Windows Wireless LAN Security Primerby Chris Sanders
Extending the flexibility of a network with wireless networking products began rising in popularity around the early '90s and has picked up steam ever since. With the advent of all of these new wireless products and technologies, security seems to be the biggest weakness often associated with a wireless network. On a traditional wired network, an attacker must either be physically plugged into your network from within the wired network or go to the trouble of breaking through an edge firewall or router. With a wireless network, all a potential attacker needs to do is sit in the comfort of his or her car in the parking lot with a laptop and wireless sniffer. The goal of this article is to give a brief description of all of the different types of wireless security options available, so that you may determine the best fit for securing your wireless network.
Wired Equivalent Privacy (WEP) is anything but equivalent to the security of a wired network. The WEP standard was created in the very early days of wireless networks with the goal of being the only layer of security necessary for WLANs. Unfortunately, WEP didn't really work out at all. The problem with it boils straight down to flaws in its design.
WEP is based upon a system where the data flowing across the wireless network is encrypted using a randomly generated cryptographic key. The method WEP uses to generate these keys, however, was soon discovered to be very predictable, thus making it easier for potential intruders to intercept and decipher these keys. Even a moderately skilled wireless hacker can break WEP cryptography in as little as two or three minutes. The WEP cracking process is displayed in Figure 1.
Figure 1. Cracking WEP is a relatively simple process
Even though WEP has been proven to be antiquated and ineffective it is still supported by a large number of modern wireless access points and routers produced today. Not only that, but it is still one of the most used ways individuals, as well as companies, report they are securing their wireless networks. If you are still using WEP, then I implore you to continue reading the rest of this guide and to get as far away from it as possible. That is, if you value the security of your network at all.
The direct response to the weaknesses of WEP is Wi-Fi Protected Access (WPA). WPA works around the same basic principal as WEP, but does it in a much less flawed way. There are two basic ways WPA can be used, depending on the level of security you require. Most home and small office users will use WPA-Personal security, which is solely based on an encryption key. In this setup, your access point and wireless clients share a key that is encrypted by either the TKIP or AES methods. Although this sounds exactly like WEP, the encryption methods used in WPA are far different and much more complicated to crack. The other method of WPA implementation is to combine the use of a WPA encryption key with 802.1Xauthentication, discussed in the next section.
802.1X and EAP are IEEE approved standards that are designed to enable an improved means of authentication for both wired and wireless networks alike, although their main popularity is in the wireless segment. These things are not cipher-based technologies and therefore do not serve as a direct alternative to WEP, TKIP, etc. but rather as an addition to them to provide additional security. Each component breaks down as follows:
- IEEE 802.1X: Often known as port-level access control, 802.1X creates a virtual port from the wireless client to the access point to be used for communication. If communication is deemed to be unauthorized, then this port is made not available and communication is halted.
- EAP: The extensible authentication protocol, or EAP, is used in conjunction with 802.1X to negotiate the authentication method used for the wireless link. This includes the required user credentials (passwords or certificates), the protocol to be used (WPA, WEP, etc.), and the support of key generation.
Any wireless network using 802.1X/EAP-based authentication can be broken down into three main components: (See Figure 2.)
- Supplicant: Software client running on the wireless workstation
- Authenticator: The wireless access point
- Authentication Server: An authentication database, usually in the form of a RADIUS server, such as Microsoft IAS
Figure 2. 802.1x relies on a EAP and a RADIUS server to manage authentication
The use of 802.1X/EAP-based wireless security is really most appropriate for corporate-level wireless networks. Small networks can get by coupling 802.1X security with a standard encryption protocol such as WPA or TKIP, where as larger, more secure networks will want to tie 802.1X security in with certificate-based authentication.
Pages: 1, 2