...Two ways to secure a WLAN, and the ramification if the WLAN is breached. Sebastian Bach Two ways to secure a WLAN, and the ramification if the WLAN is breached. There is an added vulnerability when securing a WLAN than there is with a LAN. The multitude of packets floating around going from one or more access points to a variety of electronic devices can be a tempting arena for those wanting to gain illicit access. There are several ways to increase the security level of a WLAN. The most basic of these would be a router with an integrated firewall. This is almost exclusively found in residential settings. Keeping to the same architecture, firewalls can be quite complex in their modus operandi. Where basic firewalls work on the first three or four layers of the OSI model, the more complex firewalls operate on all seven levels of the OSI model. Often times accompanying these higher end firewalls, there is what is known as a bastion. A bastion is located on the public side of the firewall and acts as bait for would be attackers. The thought behind a bastion is to get the would-be attackers to go there, thinking they have accessed the protected network. Bastions are completely unguarded to make this process easier. Another method of making a WLAN secure is to encrypt data that is on the network. If this is done, the users will authenticated, which will yet again further strengthen the WLAN. For this it is recommended to utilize either WPA or WPA 2 wireless encryption...
Words: 504 - Pages: 3
...Practical WLAN security Abstract This report covers the basics security standards in today’s wireless networks, how they work, existing flaws and vulnerability’s. We will go trough the basic architecture of 802.11, the security it provides like WEP, WPA and WPA2. Further more we will go trough some practical experiment exploiting the flaws described in the article. The result of our practical experiments show upon how easy it is to break encryptions and deploying Evil twins, even with very little understanding of the security structure. 2.1 802.11 Standards The architecture of the wireless LANs is specified by the 802.11 standard created by IEEE [1]. There are a few versions of the standard with differences in frequency and speed. Briefly these are a few of the current standards 802.11 (1997): 2.4Ghz, 2Mbps 802.11a (1999): 5Ghz, 54Mbps 802.11b (1999): 2.4Ghz, 11Mbps 802.11g (2003): 2.4Ghz, 54Mbps Even when things like speed and frequency differ, most things are the same as the original 802.11 standard. They all are using the same medium access protocol, CSMA/CS and have features for increasing range by the cost of speed. They also support the two connection modes of ad-hoc and infrastructure, but since this reports is about practical WLAN security we'll not go any further in on that and just care about the infrastructure mode. 1. Introduction Where ever you go, either it’s an workplace, coffeeshop, library or even a park there is a high chance today that...
Words: 4798 - Pages: 20
...to the internet. All three KFF locations are using a linear bus topology using 100base T Ethernet, which means that Ethernet is used and allows for data transfer rates of up to 100Mbps. The file server, workstations and all equipment previously mentioned are connected to a linear cable. This type of LAN network has disadvantages that outweigh the advantages. One major disadvantage is that the entire network is disabled if there is a break in the main cable, and locating the break can prove to be difficult. Another disadvantage is that the more devices are added, the less efficient it becomes. This outdated design broadcasts data which uses up important bandwidth that can be used for better purposes. The conversion from this topology to a WLAN will benefit KFF on several levels. The addition of wireless technology is a cost-friendly alternative for KFF. It will be less vulnerable to complete outages due to line breaks. If there is a network issue, it will be much easier to isolate. In some cases, issues can even be resolved remotely without ever needing to go the location. Adding and...
Words: 1984 - Pages: 8
...or server lacks the proper protection. This window should be as small as possible to prevent any unauthorized access. If a window is ignored it can become a weak spot in a security system and can cripple a system or network. Defining how big the window is and long it will last rely on 4 factors; Discovery-time, exploit-time, disclosure-time, and patch-time. Discovery-time is when the vulnerability is found and recognized. This is the first step in correcting the vulnerability the proper manner. A vulnerability cannot be fixed if you do not know what it is. Exploit-time is when hacker tools, viruses, data, or sequence of commands can bypass the security system. Disclosure-time is when the vulnerability is freely available to the public or has undergone analysis by experts. This is when most of the hacker tools will be attacking the system. Finally, patch-time is when a vendor or originator releases a fix, workaround, or patch for the system. All these factors should be done in as little time as possible to minimize damage and the threat of attacks on the security system. Unit 2 Assignment 2 1. a. Unauthorized access to LAN b. LAN server operating system software vulnerabilities c. Unauthorized access to systems, application, and data d. Rogue user on WLANs e. LAN servers have different hardware, Operating systems, and software making it difficult to manage and trouble shoot 2. f. Yes some vulnerabilities involve...
Words: 315 - Pages: 2
...Virtual Ogranizations The aim of this chapter is to explain the concept ‘virtual organization’ (VO) in a more detailed manner (in order to realise what security challenges a VO has to cope with). Below we will present definitions of VO, give some examples of VOs, and describe main characteristics of VOs. We will also list the benefits and the security challenges associated with VOs. VO is a relatively new concept that has emerged in the beginning of1990s. There is no single clear-cut definition of what a VO is. Different sources define it somewhat differently. For example, in [1] VO is defined as a “dynamic collection of individuals and institutions which are required to share resources to achieve certain goals”. [[i]] defines VO as “a temporary or permanent coalition of geographically dispersed individuals, groups, organizational units or entire organizations that pool resources, capabilities and information to achieve common objectives”. Jet in [[ii]] a concept IT infrastructure, namely network, is introduced: “VO refers to both the members of a switchable interorganizational electronic network and to the network itself that delivers non-standard products”. Reasons behind a VO The first two definitions speak about “certain goals” or “common objectives” while the third opens up what these goals/objectives can be, i.e. non-standard products. Indeed, the incentive behind the creation of VOs is a collaborative delivery or creation of a customer-specified product or...
Words: 2216 - Pages: 9
...This page was intentionally left blank This page was intentionally left blank Hands-On Ethical Hacking and Network Defense Second Edition Michael T. Simpson, Kent Backman, and James E. Corley ———————————————————————— Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. This is an electronic version of the print textbook. Due to electronic rights restrictions, some third party content may be suppressed. Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. The publisher reserves the right to remove content from this title at any time if subsequent rights restrictions require it. For valuable information on pricing, previous editions, changes to current editions, and alternate formats, please visit www.cengage.com/highered to search by ISBN#, author, title, or keyword for materials in your areas of interest. Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated...
Words: 185373 - Pages: 742
...An ISS Technical White Paper Wireless LAN Security 802.11b and Corporate Networks 6303 Barfield Road · Atlanta, GA 30328 Tel: 404.236.2600 · Fax: 404.236.2626 WWireWireless Lan Security 802.11b Wireless LAN Security Introduction Although a variety of wireless network technologies have or will soon reach the general business market, wireless LANs based on the 802.11 standard are the most likely candidate to become widely prevalent in corporate environments. Current 802.11b products operate at 2.4GHz, and deliver up to 11Mbps of bandwidth – comparable to a standard Ethernet wired LAN in performance. An upcoming version called 802.11a moves to a higher frequency range, and promises significantly faster speeds. It is expected to have security concerns similar to 802.11b. This low cost, combined with strong performance and ease of deployment, mean that many departments and individuals already use 802.11b, at home or at work – even if IT staff and security management administrators do not yet recognize wireless LANs as an approved technology. This paper addresses the security concerns raised by both current and upcoming 802.11 network technologies. Wireless LAN Business Drivers Without doubt, wireless LANs have a high gee-whiz factor. They provide always-on network connectivity, but don’t require a network cable. Office workers can roam from meeting to meeting throughout a building, constantly connected to the same network resources enjoyed by wired...
Words: 3757 - Pages: 16
...Find more on www.studymaterial.ca ADMS 2511 MIS Notes Ch 1 – Modern Organization in the Global, Web-Based Environment Management information systems (MIS)- deals with the planning of info tech to help people perform tasks related to info processing and management Information technology (IT)- any computer-based tool used with info to support the needs of an org Importance of Planning for IT -a new info system can apply to the whole org, or a specific area of the org Application portfolios- are groups of new system proposals (apps that have to be added/modified) IT Planning -begins with an organizational strategic plan -states the firm’s mission, goals, and steps to reach those goals -IT architecture describes the way an org’s info resources should be used to accomplish its mission -includes both technical (hardware operating systems) and managerial aspects (managing the IT dpt, how area managers will be involved) IT strategic plan- LT goals that describe the IT infrastructure and major IT initiatives to achieve the organization’s goals -it must meet three main objectives: -must be aligned with the org’s strategic plan -must provide for an IT architecture that networks users, apps, and databases -must efficiently allocate IS resources among different projects so they can all be completed on time, within budget, and function properly IT steering committee- composed of managers/staff who rep diff organizational units -they establish IT priorities...
Words: 24496 - Pages: 98
...company in the NYSE. With over one thousand employees, GFI has experienced rapid growth through a well-defined strategy that made use of technological innovation and automation of their systems. However, as GFI experienced a steady growth in its financial operation, a significant security risk lack within its network. GFI relies on its application servers; the Oracle database and the email system that are the backbone of the GFI financial operations. The financial and cash flow system of the company solely depends on the network, any network breakdown, and system failure would be catastrophic for the business and its clients. The recent multiple cyber attacks on the GFIs network and the 2012 Oracle server attack that left the company integrity, confidentiality and availability venerable for several days. Although the servers were restored, the damage was extensive and lead GFI to pay for clients damages in their loss of data confidentiality. Another attack left the entire GIF network down that lead to losses in revenues and intangible customer confidence to the tunes of over a million US dollars. Risk Assessment Purpose The aim of this risk assessment is to evaluate the details of GFI network security. Further, the risk assessment is to come up with a structured qualitative assessment of GFIs network environment and provide possible solutions for mitigating the sensitivity, threats, vulnerabilities, risks and safeguards of the GFIs network. Besides, the assessment will recommend...
Words: 2661 - Pages: 11
...How to Plan for Security i). Statement of Policy This policy statement seeks to address the optimum and responsible use of the wireless local area network WLAN facility available at the university in relation to specific network security issues. The issue of concern in this policy is the promotion of responsible use of the WLAN facility among the university’s student and workers. The strategy aims at preventing security problems that may arise from the misuse and malicious exploitation of the facility by people granted approval to access the university’s WLAN information systems. a) Scope and Applicability The scope of this policy statement covers the hardware, software and access protocols associated with the WLAN use by students and workers at the university. The policies adopted will seek to regulate access permissions for the users of the WLAN facility and to promote responsible use in line with policies outlined in this policy document and by industry standards and legal requirements of use. b) Definition of Technology Address The WAN is available for use by the students and workers within the university. The WLAN facility provides access to information systems meant to facilitate the learning and worker needs by providing information access and software platforms. c) Responsibilities The administration and management of the WLAN facility is the responsibility of appointed network administrators at the university’s faculty of Information and Communication Technology. The...
Words: 1907 - Pages: 8
...IS 471 Policy Development and Security Issues Lab 4 (Due October 22, 2014) Introduction In any company, a security policy helps to mitigate the risks and threats the business encounters. However, unless a company happens to be in the information security industry, the task of identifying, assessing, and categorizing the myriad of risks can be an overwhelming one. Thankfully, a company’s IT infrastructure can be divided in a logical manner to more easily sort the risks. These divisions are the seven IT domains. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. In this lab, you will identify known risks, threats, and vulnerabilities, and you will determine which domain of a typical IT infrastructure is affected. You will then discuss security policies to address each identified risk and threat within the seven domains of a typical IT infrastructure. You will next determine which appropriate security policy definition will help mitigate the identified risk, threat, or vulnerability. You will organize your results into a framework that can become part of a layered security strategy. Learning Objectives Upon completing this lab, you will be able to: • Identify risks, threats, and vulnerabilities commonly found in the seven domains of a typical IT infrastructure. Determine which domain is impacted by the risk, threat, or vulnerability. Determine...
Words: 1159 - Pages: 5
...or ts.informationweek.com M ay 2012 $99 2012 State of Mobile Security With 62% already allowing personal devices at work, 80%, require only passwords for IT’s juggling laptop policies and Wi-Fi policies and BYOD policies—and that means security gaps big enough to drive a semi through. Most, mobile devices that access enterprise data/networks, yet just 14% require hardware encryption, no exceptions. Let’s be clear: Mobile security is data security, and we must do better. By Michael Finneran Report ID: R4720512 Previous Next reports 2012 State of Mobile Security CONTENTS 3 4 5 6 7 9 11 11 15 20 25 26 27 27 30 32 45 Author’s Bio Executive Summary Research Synopsis Lessons Unlearned Mobile Device Policies: BYOD in Full Swing What, Me Worry? Breaking It Down Wi-Fi Policy Guidance Tablet/Smartphone Policy So What Are You Doing About It? Applications and Malware Laptops and Ultrabooks Security-Awareness Training Get Going on a Secure Mobility Initiative Don’t Sit Still Appendix Related Reports 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 TABLE OF Figures 6 Figure 1: Policy on Personal Mobile Device Use? 7 Figure 2: Personal Mobile Device Policy 8 Figure 3: Percentage of Employees Using Mobile Devices 9 Figure 4: Top Mobile Security Concerns 10 Figure 5: Importance of Mobile Security Initiatives 11 Figure 6: Percentage of Mobile Devices Experiencing Security Incidents Figure 7: Securing Wireless LANs Figure 8: Securing Data...
Words: 10170 - Pages: 41
...Into To security Project Part 1: Multi-Layered Security Plan: As part of my report, below is my outline for Richman Investments Multi-Layered Security Plan: User Domains: Since Users can access systems, applications and data depending on their roles and rights, an employee must conform to the staff manual and policies also known as the Acceptable Use Policy (AUP). The department manager or human resources manager is usually in charge of making sure that employee and in certain cases third party vendors, contractors ect sign and follow the AUP. To ensure that these threats and vulnerabilities can be avoided, a good policy would be to conduct security awareness training, update the employee manual and discuss the handbook, during performance reviews, disable internal CD drives and USB ports and enable automatic antivirus scans for inserted media drives, files, and email attachments, and lastly restrict access for users to only those systems, applications, and data needed to perform their jobs. Workstation Domains: These users configuring hardware, ensuring that all computers have the latest software revisions, security patches, and system configurations. To ensure that there are no threats with our software, enforce defined standards to ensure the integrity of user workstation and data, enable password protections on workstations for access, and auto screen lockout for inactive times, use content filtering and antivirus scanning at Internet, define workstation...
Words: 727 - Pages: 3
...Fundamentals of Information Systems Security © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 3 1 1/6/2013 DISCOVER: CONCEPTS Fundamentals of Information Systems Security © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 4 Introducing ISS ISS Information Systems Information Fundamentals of Information Systems Security © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 5 The A-I-C Triad Fundamentals of Information Systems Security © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 6 2 1/6/2013 Confidentiality Personal Data and Information • Credit card account numbers and bank account numbers • Social security numbers and address information Intellectual Property • Copyrights, patents, and secret formulas • Source code, customer databases, and technical specifications National Security • Military intelligence • Homeland security and government-related information © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security Page 7 Integrity Maintain valid, uncorrupted, and accurate information. User names and passwords Patents and copyrights Source code Diplomatic...
Words: 1526 - Pages: 7
...Degree Master of Science in Information Security Assurance January 9, 2014 1 SECURING WI-FI ROGUE ACESS WITHIN AN ENTERPRISE SETTING 2 A1 - Abstract Since 1999 wireless devices have become a necessity in enterprises. While increasing convenience, connectivity, and productivity, they also pose an unprecedented threat to network security guarding, which has literally taken to the airwaves. This paper will deal with vulnerabilities and risks regarding access points (APs) in a wireless network (WLAN) connecting to a wired local area network (LAN) in enterprises. Data for this paper will come from published academic papers, industry publications including white papers and surveys, and industry specialists. It will also include definitions of terms, policy and procedures that affect access points, and current practices regarding rogue APs. A case study will be presented for a fictional enterprise with multiple locations that has standard procedures, policies, and protocols in place, but recent events have questioned their ability to control access points with the discovery of rogue devices hidden in several office locations. Industry warnings about access points span the past thirteen years, and still new articles appear saying similar warnings, with only the solutions evolving with the technology. Suggested solutions will include security literacy regarding APs and their devices and their compliance; security audits to re-evaluate configurations of current...
Words: 18577 - Pages: 75
