Site Loader
Rock Street, San Francisco

A.    Network

A computer network, called the data
technology network in the field of information technology, is a dot or node
that is interconnected by means of data transmission and communication methods
for audio and video sharing, transmission, transmission, distribution.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

B.    Wired and Wirless

you know, the term “wired” is a term used to refer to any physical
device. Cables can be copper, twisted pair, or fiber optic. Wired networks are
used to transfer different types of electrical signals from one source to
another. Typically, a wired network using a cable modem or other means, using a
T1 Internet connection.

we know, “Wireless” is the term refers to medium made of
electromagnetic waves (i.e. EM Waves) or infrared waves. All the wireless
devices will have antenna or sensors. Typical wireless devices include cellular
mobile, wireless sensors, TV remote, satellite disc receiver, and laptops with
WLAN card etc.

C.    Wi-Fi

smartphones and other devices that allow you to connect to the Internet or
communicate wirelessly.

D.   3G,4G

3G, third generation
mobile wireless telecommunication technologies for the third generation. It is
an update for 2G networks and 2.5G GPRS for fast internet speeds. The fourth generation of 4G mobile broadband network
technology is the success of 3G. The 4G system must provide the capability of
the IMT Advanced system, identified by the ITU.

E.    Bluetooth

is a standard wireless technology and personal area network for exchanging
information over short distances from fixed and mobile devices.


II.    Attacks on Wi-Fi


A.    Session Hijacking

By monitoring transmissions between
a wireless client and an access point, an attack can be launched by the attacker
sending a fake packet to the wireless client. This packet, which as far as the
authenticated client believes is coming from the access point, tells the
wireless client that the session to the access point is now closed. At that moment,
the attacker then begins to use the session that the client machine believes
was severed. The attack is further clarified with the following:

The client
authenticates itself to the access point.

The attacker
sends an 802.11 MAC disassociate management frame using the MAC of the access
point. This forces the client’s connection to be disassociated.
This procedure allows the attacker to actually swap sessions with the
authenticated client, unbeknownst to the access point.

The attacker,
using the MAC of the original client, is able to access network resources,
because the access point is still in the authenticated state. 1


B.    Man-in-the-Middle

In this attack, the man-in-the-middle
(attacker) pretends to be a legitimate access point. During this launch, the
attacker has the benefit of viewing all the traffic that passes between the
wireless client and legitimate access point. “The primary flaw in the design is
the asymmetrical treatment of supplicants and access points in the state
machines. This is untrue for the supplicant, whose port is essentially always
in the authenticated state. The unilateral authentication of the claimant to
the access point can open the attacker to the enemy and the access point as an
access point to the enemy. network.” 1


C.    Passive Attack to Decrypt Traffic

The passive headset can block all
wireless traffic until the IV collision occurs. Using the same IV, it has two
XOR packages, and the attacker takes XOR text into two. XOR results can be used
to run information about the content of the two messages. IP traffic is often
very predictive and contains many spaces. 1


D.   Active Attack to Inject Traffic

Knows the correct message for an encrypted
message. It can use this information to correctly encrypt packages. This procedure
involves executing bitmaps in the original encrypted message, creating a new
message, calculating CRC-32, and editing plain text for a new message. Key
features are RC4 (X) XOR X XOR Y = RC4 (Y). This package can now be sent to the
access point or mobile station and accepted as the current package. 1


E.    Active Attack from Both Ends

Previous attacks can be further expanded
to arbitrarily intercept traffic. In this case, the aggressor will estimate the
title of the package rather than the content itself. It is easy to get or
forecast this information; specifically, all targeted IP addresses are
required. In this constructor, an attacker can translate the appropriate bits
to change the targeted IP address, sends packets to a packet on the Internet,
and transmits it to a mobile station. Fake. 1


F.    Table-based Attack

The smaller space of the start vector
allows the attacker to create a decoding table. Having learned some of the
packages well, it can calculate the used RC4 key flow. This base line can be
used to encode all other packets with the same IV. Over time, the attacker
could build a table and table template. When the table is built, an attacker
can change the password for all packets sent over a wireless connection. 1


III.   tools used for attack on wi-fi


A.    Aircrack

is the most popular and popular password-unlocking tool. Worldwide, the 802.11
WEP key and WPA-PSK are used as cracks. First, he writes network packets and tries
to restore network passwords by analyzing packages. It also performs some
optimizations with standard FMS attacks to recover passwords on the network or
to recover passwords. Optimally, the attack on the corporation and the PTW
attack involve an attack to attack faster than other WEP passwords. This tool
is strong and widely used worldwide. I have added it to the top of the list. 2


B.    AirSnort

is another popular wireless LAN password-sharing tool. 802.11b can break the
WEP keys on the network. This tool works primarily by passing passive traces
and then calculating the encryption keys when packing enough packages. This
tool is free for Linux and Windows platforms. It is also very easy to use. This
tool has not been renewed for three years, but behind the tool is the company’s
current development. This tool also takes part in the WEP cracking and is
therefore widely used. 2


C.    Kismet

is a Wi-Fi 802.11 a / b / g / n Class 2 wireless network caller and access
control system. This tool is used to troubleshoot Wi-Fi problems. It works well
with any Wi-Fi card that supports the Rfmon mode. Available on Windows, Linux,
OS X, and UX platforms. This tool collects packets passively to define standard
network and detect hidden networks. 2


D.   Cain & Able

& Able is another popular tool used to break down wireless network
passwords. This engine has been developed to block network traffic and then use
harsh force to identify a password. Therefore, this engine is very useful for
searching wireless network passwords by analyzing routing protocols. This tool
can also be used to break down other types of passwords. 2


E.    WireShark

is a very popular tool in the network. This is a network protocol analyzer tool
that allows you to test different things in office or home network. You can
analyze and package packages to search for a large number of network resources by
checking the micro-level data. This tool is available for Windows, Linux, OS X,
Solaris, FreeBSD and other platforms. 2


F.    Fern WiFi Wireless Cracker

Fern WiFi Wireless Cracker is a good tool for network security. This
will allow you to view network traffic and define the server in real-time mode.
This tool is primarily designed to detect computer errors and fix errors. It is
available on Apple, Windows, and Linux platforms.

It can easily break up and repair WEP / WPA / WPS keys.
It can also perform other network-based attacks on wireless or Ethernet-based
networks. 2


G.   CoWPAtty

CoWPAtty is a good password cracker tool. Automatic
dictionary attack tool for password passwords for WPA-PSK. It runs on Linux
operating system and provides an inexpensive command line interface. It works
on the list of words that contain thousands of passwords for use in attacks. 2


H.   Airjack

802.11 Wi-Fi kit printing tool. DOS attacks and MIM attacks. This
malfunctioning tool will cause network disruption due to the fraudulent packet
injection and refusal to deny servicing. This tool can also be applied to the
average attack on the network. This tool is popular and powerful. 2


IV.   wi-fi Secuirty Policies & Guidelines (NHS)


A.    Introduction


We know that keeping in touch with
family, friends and colleagues is an essential daily requirement for patients
and staff who visit Gates head Health NHS Foundation Trust. A free public Wi-Fi
internet service is now available to our patients, staff and visitors to enable
them to surf the internet, send and receive emails, Facebook, and Skype from
Trust sites. This move is part of our vision to provide excellent services that
shapes the needs of our patients and provides a flexible working environment
for our staff. 3


B.    Purpose

The purpose of this policy is to ensure-

There is an appropriate security
framework in place for the provision of a public Wi-Fi service;

There is suitable access and usage
controls in place in line with NHS guidance and legislation;

There is no
disregard to the Trust’s legal obligations or to patient safety and
confidentiality. 3


C.    Scope

The policy covers:-

All Trust sites and applies to any
individual that may access the public Wi-Fi service in any capacity at  the Trust including patients, members of the
public, visitors, employees, students, volunteers and third party contractors

Categories of
websites permitted and blocked by the public Wi-Fi service. 3


D.   Wi-Fi Availability

Users are advised that public Wi-Fi
access is available across all sites but maybe subject to capacity restraints
and Wi-Fi signal availability. At busy times, the speed of the Wi-Fi connection
may be reduced or lost due to the number of users using the facility. If this
occurs, users will have to try to access the Wi-Fi service later. 3


E.    Accessing the Wi-Fi Service

Patients are free to use their own
IT devices to connect to the service but must act considerately. The Trust does
not allow any recording of photos, audio recording, videoing or the streaming of
videos as this would severely affect a patient’s right to confidentiality and
privacy. Access to the Trust’s Wi-Fi network is normally through connecting to
the “Wi-Fi key” on your mobile, smart phone, laptop or IPad etc. In other
cases, depending on your browser settings pop up blockers may appear that you
may have to disable. Please refer to Appendix 1 for a user guide on how to
access the service. 3


F.    Wi-Fi Terms and Conditions

In supplying a free public Wi-Fi
service all users are expected to comply with the Trust’s fair usage Terms and
Conditions. (Please see Appendix 2). Users are asked to read the terms and
conditions of this Agreement before activating the service. The standard Wi-Fi
offering provides a filtered service and strictly prohibits access to a number
of category sites. Sites blocked include, but not limited to-



Indecent images
of adults and children;

Cyber bullying;



G.   Wi-Fi Risks

Here are many risks associated with using
the internet that users should be mindful of:-

filters are not in place to prevent inappropriate access to web content.

 A standard fair usage policy applies to all

Patients are
advised that the Trust’s network is open (i.e. not encrypted) and therefore
cannot guarantee the security of some online networks for instance online
banking, purchasing and personal communication such as Yahoo and Hotmail etc.
Staff and patients are advised to refrain from these types of activities. The
Trust is not responsible for the loss, misuse or theft of any information,
passwords or other data transmitted via our network. The Trust can therefore
not guarantee the confidentiality, integrity and security of any user’s
information on the Trust network. 3


H.   Wi-Fi Monitoring

All users are advised that blocked
access to inappropriate content be monitored. This is done in line with the
Computer Misuse Act 1990 and the Lawful Business Practice (Interception of
Communications) Regulations 2000. 3

I.      Violation and Non-Compliance

Any violation of this Policy will
constitute as unacceptable behavior and may result in the loss, suspension or
termination of the service as set out in the fair usage Terms and Conditions in
Appendix 2. Any willful or negligent disregard of this Policy by staff will be
investigated and may be dealt with under the Trust Disciplinary Procedure.
Specifically, this will apply where there has been a failure to adhere to the
Trust’s Code of Conduct and its data protection, confidentiality and security
protocols and guidelines. 3


J.     Staff Training

Staff usage of the Trust’s pubic Wi-Fi service will be covered in
the Information Governance Mandatory Staff Training Programmed. 3


K.    Dissemination

This Policy will be published via
the Trust’s website. 3


V.    wi-fi secuirty protocols


A.    WEP – wired-equivalent privacy key

purpose of this switch is to provide wireless networks such as Wi-Fi as a wired
connection. Unfortunately, this form of security was not available because the
title was broken and there are currently many open source applications that can
easily be broken in seconds. For its operation, the WEP Wi-Fi key uses a text
message sent from the client. It is later encrypted and returned with a public
key.WEP has different keys. The key length is typically 128 or 256 bits. The
security of the WEP system is considerably less. It does not apply to key
management issues, and it is important to any security system. Usually the keys
are transmitted manually or in another secure direction. WEP uses Wi-Fi shared
locks – that is, the access point uses the same key for all customers, so if
you have the key, then all users will be corrupted. enter. It just listens to
the returned authentication frames to identify the key.As you know, WEP Wi-Fi
is no better than anything because everyone does not listen to a Wi-Fi hotspot
that can be a hacker. It is still widely used and has some levels of security.
However, if used, high-layer encryption (SSL, TLS, etc.) should also be used. 4

B.    WPA Wi-Fi Protected Access

access methods have been introduced to improve the full WEP system. This scheme
is developed by Wi-Fi Alliance and is part of the IEEE 802.11i security
standard – to change the IEEE 802.11i standard WEP protocol. One of the key
elements of the WPA program is the use of the TKIP – Temporal Key Integrity
Protocol. TKIP is part of the IEEE802.11i standard and runs packets in

WPA provides optional support for the AES-CCMP algorithm, which is a Wi-Fi
Protected access. This ensures a marked improvement in security. 4


C.    WPA2 / WPAv2

plan replaces WPA. Performs the required elements of the IEEE 802.11i.
Specifically, it introduced a new AES-encryption mode, CCMP, which provides
strong security.

WPA2 certification was launched in September 2004 and is now mandatory for all
new Wi-Fi labeled devices.. 4


D.   TKIP (Temporal Key Integrity Protocol)

This protocol is a direct exchange
of WEP and addresses substantial vulnerabilities. The purpose of the design is
to ensure compatibility with existing 802.11 hardware, which can be updated by
software. One of WEP’s most important improvements is that it is guaranteed to
use a completely different key in each package by creating a connection
function for each package instead of the IV connection and the secret key. 4


E.    MIC (Message Integrity Code)

MIC is a Hashing function to protect
the integrity of packages. This is an 8-byte value calculated in all unencrypted
raw packages before being encrypted and passed. The main purpose is to detect
any bad packages.

The hash function used by MIK is the
new hash function specially designed for low-power devices, such as hardware in
a wireless network interface. The protection provided by this processing
capability is equivalent to a 20-bit key, which is a valid encryption standard
based on low protection. To prevent this low level of protection, WPA uses data
protection packet prevention measures to protect the wireless network from
attack.. 4


VI.   wi-fi security products


A.    Cisco system

Systems was founded in December 1984 by leading pioneers in the local area
network (LAN) used by Stanford University scientists, Leonard Bosack and Sandy
Lerner, to connect different computers. Geographically multi-protocol router
systems. From the moment the company registered in NASDAQ in 1990, Cisco has
capitalized the $ 224 million market. Cisco became the most valuable company in
the world in 2000, and more than $ 500 billion has been capitalized.

Post Author: admin


I'm Eric!

Would you like to get a custom essay? How about receiving a customized one?

Check it out