SANS InfoSec Reading Room - Wireless Access

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

Featuring 66 papers as of Nov 7, 2009

An Inexpensive Wireless IDS using Kismet and OpenWRT

By: Jason Murray (posted on May 4, 2009)

The discipline of network security has as one of its goals the protection of critical business network traffic. There are a number of preventative methods that can be employed to ensure that a network is designed well, but attackers will still attempt to exploit weaknesses to gain access to important business data and systems.

802.11 Network Forensic Analysis

By: Akbar Qureshi (posted on February 2, 2009)

Wireless at the hospital and the threats they face

By: Warren Platt (posted on January 12, 2009)

At the core of IT security is the CIA-triad – the need to protect the “Confidentiality” of data, the need to protect the “Integrity” of data and the need to protect the “Availability” of data. Unfortunately when it comes to wireless networks the “Availability” aspect will always be at a risk due to the inherent properties of wireless communications.

Programming Wireless Security

By: Robin Wood (posted on June 18, 2008)

This paper is an introduction to some of the programming  techniques needed to build wireless security tools. It will go  through installing some basic tools then discuss topics including  packet injection, sniffing and filtering and give a brief overview of  WPA Pre­Shared Key and the EAPOL 4 way handshake. All the techniques  will be brought together to create an application to automate  capturing an EAPOL handshake which can then be used to attempt to  crack the Pre­Shared Key.

802.11 Denial of Service Attacks and Mitigation

By: Stuart Compton (posted on February 20, 2008)

Detecting and Preventing Rogue Devices on the Network

By: Ibrahim Halil Saruhan (posted on August 13, 2007)

A Survey of Wireless Mesh Networking Security Technology and Threats

By: Anthony Gerkis (posted on October 18, 2006)

This paper will summarize the technologies and challenges related to wireless mesh networks.

Implementing a Secure Wireless Network for a Windows Environment

By: Dan Thompson (posted on May 17, 2005)

The goal of this paper is to be an easy to follow guide for configuring and securing a wireless network in a windows environment.

Security Vulnerabilities and Wireless LAN Technology

By: Heather Lane (posted on May 17, 2005)

Wireless local area network systems (LANs), also referred to as Wi-Fi can be found everywhere. Since their introduction in the mid 1990s, they have proliferated among home users and have taken over organizations whether or not they are authorized.

An Overview of the Wireless Intrusion Detection System

By: Oliver Poblete (posted on May 5, 2005)

Wireless technology has emerged as a very popular alternative to wired technology in recent years and has become readily available in more networks everywhere, whether it is for a home, an office, or any size of business.

Consideraciones para la implementacion de 802.1x en WLAN's

By: Juan Chamorro (posted on May 5, 2005)

Hoy en dia, la implementacion de redes inalambricas es considerada como una solucion de movilidad, flexibilidad y productividad; por esto, el numero de implementaciones de este tipo de tecnologia aumenta y se confirma como una fuerte tendencia.

Wireless Intrusion Detection Systems

By: Ken Hutchison (posted on January 28, 2005)

This paper will briefly introduce the concept of Wireless technologies, outline the key security threats for wireless networking, specifically focusing on intrusion detection systems for WLAN 802.11 networking and the need for them to be included as part of an overall security solution.

An Overview of 802.11 Wireless Network Security Standards & Mechanisms

By: Luis Wong (posted on January 19, 2005)

The 802.11 wireless networks is one of the most attractive and fast growing networks. Because of its easy and fast deployment and installation, there are more and more users considering using this type of network than the wired version. In this document, you will find out how to secure an 802.11 wireless network by understanding its security protocols and mechanism.

802.11i (How we got here and where are we headed)

By: Elio Perez (posted on September 16, 2004)

This paper will focus on the current IEEE1 802.11i standard and the components that comprise the standard. It will show how the standard ensures the integrity of the CIA triad in an effort to restore confidence in corporate WLANs.

Enterprise 802.11 Security Considerations and Vendor Solutions

By: Jon Green (posted on August 25, 2004)

Enterprise wireless LAN deployments are unquestionably on the rise, driven largely by demand from employees using the technology at home.

Wireless security beyond WEP and WPA.

By: Eric Peeters (posted on July 25, 2004)

Much as already been said about the use of WEP and WPA in securing wireless networks, and their weaknesses are already well-known. Less has been written about other measures and devices that network administrators may adopt to secure their wireless network, such as disabling SSID broadcasting or carefully calculating the location of access point antennas.

Securing Your Wireless Access Point: What Do All Those Settings Mean Anyways?

By: Joe Scolamiero (posted on June 9, 2004)

This paper started out as a reference guide for users at my place of employment to secure their wireless LANs. After researching wireless security, and seeing that it is not the most secure platform out of the box, I decided to create a step by step guide for users to be able to secure their wireless networks at home.

Corporate Wireless LAN: Know the Risks and Best Practices to Mitigate them

By: Danny Neoh (posted on March 25, 2004)

In recent years, the hottest high tech trend which has received a lot of publicity and hype is the term Wireless LAN (WLAN). There are more and more organizations of all sizes implementing and using wireless networks or Wi-Fi (Wireless Fidelity) networks.

How Things Work: WLAN Technologies and Security Mechanisms

By: Anna Kagan (posted on January 11, 2004)

This paper explains the concepts of wireless communications based on the electromagnetic theory and introduces wireless standards and elements.

Cisco Aironet Wireless LAN Security

By: Stephan Kostyk (posted on October 31, 2003)

Network security is dynamic - what did work today might not tomorrow; WLAN security requires constant attention to changing needs.

Personal Area Networks - How Personal are They?

By: Virgil Hovar (posted on October 31, 2003)

The author explores the theory that having a device that connects to a Personal Area Network may in fact not be so personal.

Layers One &Two of 802.11 WLAN Security

By: Jorgen Ellingson (posted on October 31, 2003)

Fundamental security concerns surrounding WLANs are addressed by examining OSI layers one (physical) and two (media access control) of the 802.11 standard.

Wireless Networks: Panacea or the Next Hacker's Playground?

By: Lee Elmendorf (posted on October 31, 2003)

This paper will provide some background on wireless technology, look at wireless network security issues, then review recent news, and finally offer some suggestions for discouraging the hackers from playing in your wireless backyard.

Wireless Computing - A Technological Breakthrough Laden with Risk?

By: Evan Uwakwe (posted on October 31, 2003)

A discussion of wireless computing technology and tips for making it more secure.

Mobile Medicine

By: Beau Fidler (posted on October 31, 2003)

With the creation of HIPAA, many health care providers are revising their business models to include a wireless platform in hopes that it will transcend them into the next generation of health care, but not without addressing serious security concerns.

The Internet in the Palm of Your Hand

By: Ronald Buchanan (posted on October 31, 2003)

Mobile communications technology is changing and presents new challenges to information security.

The evolution of wireless security in 802.11 networks: WEP, WPA and 802.11 standards

By: Stanley Wong (posted on October 31, 2003)

This paper describes the evolution of wireless security in 802.11 networks, the security weakness of Wired Equivalent Privacy (WEP) and provides with the interim and ultimate solutions: Wi-Fi Protected Access (WPA) and 802.11i standards.

Wireless Application Protocol (WAP): "What is it all about....How does it work"

By: Dwayne D. Paro (posted on October 31, 2003)

This document is written as Introduction to the Wireless Application Protocol and as a high level view of where the industry is headed in respect to this particular protocol

Is Your Wireless Network Secure?

By: Ken Hodges (posted on October 31, 2003)

This paper will present the issues surrounding newly discovered vulnerabilities with WEP, as well as current access control problems that exist with the wireless architecture currently in use. It will also propose methods that can be used to help secure wireless LANs.

Security and the 802.11b Wireless LAN

By: Sean Griffin (posted on October 31, 2003)

This paper seeks to review these issues and make recommendations regarding ways to mitigate the risk and reduce network vulnerabilities.

IEEE 802.11b Wireless LAN: Security Risks

By: Eng Tiong Ow (posted on October 31, 2003)

This paper will discuss the security features implemented in the 802.11b standard and the vulnerabilities discovered.

Wireless Networking: Compromising Security for Convenience?

By: Kimberly A. Buck (posted on October 31, 2003)

This paper examines the security concerns associated with wireless networks.

Cisco's Aironet 350 - An Enterprise-Level Wireless Security Solution

By: Robert Sprague (posted on October 31, 2003)

This paper addresses security issues present in the WLAN environment, and how these issues are currently improved upon by Cisco's Aironet 350 series of wireless gear. A brief overview of some of the current technology implemented by Cisco and others is included, but is in no way comprehensive.

Elements of Wireless Security

By: Gregory A. McGill (posted on October 31, 2003)

This paper examines Cisco's approach to security for wireless network technology.

Isolating and Securing Wireless LANs

By: Chad Hurley (posted on October 31, 2003)

This paper intends to expand upon some of the concepts already put forth by Lee Elmendorf's paper, "Wireless Networks: Panacea or Next Hacker's Playground" [1] and show how you may create a secure wireless Ethernet network.

Implementation of a Secure Wireless Network on a University Campus

By: Greg Redder (posted on October 31, 2003)

The author outlines in detail several possible solutions in maintaining a wireless network, the design of a wireless network in order to encompass such solutions, the requirements within which the wireless infrastructure was created, and finally, various scenarios illustrating how specific security issues have been addressed.

Security in Wireless Networks

By: Robert E. Mahan (posted on October 31, 2003)

This paper examines wireless technology in light of claims regarding serious flaws in the authentication service and the WEP algorithm and assesses the security of the proposed implementation of wireless LANs.

The Security Mechanism for IEEE 802.11 Wireless Networks

By: Alicia Laing (posted on October 31, 2003)

This paper provides an introduction to Wireless Local Area Networks (WLAN), and the methods employed to secure access using the IEEE 802.11 architecture.

Wireless Application Protocol 2.0 Security

By: Tamzin Jeffs (posted on October 31, 2003)

This paper will focus on WAP 2.0, how it differs from previous versions of WAP and how these differences impact on security

Security Aspects of Mobile IP

By: Dale Conn (posted on October 31, 2003)

The purpose of this white paper is to discuss the security aspects of Mobile IP.

Free-Space Optics: A Viable, Secure Last-Mile Solution?

By: Mark Steege (posted on October 31, 2003)

What is Free-Space Optics? How does it work? Is it secure? This paper will try to answer those questions and educate the security community about the technology and security ramifications as the demand for high-speed links increases.

Wireless Networking Security: As Part of Your Perimeter Defense Strategy

By: Daniel Owen (posted on October 31, 2003)

This paper explores why using only the WEP protocol to secure your Wireless LAN is far from adequate. It will also endeavor to provide a working solution to the problem of wireless security and options to adapt this solution to meet your requirements.

Wireless LANs and 802.1x

By: Daryl Stargel (posted on October 31, 2003)

This paper considers IEEE 802 standards which provide authentication and privacy protective security services.

The Limits on Wireless Security: 802.11 in early 2002

By: James Voorhees (posted on October 31, 2003)

This paper compares the security issues of wireless and wired networks.

Security Along the Path Through GPRS Towards 3G Mobile Telephone Network Data Services

By: Dung Chang (posted on October 31, 2003)

This paper examines the technology and infrastructure that supports GPRS in a telecommunications environment, and looks at GPRS security consideration including GPRS network security and potential security threats.

Securing A Mobile Telecommunications Network From Internal Fraud

By: Nathan Kurtz (posted on October 31, 2003)

The mobile telecommunications industry faces numerous challenges protecting their networks from internal and external fraud; protecting against internal fraud will be the focus of this discussion.

Penetration Testing on 802.11b Networks

By: Benjamin Huey (posted on October 31, 2003)

This document will cover the fundamentals on how to deter a WarDriving attack by performing controlled penetration tests on a wireless network. These fundamentals will consist of an overview of 802.11b security, how to exploit its vulnerabilities and will conclude with how to thwart attackers from gaining access to the wired network.

Perils and Fixes for 802.11 WLANs in SOHOs

By: Allan Moluf (posted on October 31, 2003)

This paper gives an overview of the 802.11 standards, the WEP algorithm and RC4 encryption, followed by an analysis of the various 802.11 security problems and discussion of various ways to improve SOHO wireless security.

Defence In Depth: Preventing Going Hairless Over Wireless

By: Jonathon Berry (posted on October 31, 2003)

This paper discusses some techniques that utilize modifying radio wave behavior (directional antenna and low power transmissions) as a means to add depth to security. The paper also presents some options, such as file compression and burst transmissions as considerations for reducing the probability of intercept.

Bluetooth: The Global Technology?

By: Howard Johnson (posted on October 31, 2003)

The purpose of the paper is to familiarize you with the Bluetooth specification, its capabilities, and associated security concerns with regards to implementation.

802.11, 802.1x, and Wireless Security

By: Philip Craiger (posted on October 31, 2003)

This paper focuses on a description and analysis of the security standards described in the IEEE 802.11 and 802.1x standards, as well as some of the inherent problems with the security mechanisms defined in the standards. Recommendations for securing wireless networks are provided.

Wireless Networks: Security Problems and Solutions

By: Jonathan Weiss (posted on October 31, 2003)

This paper explores various solutions to securing wireless networks.

Scouts Out! - Protecting the Army's Wireless Networks and its impact on Corporate Wireless Co

By: Jim Mussulman (posted on October 31, 2003)

This paper will discuss the following: the Army's implementation of 802.11 wireless networks and the methods used to secure those networks, the issues with WEP, DES and AES, current issues in corporate wireless security, and a look at Defense in Depth as the best practice to secure the wireless network.

Identifying the risk involved in allowing wireless, portable devices into your company

By: Claire McDonough (posted on October 31, 2003)

Defense in depth is a strategy strongly promoted throughout the security community, and this paper addresses the risk that small portable devices pose to networks every day.

A Guide to Wardriving and Detecting Wardrivers

By: Andrew Etter (posted on October 31, 2003)

This paper will discuss the components needed to construct a wardriving rig and suggest methods for detecting wardrivers as they drive past your wireless network.

Wireless is not the Problem

By: Jack J. Couch (posted on October 31, 2003)

This paper will explore the vulnerabilities in our current network infrastructures (wired and wireless), how these vulnerabilities would be mitigated in an ideal world, the barriers to achieving that ideal world, and finally the options available for minimizing the risks today.

An Overview Of Wireless Security Issues

By: Kevin Tyrrell (posted on October 31, 2003)

This paper introduces the 802.11 standard and the security issues surrounding it.

How to Avoid Ethical and Legal Issues In Wireless Network Discovery

By: Erik Montcalm (posted on October 31, 2003)

This paper deals with the legal gray area that is specific to wireless network analysis and discovery tools. The author provides basic background information about wireless network security, explains the legal and ethical issues that might arise, categorizes the type of people that might use these discovery tools and attempts to give recommendations for each category

State of Affairs of Wireless Networks

By: Rakesh Arora (posted on October 31, 2003)

In this paper, we talk about the fundamentals of wireless network, the built-in security (or in-security) that comes with those networks, some of the tools that can be used to audit the wireless network and finally discuss how to safeguard the network by deploying additional security.

Bluetooth And Its Inherent Security Issues

By: Tu Niem (posted on October 31, 2003)

Bluetooth technology is slowly becoming more popular but the security built into the specification is a cause for concern.

Wireless Security and Monitoring for the Home Network

By: Raymond Turner (posted on October 31, 2003)

This document reviews the basic home access point security mechanisms, their weaknesses and then covers implementation of a script to detect, identify, and provide notification of users on a home wireless network, as an attempt at security detection.

Brush up on Bluetooth

By: Jeffrey Hall (posted on October 31, 2003)

This paper will attempt to provide a basic understanding of what Bluetooth is and how it works.

An In-depth Look at Wireless WAN Security: Cellular Digital Packet Data Networks and their Security Issues

By: Farid Hatefi (posted on October 31, 2003)

In this paper the security architecture of a CDPD network will be scrutinized and some possible solutions will be investigated.

Security Guidelines for Wireless LAN Implementation

By: KengHoe Lim (posted on October 31, 2003)

This paper focuses on the security issues of WLAN and attempts to put in place a set of security guidelines to help organizations and home users in securing their WLANs.

Wireless LAN: Security Issues and Solutions

By: Rafidah Abdul Hamid (posted on October 31, 2003)

This paper gives brief information on the WLAN components and its architecture and examines the WLAN security threats (Denial of Service, Spoofing, and Eavesdropping); also discussed is how Wired Equivalent Privacy (WEP) works, (the IEEE 802.11b/WiFi standard encryption for wireless networking.)

Wireless LAN Security Defense In Depth

By: Wan Roshaimi Wan Abdullah (posted on October 31, 2003)

This paper attempts to openly describe the technology of wireless LANs (mostly IEEE 802.11b), what are its standards and components, why it is less secure as compared to its wired counterpart and what can be done or applied in order to make wireless networks more secure from the technology and human perspective.