Document not found! Please try again

investigation into ieee 802.11 security issues affecting

0 downloads 0 Views 435KB Size Report
June 1 - 3, 2011 Vancouver, BC, Canada. Wireless Communications (WC 2011) ..... The 32-bit WEP keys were manually managed. Breaking 802.11's security is ...
Proceedings of the IASTED International Conference Wireless Communications (WC 2011) June 1 - 3, 2011 Vancouver, BC, Canada

INVESTIGATION INTO IEEE 802.11 SECURITY ISSUES AFFECTING WIRELESS NETWORKS Albert K. Ansah1, Thomas Kwantwi2, Agangiba W. Akotam3 University of Mines and Technology Computer Science and Engineering Department P. O. Box 237, Tarkwa-Ghana [email protected] different from wired technology because the connection is made by radio waves. To connect to a wired network, you need wires and permissions sometimes from the network administrator. For a wireless connection you can be located anywhere you receive the signal from the network. Connection to network wirelessly requires devices that are capable of sending and receiving data. A wireless network can be accessed from anywhere within a coverage area. Indeed, security is always a big issue when it comes to implementing a wireless Local Area Network (WLAN). [1][2][3][4][17] The principal aim for wireless deployment is to offer unswerving signal coverage and Security with decent performance for networks. Many organizations and also home users are turning to wireless Local Area Network technology simply to avoid having run network cables throughout the building. This makes wireless network installation and usage pretty flexible and portable. The 802.11 standard has turned out to be pretty common as a means to enhance or extend the traditional wired network. The wireless network widespread is unquestionably linked to its flexibility, cost effectiveness and augmented throughput compared to its wired network counterpart. Flexibility means, wireless users stay connected whiles working from a colleague’s desk and elsewhere within the Wi-Fi range. 802.11 let users’ access servers, printers, and other network resources regardless of their location, as long as they stay in the Wi-Fi range. Network security has always being a concern when deploying wireless networks. Network security is a broad topic and covers a multitude of sins. In a simplest form, Network Security is making sure that nosy people cannot gain access to read and modify data and messages intended for other people. Security is always a priority for people who administrator networks. The teething troubles in securing wired network are augmented with a wireless network. In wired networks, controlling access is very candid; that is if a user has physical access to a network hub or switch, he can use (or abuse) the network resources. Although software mechanisms are an important component of network security, denying physical access to network devices is the ultimate access control mechanism. In guileless term, allowing network access to trusted people secures the network and for that matter the network becomes trusted. The demand for wireless networking hardware has experienced extraordinary progression,

ABSTRACT Wireless networking is one of the exciting developments in the world of networking technology. After the introduction of IEEE 802.11 Ethernet standard, Wi-Fi has become the most widely adopted wireless networking type on the wireless network environment. Since wireless networking is easy to deploy and upgrade and with decent data rate available today at low cost, implementation of wireless networking is growing all over the place. Organizations and enterprises are switching from the traditional wired networks to wireless networking. Wireless can serve in many capacities, from a simple extension to a distribution point. One of the leading glitches with wireless networking is that, the wireless networking devices provide no security as they come out of their boxes. Considering the fact that wireless networks are built on a shared medium and data packets float through the air on radio waves, security cannot be overemphasized when dealing with wireless networking. It is arguable that many network users don’t have procedures when they deploy their WLAN for the first time. It is the dearth of procedures that help attackers get into any networks they want. This paper seeks to demystify the security issues of the IEEE 802.11 wireless standards. The paper goes on to address these security concerns and points out the method used to secure a wireless network. KEY WORDS IEEE 802.11 Standards, Wireless Communication, Wireless LAN, Wireless Security, Data Encryption

1. INTRODUCTION Today wireless is becoming the leader in communication choices among users. It is not anymore a backup solution for nomadic travellers but really a new mood naturally used everywhere even when the wired communications are possible. In some cases, the use of wireless networking is inevitable; whereby the buildings are being used as part of national heritage. In such cases, drilling through obstacles to lay the cabling is simply prohibited by law. Another case is offices positioned on opposite sides of a busy street, highway or office park. Wireless denotes the transmission of voice and data over radio waves. Wireless allows communication with networks without physical connection. Wireless technology is

DOI: 10.2316/P.2011.730-024

81

evolving quickly from newness to essential. This has compelled the Wi-Fi industry to come up with a prodigious standard that could offer up to about 600 Mbps connectivity speed such as in 802.11n standards.

security concerns is the prevalent use of 802.11 networks themselves. The demand for more bandwidth access and wireless LAN equipment has experienced a phenomenal growth in recent times. [7] The prices of 802.11b client adapters dwindled to almost the cost of 100BaseT Ethernet adapters after the introduction of 802.11g standard hardware into the market because of the prodigious advantage in terms of speed. The growing deployment of protocols from the Wi-Fi alliance is escalating the deployment of wireless networks. 802.11n protocol completely redefines Wi-Fi speed, ushering in a whole new level of network performance. This standard promises far greater bandwidth, better range, and reliable than its predecessors. Consumers are now taking advantage of the new electronic application such as VoIP telephony or video streaming that come with wireless N. As emerging Network Applications take hold in the enterprise, a growing number of consumers will come to view 802.11n standard not just as an enhancement to their existing network, but especially as a necessity. Pervasive 802.11n deployment will also accelerate the growth of the enterprise Voice over WLAN market to profit applications such as VoIP or video streaming. 802.11n standard is a good opportunity to increase productivity and mobility. The prevalent nature of wireless communications forces a network designer to re-evaluate some of the underlying principles of traditional network architectures thereby increasing security concerns.

[5][6][7][8][9][10]

Several organizations are now deploying Wireless Local Area Networks (WLANs) because of the benefit and flexibility that come with wireless networking. According to a 2003 NOP World research study, WLAN users connected to their corporate network 3.64 hours per day longer than their wired peers, thus increasing productivity by 27 percent. Through the flexibility of WLANs, not only does the productivity increased considerably, but also the response times are notably improved. The widespread of wireless LANs depends closely on the developed standards. The standardization, however, ensures the reliability and the compatibility of products from different equipment suppliers. One acute difference between Ethernet and wireless is that, wireless networks are built on a shared medium and therefore, makes wireless network more vulnerable to security threats if resilient security policies are not implemented. [1][2][7]

Another grave problem with wireless networks is that, its users are relatively anonymous. Anyone, with fair or malice thought, can sit in any wireless available coverage with a simple laptop and connect to the network. While your access point range may be seemed to be just a couple of hundred meters, a user with a high gain antenna may be able to make use of the network even from several blocks afar. Networks are targeted for various reasons by exploring security vulnerabilities to gain access and wireless networks are on the high risk. To access a wireless network, a hacker only has to be in the proximity of the wireless network range, often without even having to enter the building of the potential victim. Systems are targeted because of the information they contain or some specific resources. The reasons for the network attack could be financial, political, personal, or merely convenience due to location or ease of access. The attack can be simple scripted or well-thought-out and orchestrated. [1][2][7]

[4][5][7][9][10]

Network Security is concerned with people trying to access remote services that they are not authorized to. It also deals with the snags of legitimate messages being captured and replayed, and with people trying to deny that they sent certain messages. If an unauthorized user is detected, practically, it is impossible to merely trace back to the user. A reprehensible user who gains access to a wireless network can log all network data on disk and later use it to launch a more sophisticated attack against the network. Most often attackers may not be interested in data you send over the air, they just want to use your bandwidth to surf on the Internet or for nefarious uses. For enterprise networks, if attackers had accessed to them, they can effectuate malicious operations under the enterprise’s name. It is reasonably not enough to assume that radio waves just stop at the edge of your property line. This calls for an enormous fear regarding wireless network security. Security problems are deliberately caused mostly by malicious people trying to gain some benefit, get attention, or to mischief someone. The table below shows a couple of the most common perpetrators of networks. It is conspicuous from the table that making a network secure could involve a lot more than simply keeping the network from programming slips. It involves outwitting often clever or intelligent, enthusiastic, devoted and every so often well-funded adversaries. It should be clear, however, that measures that thwart casual antagonists would have little impact on the staid ones.

2. BACKGROUND The term 802.11 wireless network is often used rather than 802.11 LAN. This particular technology thaws the margin between local and wide area connectivity; 802.11b standard point-to-point links can reach beyond 50 miles, thus becoming wireless wide area network connections when used as a last mile data delivery solution by wireless long range links between offices. Thus the use of 802.11 technologies is considered very necessary for Local Area Networks (LANs) and Wide Area Networks (WANs) and therefore will always have different security requirements and approaches. One of the major reasons for increasing security concerns and attentiveness is the widespread area of 802.11 network coverage precincts. An attacker can position himself where no one expects and stay well away from the network's physical premises. Another reason for

82

designed with this fact in mind. [10][11][12]

Therefore security systems should consequently be

Table 1: People who cause Security problems and why? Source: Computer Networks Source: Computer Networks

Adversary Accountant Businessman Con man Cracker Ex-employee Sales Rep Spy Stockbroker Student Terrorist

Goal To embezzle money from a company To discover a competitor’s strategic marketing plan To steal credit card numbers for sale To test out someone’s security system; steal data To get revenge for being fired To claim to represent all of Europe, not just Andorra To learn an enemy’s military or industrial secrets To deny a promise made to a customer by e-mail To have fun snooping on people’s e-mail To seal germ warfare secrets Eavesdropping is one of the activities used to gather packets using a wireless sniffer such as Ethereal. Nothing can be done to prevent this activity apart from encrypting the network with encryption standard such as WEP or WPA. Now war drivers, hackers or crackers and employees are the three main categories of threat that lead to unauthorized access. Hacker originally meant someone who probes deeply into computer system to understand the structure and complexity of the system, but today, it has come to mean malicious intruders who always exploit weak security measures. Wireless devices often than not come WLAN-ready with default settings and can be installed and used with little or no user configuration leaving client authentication open. Tools such as wireless sniffers which have legitimate purpose are used by network engineers to capture packet for system debugging and intruders can use the same tools to exploit security weakness. [9][13][14][15] A rogue access point could be configured with correct security settings to capture data in a WLAN and also to provide unauthorized users with information such as MAC addresses of clients and to gain access to servers. A typical example of a rogue access point is one installed by employees which are intended for home use on the business network without authorization. These access points end up with security holes because they do not have necessary security configuration. The man-in-themiddle (MITM) attack is one of the sophisticated attacks an unauthorized person can make by positioning himself logically between a selected host as target and the router or gateway. Whiles an attacker needs a physical access to a wired LAN to plant his device logically, he uses the radio waves emitted by access point to provide connection in a WLAN. NIC cards only accept traffic meant for it but attackers have special software to modify NIC cards to accept all traffic and therefore can carry out wireless MITM attacks using a NIC as an access point. The entire network segment can be monitored by an attacker and wreak havoc on any user connected to it. [9][13][14][15] MITM attack defeat depends on how sophisticated the WLAN infrastructure is and vigilance in monitoring activities on the network. This process commences with identifying legitimate devices on the WLAN. This is done

Astonishingly, it is easy to design a system that is cogently downright secure by using Virtual Private Network (VPN) and firewalls. However, leaks like a sieve can occur if couple of the machines is wireless and use radio communication, which passes over the firewall in both directions. 802.11 wireless networks coverage is often a few hundred meters, so a mole can park within employees’ car park, and leave an 802.11-enabled notebook computer in the car to record any information available. In theory, leakages like this should not happen. Most of the security glitches can be marked out to the wireless access point manufacturers in a bid to trying to make their merchandise user friendly. Usually, the wireless device begins operating immediately with no security at all after connecting to a power source, divulging secrets to anyone within radio range. Ethernet traffic precipitously becomes available once connected to Ethernet network. It therefore, goes without saying that security is even more important for wireless systems than for wired ones (Tanenbaum, 2003). [8][11][12] 3. WIRELESS SECURITY THREATS Wi-Fi networks are still subject to malicious threats regardless several measures taken by IT professionals. The first dangers for wireless LAN are problems with the standard overall design. The Wi-Fi, releasing new standards has reused the same security tools from the previous standards. Network administrators’ top priority is always security. There are always difficulties in keeping a wireless network secured. To connect to a wired network, one needs wires and permissions from the network administrator. For a wireless connection the same person should only be located anywhere there is signal from the network and do malicious things as those attacks. A WLAN is open to anyone within range of an access point and an appropriate credential to associate it. An attacker need not have to physically enter the premises to gain access to a WLAN but with a wireless network interface card NIC and knowledge of cracking techniques. Security concerns are more significant with business networks because the backbone of business rest on the protection of its information. Security breaches can lead to serious repercussions. [10]

83

by authenticating every user on the WLAN. After knowing all legitimate users, the focus is then moved to monitoring the devices and traffic that is not supposed to be there. The state-of-the-art WLAN devices provide administrators with tools that work together as a wireless intrusion prevention system (IPS). Some of the tools are scanners that identify rogue access point and ad-hoc networks and radio resource management (RRM) which monitors the RF band for activity and access point load. 802.11b/g/n WLANS use the unlicensed 2.4 GHz ISM band which is used by most wireless consumer products. These devices can throng the RF band. An attacker can create noise on all channels in the band with commonly available device therefore creating a denial of service (DoS) attack. Attacker using a computer NIC as access point can flood the base service station (BSS) with clearto-send (CTS) messages, which rout carrier sense multiple access/collision avoidance (CSMA/CA) function by the station which in turn causes DoS. [9][13[14][15][17]

could still be attacked even if users have discrete key, because keys are usually stable for quite some period, though, the WEP standard recommend that keys be changed on every packet to avoid key stream reuse attack. Despite the increasing popularity of 802.11 networks, hardly anyone used WEP. The flaws of WEP shared keys encryption were two-fold; firstly, the algorithm used to encrypt the data was crackable and secondly, the problem of scalability. The 32-bit WEP keys were manually managed. Breaking 802.11's security is fairly straightforward. [4][7][8][12][13] Following the feebleness of WEP-based security, there was a period of interim security measures. Cisco as vendor trying to meet the demand for healthier security came up with their own systems and at the same time assisting to develop the 802.11i standard. The TKIP encryption algorithm was born whiles developing the 802.11i standard. This was linked to the Wi-Fi Alliance WiFi Protected Access (WPA) security mode. The initial WPA 1.0 was a nonstandard protocol stack. The WAP forum later came up with WAP 2.0 which largely used standard protocol in all layers. This standard is IP based and therefore supports full use of IPsec in the network layer. With WAP 2.0, TCP connections are protected by Transport Layer Security (TLS) in the transport layer. TLS, a successor of Secure Sockets Layer (SSL) is a cryptographic protocol developed by Internet Engineering Task Force (IETF) that provides communication security over the Internet. In today’s wireless networks, the standard that should be widely followed is the 802.11i which is similar to the WPA2 standard. Most enterprises use WPA2 which includes a connection to a Remote Authentication Dial In User Service (RADIUS) database.

4. METHODS 802.11 protocols unleashed a data link-level security protocol; Wired Equivalent Privacy (WEP), designed to make the security of a wireless LAN as decent as its counterpart wired LAN. It is an 802.11’s optional encryption standard implemented in the MAC layer that most radio network interface card and access point vendors support. Once 802.11 security is enabled, secret keys are shared with the base station (access point) by each node. The distribution of the keys, however, is not specified by the standard. WEP encryption uses a stream cipher based on the RC4 algorithm designed by Ronald Rivest and it was kept secret until it leaked out and was posted on the Internet in 1994 (Tanenbaum, 2003). This approach looked good initially until a method for breaking it was published (Borisov et al., 2001). Many installations use the same shared key for all users, which means that each user can read all other users’ traffic. WEP

[7][9][12][13][14][15][16]

The table below shows the prime stepping stones to secure WLAN.

Table 2: Prime Stepping Stones to Secure WLAN

SSID No encryption Basic authentication

First Generation Encryption WEP No strong authentication Static breakable keys

Not a security handle

Not scalable

Open Access

Interim WPA Standardized Improved encryption Strong user based authentication

Present 802.11i/WAP2 AES Encryption Authentication: 802.1x Dynamic key management [14][15]

In home networks, which are an example of an open network, association is all that may be required to grant access to client devices and services on the WLAN. A login or an additional authentication may be required to grant access to clients in a stricter security network. The Extensible Authentication Protocol (EAP) manages the login process. EAP is a framework for authenticating network access. Organizations used MAC filtering without broadcasting SSIDs in a bid to securing their WLAN before the inception of 802.11i (WPA2) or even

WPA. MAC filtering today is just fooled because software are available that could be used to modify MAC addresses of wireless adapters. MAC filtering can still be used with additional security such as WPA2. Though, an access point may not be broadcasting SSID, the back and forth traffic between the client and the access point could eventually reveal the SSID. An attacker who may be monitoring such a wireless network or RF band could sniff the SSID which is sent in plain text. Some organizations turn off SSID broadcasting under their

84

security policy due to the ease of SSID discovery but this idea of securing the WLAN with MAC filtering could lead to a completely insecure WLAN. Now, port- based

access control such as WPA2 is the best way to ensure the end users that are supposed to be on the WLAN.

Security

[7][9][13][14][15][16]

1997 – 2002

2003 – 2003

2004 – date

Time Fig 1: Wireless Security Strength over years

802.11i specified two enterprise-level of encryption mechanisms which was certified as WPA and WPA2 by the WiFi Alliance. These are Temporary Key Integrity Protocol (TKIP), which is certified as WPA which addresses the original flaws concomitant with 802.11 WEP encryption method making use of the original encryption algorithm used by WEP and Advanced Encryption Standard (AES) notably IEEE 802.11i, which brings the WLAN encryption standards into alignment with broader Information Technology industry standards and best practices . AES is much preferred to TKIP even though; TKIP addresses all the known weakness of WEP. TKIP performs two primary functions; it encrypts Layer 2 payload and carries out message integrity check (MIC) in the encrypted packet. This goes a long way to ensure that messages are not tampered with. The functions of both AES and TKIP are practically the same except that AES adds a sequence number to an encrypted data header and also uses additional data from MAC header that allows destination host to recognize if non-encrypted bits have been tampered with. Some wireless routers or access points may specify WPA as pre-shared key (PSK) or PSK2 with TKIP and WPA2 as PSK or PSK2 with AES. PSK2 without an encryption method specified refers to WPA2. The concept of depth is having multiple solutions by adding extra security to a WLAN. Depth can be added to a WLAN by implementing three-step approach; SSID cloaking, i.e. disabling SSID broadcasts from access point, MAC address filtering i.e. creating a table in the access point to either allow or deny clients based on the physical address of the adapter and WLAN security implementation i.e. WPA or WPA2. SSID cloaking and MAC address filtering are both not considered as a valid means of securing a WLAN because, MAC filtering are

easily spoofed and SSID are easily discovered whether or not access point broadcast them. [7][9][13][14][15][16] Air Magnet wireless LAN analyzer is useful software that administrators could use to monitor wireless LAN for increased reliability. It supports monitoring both 20 MHz and 40 MHz channels. This software has the ability to detect and identify the use of various sniffing tools such as Network Stumbler and indicate any unauthorized user attempting to access the network and also detect security vulnerabilities. Today every wireless user must secure their wireless with WPA or WPA2 encryption. It is quite a difficult process to put in place as is being reckoned, and users tend to leave their networks less secure just because of the complexity of the procedure. Wi-Fi Protected Setup is an optional certification program developed by Wi-Fi Alliance to ease set up of security enables Wi-Fi networks. WPS give end users of WLAN a more standardized way to enable security features in their network and additional devices can easily be added to the network. WPS features two wizard applications; pushing a button and pin methods. Wireless routers especially 802.11n routers come with a unique 4 or 8 digit pin required for each device to get connected on the network. A fixed PIN label is placed on the device which is used to confirm the connection of intended devices. For increased security, it also uses WPS to encrypt data and authenticate each device on the network. Administrators can enable data encryption using WPS by pushing a button physically on the access point and other devices wanting to connect with software-based button known as Push Button Configuration (PBC). The table below summarizes the process used to secure a WLAN under WiFi protected [7][9]13][14][15] setup method and the process.

85

Table 3: WPS Methods Procedure

Legacy Process 1. Power-on Access Point 2. Set network name (SSID) 3. Activate security 4. Set passphrase 5. Power-on client 6. Select network name (SSID) 7. Enter passphrase

Wi-Fi Protected Setup PIN Method 1. Power-on Access Point/Register 2. Power-on client device Network name generated automatically and broadcast to client devices 3. Access register 4. Enter PIN

Fig 2: SMC 802.11 n Pin method interface for WPS

Wi-Fi Protected Setup Push-Button Method 1. Power-on Access Point 2. Power-on client device Network name generated automatically and broadcast to client devices 3. Push button on Access Point 4. Push button on client device

Fig 3: SMC 803.11 router: PBC method interface for WPS

connected with a cable RJ45 to the router. Routers effectively possess a default password and an SSID interface where admins can design and increase the level of security. The routers both support WPA in both enterprise and pre-shared keys mode and WPA2/802.1X. Figure 4 below show SMC 802.11n WPA/802.1X interface.

5. DESIGN Two simulations were performed with both 802.11g (MicraDigital) and 802.11n (SMC) routers with three (3) laptops, One (1) desktop and an access point to form two wireless LANs in a bid to investigating the security of 802.11 standards. The laptops were connected wirelessly to the routers and the desktop was the only device

Fig 4: SMC 802.11n WPA Interface

The aims of the simulation are to look at encryption method or SSID using ‘War diving’ as explained above and investigate the security of 802.11 devices. The simulation was performed in two areas; Canary Wharf in East London where there are several organizations such as financial institutions and Greenwich; a touristic area in South East London. These places were chosen to investigate the security vulnerabilities that could be

potentially found on the WLANs available in such important areas. The software used is Network Stumbler or Netstumbler version 0.4.0 which can be downloaded free from www.netstumbler.com. The software enabled me to sniff several access points and monitor broadcast and record information such as service set identifier (SSID), MAC addresses, broadcast channel and network types i.e. peer-to-peer or access point.

86

Fig 5: Netstumbler Interface

terms of the networks found with both the secured and unsecured.

6. RESULT ANALYSIS The following table shows the outcome of the simulation in

Table 4: Site Survey Results: July 2009

Location

Samples

Canary Wharf 125 32 23 30 40

Number of Networks found Number of unsecure networks Number of secured networks with WEP Number of secured networks with WPA Number of secured networks with WPA2 The results above show that about a quarter of the Access Points (AP) in both areas is unsecured. This may be due to the fact that most of the network managers and users are not implementing security as default during APs installation. It is so amazing that a quarter of APs in a sensitive place like Canary Wharf where information may be sensitive with massive financial institutions is

Greenwich 62 15 20 8 19

unsecured, therefore a malicious person with good hacking skills can get into those enterprise networks and cause havoc. It is seen that enterprises encrypt their data more than other environments. However, I could not investigate whether the security method is 128-bit or 64bit encryption for the WEP and for the WPA, whether is a pre-shared key or 802.1x

Fig 6: Graphical Presentation of Table 4: Site Survey Result: July 2009

I again sniffed my own area which showed my wireless N AP named clifton (figure below), encrypted with WEP with a serious security vulnerability revealing my subnet information. The subnet information could be very

interesting for an attacker because it could be used to guess my default gateway and for that mather access my network.

Fig 7: Netstumbler interface showing Subnet Information

87

An astonishing revelation I found is that, security encryption of my SMC wireless N access point was having an effect on the throughput with increasing distance in a mixed mode i.e. combination of 802.11 standards. The table below shows average sample measurements taken over five (5) weeks between

01/07/09 – 03/08/09 depicting how the throughput drops with highest encryption and increasing distance both downlink and uplink. The WEP showed the lowest throughput and this could be the fact manufacturers want to force wireless users to go for higher encryption methods.

Table 5: 802.11N throughput in mixed mode with different encryption methods in Mbps

Distance from AP Location 1: 10 feet Location 2: 30 feet Location 3: 200 feet

Encryption Method (Downlink) WEP 128 WPA/TKIP WPA2/AES 0.1421 0.4541 0.6845 0.0156 0.131 0.0423 0.00368 0.00514 0.0126

Encryption Method (Uplink) WEP 128 WPA/TKIP WPA2/AES 0.00545 0.00796 0.0165 0.001785 0.00463 0.00137 0.0004 0.0012 0.00019

http://www.wired.com/gadgetlab/2009/08/wi-fi-standard/ 2009: (accessed 12 October 2010 1620) [6] Heimann, J. Oracle Software Security Assurance Process. [Online] Available from: http://www.oracle.com/us/technologies/security/softwaresecurity-assurance-wp-150395.pdf 2007: (accessed 28 October 2010 1130) [7] Meyers, M. CompTIA Network+. 4th Ed. McGraw Hill, USA, 2009: 504, 513-520 [8] Flickenger, R. Wireless Networking. 2nd Ed. Hacker Friendly LLC, USA, 2007: 157-167 [9] Benton, K. (2010) The Evolution of 802.11 Wireless Security. [Online] Available from: http://itffroc.org/pubs/benton_wireless.pdf: 2010: (accessed 30 December 2010 1630) [10] Lehtinen, R., Russell D. and Gangemi, G. T. Sr. Computer Security Basics, 2nd Ed. O’Reilly Media, Inc., USA, 2006: 15-25, 21-39, 262-295 [11] McCabe, J. D. Network Analysis, Architecture, and Design. 3rd Ed. Morgan Kaufmann, USA, 2007: 85, 225, 367, 371, 373 [12] Tanenbaum, A. S. Computer Networks, 4th Ed. Prentice Hall, New Jersey, 2003: 300-350 [13] Security of the WEP algorithm. [Online] Available from: http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html 2010: (accessed 03 December 2010 2041) [14] Transport Layer Security. [Online] Available from: http://en.wikipedia.org/wiki/Transport_Layer_Security 2010: (accessed 28 December 2010 2105) [15] Wireless LAN Security. [Online] Available from: http://en.wikipedia.org/wiki/Wireless_encryption 2010: (accessed 29 December 2010 1155) [16] Martyn, M. Mobile and Wireless Design Essentials, Wiley Publishing, Inc., Indianapolis, India, 2003: 31-63, 122-148 [17] Bosworth, S. and Kabay, M. E. Computer Security Handbook. 4th Ed. John Wiley and Son, Inc, New York, 2002: 35, 178, 203, 255-258, 262-280

7. CONCLUSION In conclusion, I will say that wireless networks are more vulnerable than its wired counterpart therefore Network Designers and Administrators are to take securities as top priority. Since wireless APs comes ready once it is out of the box, WLAN administrators must ensure that the strongest security protocol such as WPA or WPA2 is deployed to prevent activities like eavesdropping, war drivers etc. if possible, WLAN admins should adopt the Wi-Fi Protected Setup (WPS) program from Wi-Fi Alliance to ease setting up security on their Wi-Fi networks since it give a more standardize way to enable security features and also extra devices could be easily added. Enterprises should employ some of the state-ofthe-art WLAN devices tools that work with wireless intrusion prevention system to identify rogue access points and ad-hoc networks and radio resource management which could pose a serious treats to their WLANs. WLAN admins should legitimately identify all devices on the network to defeat any man-in-the-middle attack and also authenticate every user on the wireless network. REFERENCES [1] 802.11n Speed. [Online] Available from: http://80211n.com/80211n-speed.html 2010: (accessed 28 October 2010 1002) [2] Schiller, J. H. Mobile Communications. 2nd Ed. AddisonWesley, England, 2003: 201-204, 207, 231-232 [3] Labiod, H., Afifi, H. and Santis, C. DE. Springer, Netherlands, 2007:1 [4] Vladimirov, A. A., Gavrilenko, K. V. and Mikhailovsky, A. A. Wi-Foo. Addison Wesley, England, 2004: 1-8 [5] New Wi-Fi Standard Promises Blazing Fast Data Speeds. [Online] Available from:

88