Security of wireless networks

    avatar
    Created by
    Livi

    Cards (11)

    • Wireless signals can be intercepted more easily than wired signals as you don't have to be physically connected to the network, you can simply be in range. As well as standard network security measures, there is an additional range of techniques that can be used on wireless networks.
    • Wireless signals
      Can be intercepted more easily than wired signals
      View source
    • You don't have to be physically connected to the network to intercept wireless signals, you can simply be in range
      View source
    • WiFi signals can be encrypted using
      • WEP
      • WPA
      • WPA2
      View source
    • WEP (Wired Equivalent Privacy)
      • Designed to have the same security as a wired network
      • Uses a symmetric encryption algorithm, meaning the same key is used to encrypt and decrypt data
      • Sufficient as the first line of defence, but has weaknesses: WEP keys are often too short and used for too long, making them easier to decipher and more accessible
      • Easy to copy authentication messages, which contain the identity of the sender and receiver
      View source
    • WPA (WiFi Protected Access)

      • Created as a temporary improvement to WEP
      • Introduced key management, which generates a new encryption key for each data packet
      • Larger keys also make the encrypted messages more challenging to decrypt for potential intruders
      View source
    • WPA2
      • An improvement on WPA that provides an even stronger encryption algorithm
      • Each message is encrypted several times, depending on the key size
      View source
    • Wireless networks that you connect to need to be differentiated. This is done by the use of a service set identifier (SSID). An SSID is a string of alphanumeric characters that is specified during the setup of wireless devices. These characters are case sensitive and can use spaces and underscores to further differentiate from other names.
    • When a device wants to communicate with other devices on that network, it joins using the provided SSID. Without this it cannot join the same network and will not be able to communicate with the devices on it.
    • Usually, an SSID is broadcast for all to see. This allows devices to connect simply by browsing a list for the network they want to connect to. As an added security measure, SSIDs of network can be hidden from broadcast. This means that, to join a network, the exact SSID needs to be known and entered.
    • It should be noted that even hidden SSIDs can be found, so this is not a foolproof security measure and should be used alongside other security techniques, such as encryption and authentication. Many users fall into this trap and don’t understand that this is a very simple security loophole to bypass.
    See similar decks