Security of wireless networks

avatar
Created by
Livi

Cards (11)

  • Wireless signals can be intercepted more easily than wired signals as you don't have to be physically connected to the network, you can simply be in range. As well as standard network security measures, there is an additional range of techniques that can be used on wireless networks.
  • Wireless signals
    Can be intercepted more easily than wired signals
    View source
  • You don't have to be physically connected to the network to intercept wireless signals, you can simply be in range
    View source
  • WiFi signals can be encrypted using
    • WEP
    • WPA
    • WPA2
    View source
  • WEP (Wired Equivalent Privacy)
    • Designed to have the same security as a wired network
    • Uses a symmetric encryption algorithm, meaning the same key is used to encrypt and decrypt data
    • Sufficient as the first line of defence, but has weaknesses: WEP keys are often too short and used for too long, making them easier to decipher and more accessible
    • Easy to copy authentication messages, which contain the identity of the sender and receiver
    View source
  • WPA (WiFi Protected Access)

    • Created as a temporary improvement to WEP
    • Introduced key management, which generates a new encryption key for each data packet
    • Larger keys also make the encrypted messages more challenging to decrypt for potential intruders
    View source
  • WPA2
    • An improvement on WPA that provides an even stronger encryption algorithm
    • Each message is encrypted several times, depending on the key size
    View source
  • Wireless networks that you connect to need to be differentiated. This is done by the use of a service set identifier (SSID). An SSID is a string of alphanumeric characters that is specified during the setup of wireless devices. These characters are case sensitive and can use spaces and underscores to further differentiate from other names.
  • When a device wants to communicate with other devices on that network, it joins using the provided SSID. Without this it cannot join the same network and will not be able to communicate with the devices on it.
  • Usually, an SSID is broadcast for all to see. This allows devices to connect simply by browsing a list for the network they want to connect to. As an added security measure, SSIDs of network can be hidden from broadcast. This means that, to join a network, the exact SSID needs to be known and entered.
  • It should be noted that even hidden SSIDs can be found, so this is not a foolproof security measure and should be used alongside other security techniques, such as encryption and authentication. Many users fall into this trap and don’t understand that this is a very simple security loophole to bypass.