 | CISCO GBIC & SFP We also have the following Cables & Fibers: ---------------------------------------------------- usb gateway:usb-202 forward skype to.. 1. make and receive PSTN call using your normal phone 2. make and receive VoIP call using your.. |  |
|---|
(Redirected from Wireless LAN Security)
It has been suggested that this article or section be merged into Wireless security. (Discuss)
One issue with corporate wireless networks in general, and WLANs in particular, involves the need for security. Many early access points could not discern whether or not a particular user had authorization to access the network. Although this problem reflects issues that have long troubled many types of wired networks (it has been possible in the past for individuals to plug computers into randomly available Ethernet jacks and get access to a local network), this did not usually pose a significant problem, since many organizations had reasonably good physical security. However, the fact that radio signals bleed outside of buildings and across property lines makes physical security largely irrelevant to Piggybackers. Such corporate issues are covered in wireless security.
Contents
1 Concerns
2 Security options
2.1 Access Control at the Access Point level
2.2 Restricted access networks
2.3 End-to-End encryption
3 Open Access Points
4 Related publications
5 See also
6 References
7 External links
//
Concerns
Anyone within the geographical network range of an open, unencrypted wireless network can 'sniff' the traffic, gain unauthorized access to internal network resources as well as to the internet, and then possibly sending spam or doing other illegal actions using the wireless network's IP address, all of which are rare for home routers but may be significant concerns for office networks.
If router security is not activated or if the owner deactivates it for convenience, it creates a free hotspot. Since most 21st century laptop PCs have wireless networking built in (cf. Intel 'Centrino' technology), they don't need a third-party adapter such as a PCMCIA Card or USB dongle. Built in wireless networking might be enabled by default, without the owner realizing it, thus broadcasting the laptop's accessibility to any computer nearby.
Modern operating systems such as Mac OS, or Microsoft Windows make it fairly easy to set up a PC as a wireless LAN 'base station' using Internet Connection Sharing, thus allowing all the PCs in the home to access the Internet via the 'base' PC. However, lack of knowledge about the security issues in setting up such systems often means that someone nearby may also use the connection. Such "piggybacking" is usually achieved without the wireless network operators knowledge; it may even be without the knowledge of the intruding user if their computer automatically selects a nearby unsecured wireless network to use as an access point.
Security options
There are three principal ways to secure a wireless network.
For closed networks (like home users and organizations) the most common way is to configure access restrictions in the access points. Those restrictions may include encryption and checks on MAC address.
For commercial providers, hotspots, and large organizations, the preferred solution is often to have an open and unencrypted, but completely isolated wireless network. The users will at first have no access to the Internet nor to any local network resources. Commercial providers usually forward all web traffic to a captive portal which provides for payment and/or authorization. Another solution is to require the users to connect securely to a privileged network using VPN.
Wireless networks are little more secure than wired ones; in many offices intruders can easily visit and hook up their own computer to the wired network without problems, gaining access to the network, and it's also often possible for remote intruders to gain access to the network through backdoors like Back Orifice. One general solution may be end-to-end encryption, with independent authentication on all resources that shouldn't be available to the public.
Access Control at the Access Point level
One of the simplest techniques is to only allow access from known, approved MAC addresses. However, this approach gives no security against sniffing, and client devices can easily spoof MAC addresses, leading to the need for more advanced security measures.
Another very simple technique is to have a secret ESSID (id/name of the wireless network), though anyone who studies the method will be able to sniff the ESSID.
Today all (or almost all) access points incorporate Wired Equivalent Privacy (WEP) encryption and most wireless routers are sold with WEP turned on. However, security analysts have criticized WEP's inadequacies, and the U.S. FBI has demonstrated the ability to break WEP protection in only three minutes using tools available to the general public (see aircrack).
The Wi-Fi Protected Access (WPA and WPA2) security protocols were later created to address these problems. If a weak...(and so on)
 | usb gateway:usb-202 forward skype to.. 1. make and receive PSTN call using your normal phone 2. make and receive VoIP call using your.. |
|---|
You can also see some feature products :
gsm gprs module Disk On Module GPS GPRS Module Gigabit Ethernet Hub Transmission Control Module LCD Graphic Module CNC Wood Router Digital Camera Module fiber optic module cisco sfp gbic Camera IP Network broadband internet router wlan usb dongle internet wireless card GPRS Wireless Card SFP Mini GBIC Managed Gigabit Switch broadband wireless router motor wheel hub LCD TFT Module Mini USB Hub
