mobile-phone-makers- globally/itslideshow/21858976.cms.
Tyson, J. (2000). How Firewalls Work. Retrieved from http://computer.howstuffworks.com/firewall.htm.