>

From the airport, to the coffee shop, to the library, to your next door neighbor, wireless networks are all around us; therefore, wireless security is a serious concern.There are historical weaknesses in security protocols, because intruders no longer need to be inside a building to attack an internal network.

A wireless network is still a network, however, and with a few exceptions maps well to the Ethernet and OSI models.

Hardware Requirements
While most Ethernet cards are capable of packet sniffing in promiscuous mode, many wireless chipsets cannot use monitor mode, which is the wireless equivalent of promiscuous mode. Complicating the situation is that wireless card manufacturers do not generally list the chipset that they use in a readily available form.Also, chipsets can vary within model families. It is best to select the software you want to use, and then identify which chipsets and specific manufacturer’s model numbers work best with the specific drivers necessary for the software to function.

Here are some general guidelines on chipset compatibility:
Atheros
This chipset is compatible with most software and widely available in a number of adapters.

Prism2
This chipset is one of the most capable used with the Host AP drivers. Not only is it supported by most software, it can also run in an AP mode.

Orinoco
One of the first chipsets that supported monitor mode. Supported by most software. Cannot receive 802.11g traffic.

Broadcom
There is no native support in Linux for this chipset. With included drivers, tools such as Kismet do not function with it.You may be able to use Windows drivers through a Network Driver Interface Specification (NDIS) compatibility wrapper such as the commercial DriverLoader, which can be downloaded from www.linuxant.com/driverloader.

A few years ago deploying a secure wireless network was a real challenge. The closest thing to a standard you could hope to use was some sort of dynamically keyed WEP scheme. If that wasn’t enough (and it probably wasn’t), then you had to go to a totally proprietary solution. These solutions offered much higher levels of protection, but at the price of total vendor dependence and a dubious upgrade path to standards compliance.

Today things are much easier; the proliferation of WPA support across all modern wireless devices and operating systems makes deploying a secure wireless network straightforward. Home users can simply use WPA-PSK, while businesses and other large organizations can use a RADIUS server and get strong, upgradeable authentication with dynamic key generation.

This chapter covers details of the various authentication and encryption schemes possible on 802.11 networks. Many aspects of WEP and its various band-aid solutions are covered. If you are securing a network with WPA, you can safely ignore all the perils and information associated with WEP and move straight into the section on WPA.

Techniques to secure your network that do not make use of WEP and WPA are also covered. These include higher-level authentication schemes, VPNs, and wireless intrusion detection systems.

Direct 802.11 Defenses
This section covers generic defenses that apply to all 802.11 configurations. Do not, however, assume techniques in this section provide security on their own. These are small tweaks that make finding or attacking a wireless network a little more difficult. These techniques will not prevent an attacker from breaking into your network, but at least they let outsiders know they aren’t welcome.

(more…)

All is not bleak, however. With the advent of many wireless attack methods, means to counter the attacks and reduce exposure are also available. The evolution of wireless security continues in a cycle IT professionals will recognize from wired network security-a game of cat and mouse. As new weaknesses are found in wireless networks and protocols, new methods and designs are put into place to address them.

One of the first efforts at securing 802.11 networks was WEP. The use of RC4 with 40-bit keys was considered sufficient. However, a flaw in the specification regarding the data fed into the RC4 algorithm was found that allowed attackers to derive the secret key used to protect traffic. In order to address that issue, WPA was created.

As of this writing, WPA2 is now available for 802.11X networks. Lessons learned from attacks against WEP and WPA, both practical and theoretical, have been applied in the design of WPA2. Other security mechanisms are being developed or have been deployed for various wireless protocols.

Increases in Wireless Security Mechanisms
Frequency hopping, a technique once used primarily by the military, is now used in many wireless networking protocols to make intercepting transmissions difficult. Specially designed antennas are used to reduce the area where radio transmissions can be received. Cryptographically strong hashing and encryption algorithms are being analyzed and implemented at multiple layers of the networking stack. These measures provide a defense in depth-the compromise of a single security mechanism still leaves in place other protection mechanisms to offset the risk. This strategy prevents new exploits and attacks from gaining complete access to sensitive networks. The extra redundancy and layers can provide sufficient time for IT administrators to test and deploy emergency security fixes when a vulnerability is discovered in the network.

(more…)

By: Sam Ellis

With all of the different home security system services out there, it can be hard to tell if you should have a wireless home security system, hardwired system, or a gadget that has been newly placed on the market. The goal is to stay one step ahead of any potential predators while keeping an affordable means of home security and choosing from masses of options. Recently, the best in home security has seemed to be the wireless home security system. Protecting your home from potential harm is a priority, but when you purchase a wireless home security system, you should know that there is more to the system than just the name.

The wireless home security system is primarily chosen because of its neat appearance and lack of wires. It is convenient to every abode in every situation. However, which system you choose will depend on how much security you need and what your budget entails. The best in home security wireless systems, and the most frequently used are the wireless security cameras, the wireless alarms, and the wireless motion detector syste

The cameras are a small and practical way to monitor your home security without an alarm. The cameras can be used for surveillance and the leaders in home security typically make them such as Ademco, DSC, and GE. They can be used to monitor children while playing as well as catching a common thief. These cameras have the option to record so that you may check the tapes later using a simple VCR or they can broadcast live. The wireless security cameras are generally considered the best in home security and when they are combined with other wireless devices, they are found to be almost foolproof.

(more…)

Many people go to the trouble of setting up a wireless home network but don’t secure it. This means any neighbour or passer-by in the street with a wireless laptop can find and access your home network. If you’re feeling generous you can leave it unsecured for your neighbours to use. But if you’re using a broadband service with usage limits, letting others gain access means that you may reach your monthly limit more quickly. More importantly, an unsecured network makes it easier for hackers to access your computer.

There are five simple steps to get basic security on your wireless home network:

Buy a Router with a Built-in Firewall
A firewall monitors traffic flowing from the Internet to your home network. Check the product specifications of your router to see if it has a built-in firewall. Alternatively you can install a firewall on each of the computers in your home network.

Change the SSID
Your router will have its own default name (SSID). Hackers know what default manufacturer settings are, so you need to change the SSID to prevent them gaining access.

Disable the SSID Broadcast
An SSID broadcast sends a signal to nearby computers to tell them you have a wireless network, so it is important to switch it off to keep your network hidden.

Change Your Router’s User Name and Password
On your router set-up page it will also have a default user name and password. Hackers know the default user names and passwords.

Enable WEP Security
WEP stands for Wired Equivalent Privacy and you can ask Windows XP to automatically turn it on. It encrypts your wireless broadband signal to prevent anyone snooping on it.