Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact email@example.com.
The Worldwide Interoperability for Microwave Access technology, under its trade name of WiMAX (Ergen, 2009), has been elected as one of the most promising wireless communications system in the industry for the past ten years. It is a technology that aims to provide wireless long-distance broadband access for a variety of applications.
The Windows Registry stores all of the information that is needed by the host operating system. This database contains all of the configurations, settings and options that are both created initially by the operating system, as well as user configuring settings and installed software.
Wireless local area network systems (LANs), also referred to as Wi-Fi can be found everywhere. Since their introduction in the mid 1990s, they have proliferated among home users and have taken over organizations whether or not they are authorized.
The discipline of network security has as one of its goals the protection of critical
business network traffic. There are a number of preventative methods that can be employed
to ensure that a network is designed well, but attackers will still attempt to exploit weaknesses
to gain access to important business data and systems.
At the core of IT security is the CIA-triad – the need to protect the “Confidentiality” of data, the need to protect the “Integrity” of data and the need to protect the “Availability” of data. Unfortunately when it comes to wireless networks the “Availability” aspect will always be at a risk due to the inherent properties of wireless communications.
This paper is an introduction to some of the programming techniques needed to build wireless security tools. It will go through installing some basic tools then discuss topics including packet injection, sniffing and filtering and give a brief overview of WPA PreShared Key and the EAPOL 4 way handshake. All the techniques will be brought together to create an application to automate capturing an EAPOL handshake which can then be used to attempt to crack the PreShared Key.
Wireless technology has emerged as a very popular alternative to wired technology in recent years and has become readily available in more networks everywhere, whether it is for a home, an office, or any size of business.
Hoy en dia, la implementacion de redes inalambricas es considerada como una solucion de movilidad, flexibilidad y productividad; por esto, el numero de implementaciones de este tipo de tecnologia aumenta y se confirma como una fuerte tendencia.
This paper will briefly introduce the concept of Wireless technologies, outline the key security threats for wireless networking, specifically focusing on intrusion detection systems for WLAN 802.11 networking and the need for them to be included as part of an overall security solution.
The 802.11 wireless networks is one of the most attractive and fast growing networks. Because of its easy and fast deployment and installation, there are more and more users considering using this type of network than the wired version. In this document, you will find out how to secure an 802.11 wireless network by understanding its security protocols and mechanism.
This paper will focus on the current IEEE1 802.11i standard and the components that comprise the standard. It will show how the standard ensures the integrity of the CIA triad in an effort to restore confidence in corporate WLANs.
Much as already been said about the use of WEP and WPA in securing wireless networks, and their weaknesses are already well-known. Less has been written about other measures and devices that network administrators may adopt to secure their wireless network, such as disabling SSID broadcasting or carefully calculating the location of access point antennas.
This paper started out as a reference guide for users at my place of employment to secure their wireless LANs. After researching wireless security, and seeing that it is not the most secure platform out of the box, I decided to create a step by step guide for users to be able to secure their wireless networks at home.
In recent years, the hottest high tech trend which has received a lot of publicity and hype is the term Wireless LAN (WLAN). There are more and more organizations of all sizes implementing and using wireless networks or Wi-Fi (Wireless Fidelity) networks.
This paper will provide some background on wireless technology, look at wireless network security issues, then review recent news, and finally offer some suggestions for discouraging the hackers from playing in your wireless backyard.
With the creation of HIPAA, many health care providers are revising their business models to include a wireless platform in hopes that it will transcend them into the next generation of health care, but not without addressing serious security concerns.
This paper describes the evolution of wireless security in 802.11 networks, the security weakness of Wired Equivalent Privacy (WEP) and provides with the interim and ultimate solutions: Wi-Fi Protected Access (WPA) and 802.11i standards.
This paper will present the issues surrounding newly discovered vulnerabilities with WEP, as well as current access control problems that exist with the wireless architecture currently in use. It will also propose methods that can be used to help secure wireless LANs.
This paper addresses security issues present in the WLAN environment, and how these issues are currently improved upon by Cisco's Aironet 350 series of wireless gear. A brief overview of some of the current technology implemented by Cisco and others is included, but is in no way comprehensive.
This paper intends to expand upon some of the concepts already put forth by Lee Elmendorf's paper, "Wireless Networks: Panacea or Next Hacker's Playground"  and show how you may create a secure wireless Ethernet network.
The author outlines in detail several possible solutions in maintaining a wireless network, the design of a wireless network in order to encompass such solutions, the requirements within which the wireless infrastructure was created, and finally, various scenarios illustrating how specific security issues have been addressed.
This paper examines wireless technology in light of claims regarding serious flaws in the authentication service and the WEP algorithm and assesses the security of the proposed implementation of wireless LANs.
What is Free-Space Optics? How does it work? Is it secure? This paper will try to answer those questions and educate the security community about the technology and security ramifications as the demand for high-speed links increases.
This paper explores why using only the WEP protocol to secure your Wireless LAN is far from adequate. It will also endeavor to provide a working solution to the problem of wireless security and options to adapt this solution to meet your requirements.
This paper examines the technology and infrastructure that supports GPRS in a telecommunications environment, and looks at GPRS security consideration including GPRS network security and potential security threats.
This document will cover the fundamentals on how to deter a WarDriving attack by performing controlled penetration tests on a wireless network. These fundamentals will consist of an overview of 802.11b security, how to exploit its vulnerabilities and will conclude with how to thwart attackers from gaining access to the wired network.
This paper gives an overview of the 802.11 standards, the WEP algorithm and RC4 encryption, followed by an analysis of the various 802.11 security problems and discussion of various ways to improve SOHO wireless security.
This paper discusses some techniques that utilize modifying radio wave behavior (directional antenna and low power transmissions) as a means to add depth to security. The paper also presents some options, such as file compression and burst transmissions as considerations for reducing the probability of intercept.
This paper focuses on a description and analysis of the security standards described in the IEEE 802.11 and 802.1x standards, as well as some of the inherent problems with the security mechanisms defined in the standards. Recommendations for securing wireless networks are provided.
This paper will discuss the following: the Army's implementation of 802.11 wireless networks and the methods used to secure those networks, the issues with WEP, DES and AES, current issues in corporate wireless security, and a look at Defense in Depth as the best practice to secure the wireless network.
This paper will explore the vulnerabilities in our current network infrastructures (wired and wireless), how these vulnerabilities would be mitigated in an ideal world, the barriers to achieving that ideal world, and finally the options available for minimizing the risks today.
This paper deals with the legal gray area that is specific to wireless network analysis and discovery tools. The author provides basic background information about wireless network security, explains the legal and ethical issues that might arise, categorizes the type of people that might use these discovery tools and attempts to give recommendations for each category
In this paper, we talk about the fundamentals of wireless network, the built-in security (or in-security) that comes with those networks, some of the tools that can be used to audit the wireless network and finally discuss how to safeguard the network by deploying additional security.
This document reviews the basic home access point security mechanisms, their weaknesses and then covers implementation of a script to detect, identify, and provide notification of users on a home wireless network, as an attempt at security detection.
By: Rafidah Abdul Hamid (posted on October 31, 2003)
This paper gives brief information on the WLAN components and its architecture and examines the WLAN security threats (Denial of Service, Spoofing, and Eavesdropping); also discussed is how Wired Equivalent Privacy (WEP) works, (the IEEE 802.11b/WiFi standard encryption for wireless networking.)
By: Wan Roshaimi Wan Abdullah (posted on October 31, 2003)
This paper attempts to openly describe the technology of wireless LANs (mostly IEEE 802.11b), what are its standards and components, why it is less secure as compared to its wired counterpart and what can be done or applied in order to make wireless networks more secure from the technology and human perspective.