Secure Wireless Routing
Routers are important because they forward data packets from one point to another. They are always placed near, or at, gateways, so that there is proper of data packets across networks. A routers main job includes forwarding of data packets, but also routing with the use of protocols to ensure that the route of transfer is the best possible means. As mentioned earlier, the core purpose of routers is to provide a communication channel. Based on the importance of internet connectivity and wireless networking, it is often very important for home users to connect to a network, or for firms to link multiple networks. This is where the use of wireless or direct routers comes in.
The paper seeks to examine what wireless routers are, and what their particular functions relating to internet connectivity is. Second, the essay will examine the main security threats that affect wireless routers, and finally, the paper will offer respective solutions to these threats. In the end, the essay will be summarized, providing concrete analytical summarization of all points mentioned in the paper.
Wireless Routers
The basic difference between wired routers and wireless routers is not in their purpose, but rather their structure. Basically, wireless routers perform the same exact functions like that of a wired router. However, the materials used to develop wireless routers are much different. For one, wireless routers do not have direct wiring connecting them to networks. Second, they are generally categorized in a manner which demonstrates their ability to transmit data packets without the use of wiring(Rackley, 2007). This means that they will always have antennas to aid this purpose on the router. Wireless routers can also be held to be far less secure than wired routers, due to the possibility of interception of data packets in between.
In terms of performance and durability, wireless routers work in the same way as wired routers (Rackley, 2007). The installation costs for wireless routers is generally higher than that of wired routing, however, the installation time and effort, required to set up a wired router is far greater than that of a wireless router. In addition, wireless routers add more to the mobility of the user than wired routers.
Functionality of wireless routers
The key fundamental that is required for wireless networks to work is the existence of Internet Protocols (IP) addresses. These are basically numbers assigned to every computer that is available on the network, or is part of it. The key functionality of the wireless router is to provide direction to data packets. Thus, wireless routers send data packets based on the various IP addresses. Each router contains a routing table which manages the source and destinations of various IP addresses and there in turn, the direction of data packets. To make the internet work, the connectivity that we all enjoy, comes from thousands of routers are work.
Security issues with wireless routers
Wireless routers are obviously less secure than wired routers. This is primarily because wireless data packets can be intercepted and transformed by hackers, or abusers. However, there are other issues involved with wireless routers as well, which can be divided into (Zhang, 2008)
Home wireless threats
Public Wireless Threats
Home wireless threats
Earlier, the paper discussed that routers can be used by individuals to simply relay information on the internet and connect to other WANs or LANS. These are home users of wireless routing. Since the data packets are sent through airwaves, there is a high probably of interception and manipulation of the data packages.
Some of the problems that can occur with home users and wireless routers are
Piggy backing
War-Driving
Unauthorized computer access
Piggy backing
One of the biggest problems that occur in private networks with wireless routers is the fact that anyone with a wireless catching ability can access your connection to the internet. This is especially true in networks that are present in closely located vicinities such as those in an apartment or close neighborhood. The basic problem here is the fact that people end up taking a free ride on your expense. At the same time, there is a high possibility that the owner of the wireless router ends up exceeding the amount of connections viable on the wireless router because other people keep taking up space (Zhang, 2008). When other people use the wireless routers through this illegal way of connection, the bandwidth reduces, and the internet speed available to the owner of the wireless router can drastically reduce. Finally, any activity undertaken on that internet connection, whether legal or illegal, will always be traced back to the owner of the wireless router thus making it a severe risk. Anyone even slightly proficient in networking technology can even use different softwares to keep a track and tab on the owner of the wireless router. Doing so might result in an invasion of privacy, lost passwords and a constant monitoring of activities by third party users who have piggy backed on your wireless router.
War-Driving
Piggy backing has become more professional in recent times. Now, a lot of malicious users are actually driving through towns and streets looking for access to unsecured networks like the ones mentioned above to piggy back on. Once such networks are found, they are published on websites for anyone to access at any time. This basically creates an avenue for malicious users to take advantage of you, and your personal security, by following up and conducting illegal activities using your wireless router (Buttyan, 2007). Since the risk to them is nil, and you, being the owner of the wireless router, will take the entire blame, this becomes a serious security threat.
Unauthorized computer access
Often, users share files through their wireless routers. When access is gained through the unsecured connection, malicious users can access those files, manipulate them, and even use the sourcedestination information to hack into your computer, simply through your wireless router connection. This has proven to be a serious problem, as many users have reported having had malicious attacks on their programs and files because they had shared files, which provided an entry point for hackers and malicious third party users (Buttyan, 2007).
Public wireless networks
When connection to other networks especially those that are unsecured, can expose users who access the internet through public access points, to a variety of risks. This is primarily because this is a public connection point which is unsecure.
The various ways that public access points leave users vulnerable are
Evil Twin attacks
Wireless Sniffing
P2P connections
Unauthorized access
Shoulder Surfing
Evil twin attacks
The authenticity of public access points can often been vulnerable points for users triyng to connect to a network using public access points. This is primarily because malicious users have become so advanced, that they can replicate the public access point to such a degree, that many users end up connecting to the fake public access point, rather than the real one. One reason for this is that malicious users, who intent to exploit these connectors, use bogus signals to hype up the signal strength (Sheldon, 2001). Fair users find this attractive, thinking that it is the real connection, and try to connect. When they do that, the basic problem that occurs is that such malicious users have made the public access point replica to exploit vulnerable users, and therefore, have the software capabilities and know how to take advantage of such users. They use technology to spy on the activities of the users who has connected to the public access point in the hope of getting sensitive information such as credit card numbers, addresses and passwords.
Wireless Sniffing
The above mentioned technique goes far beyond bogus signal settings. Malicious users can even gain your sensitive information, such as passwords and credit card numbers simply with you being online through the public access point (Buttyan, 2007). This is primarily because the public access point is not secure, and the information transfers taking place on the network are not encrypted. Thus, using sniffing tools, personal information of users can be exploited by malicious users (Barbeau, 2007).
P2P connections
Here, it is important to understand the ad-hoc mode of wireless networking. This mode allows users to connect to other users, directly on their PCs using a wireless router. Because wireless routers and wireless networks provide support to ad hoc networks, malicious users can develop these and connect directly to an unsuspecting victim. The worst part is, that most laptops and computers fitted with Wireless receiving technology, are set on ad hoc mode as default. Therefore, the risk that occurs is the fact that malicious users can log in, and connect to your computer directly, if he or she has the same settings as that on your computer. This allows them access to your personal files and documentations, resulting in a direct invasion of privacy and leakage of sensitive personal information (Buttyan, 2007).
Unauthorized computer access and spoof attacks
As with personal networks, the same security threat exists with public access points, through wireless routers that of unauthorized computer access. Users with malicious intent can access all files and directories you have shared with the network and use them for ill intended purposes.
There are even situations where routing information can be altered or replayed in a different manner than intended. If malicious users get access of the wireless router, there is a high probability that they can change the targets of the router. By altering and replaying routing information, malicious users can end up creating a situation where the routing traffic is disturbed, looped, or even falsified (Nichols, 2001). They can even break the network between a point and source distance.
Securing Wireless Routers
Based on the analysis above, it is evidently clear that wireless routers need to be secured to protect our privacy, both personal and financial. It has also become clear that wireless networks generated through wireless routers are a serious cause for mishaps and malicious activities because it provides an easy break in source for hackers and people with ill-intent to exploit and take advantage of users and networks.
Various security agencies and network solution providers have forwarded the case for different techniques to counter and entirely eliminate the above circumstances from happening. Some of their options are more precautionary, where as others are for total security. In my opinion, both are necessary to establish a sense of control over our wireless routers.
The steps that are often mentioned are
Access point administration interface
SSID
WPA encryption
WEP
Mac filtering
WLAN transmitting power and positioning
Firewalls
Access point administration interface
As explained earlier, all factory fitted Wi-Fi devices come with a built in, default password. The access point administration interface is basically dealing with password security. For starters, the default password should be changed immediately to one with numbers, and alphabets to ensure reliability. Some devices even allow user names to be changed, and if that is possible, should be contemplated. This is primarily because users with malicious intent have developed sophisticated methods of tracking generally kept passwords. The list is even available online for other hackers. To ensure the sustainability of passwords, they must be changed in intervals of 30-60 days (Nichols, 2001).
SSID
SSID stands for Service Set Identifier (Sheldon, 2001). This is a term used to define the name that is generally given to a network. On a WLAN, all wireless routers need to have corresponding (same) SSIDs, to be able to connect with each other. However, as if default passwords, these are also designed and shipped by the manufacturer of the device. A good illustration of this would be Linksys which often shows up on wireless networks.
The problem generally occurs when people do not change the SSID, or when they try to change it with ineffective practices. For one, those changing it often use birthdays, names, and other personal information to define the SSID. Others simply use alphabets instead of using alpha-numeric. The best option is generally held to be that users should not display their SSID at all. This method is more of a precaution. For one, your wireless router will not show your network to passerbys and people living in close localities. However, when it comes to sniffers, they will be able to find you.
WPA encryption and the use of WEP
WEP stands for wired equivalency privacy, where as WPA stands for wireless protected access. The general argument that has been debated over time has been the effectiveness and utility of both security measures. Based on research, it has been found that the WEP is less stringent as the WAP. This is primarily because the WEP has well known vulnerabilities. These have been tracked and investigated, but to break a WEP encryption is far simpler and easier than that of WAP (Nichols, 2001).
The WAP is better encrypted since the passwords generally used are all alpha-numeric, instead of simple numbers and characters independently. The latest WAP technology that is being introduced with new hardware has even stronger protection properties and harder encryptions to ensure the privacy of data and security for the user.
However, even so, the problem lies in compatibility. Even to this date, most wireless routers and systems support the WEP system and cannot function or carry the WAP system (Held, 2002). Therefore, it is highly recommended that even with the drawbacks of the WEP, it should be integrated for wireless routers to ensure as much protection as possible in the given circumstance.
MAC Filtering
Wireless routers and networking equipment come with MAC addresses. These are identifiers of hardware and are unique to each set. The concept of MAC filtering involves entering only the set of MAC addresses on your wireless router and networking equipment that you know about. Only these addresses will be allowed access to the network whereas, all others will be filtered. This is a good way of ensuring only known and trustable users access your network through your wireless router (Santos, 2007).
It is true that MAC addresses are built into the hardware and thus cannot be changed. However, with the latest software available on the market today, it is possible to replicate the address. Thus, the MAC filtering process is obviously not fool proof (Wu, 2007). For one, spoofing techniques can easily imitate MAC addresses and any person with adequate know how could easily do this. This is more of a precautionary measure that can be taken by individuals to ensure the security of their systems, privacy and wireless routing experience.
Transmitting power and positioning
Most wireless routers now provide the option of decreasing signal strength based on the customer needs. More and more firms are offering ways for consumers to limit the power supply to the wireless router. This is primarily being done so that consumers and internet users have the option of decreasing and increasing signal strength, based entirely on their needs and uses. Using this method, we can, to an extent prevent our wireless router from transmitting signals beyond a certain point (Sheldon, 2001). It is difficult to do that, particularly because there is no way to properly define how far the signals with go and the decreasing signals philosophy is based primarily on trial and error.
An extension of this property can be held in another context as well varying the position of the wireless router. For instance, positioning the wireless router in the center of the house, or area of use, one can drastically limit the exposure of signals to the external environment. This works particularly well because even if the signals are transmitted, they will be far lesser than they would have been otherwise. And malicious users or third parties will be able to utilize only 10-15 of the bandwidth (Hardjono, 2005).
Firewalls
Firewalls have been well established in their role in protecting personal computers from malicious use. Their usefulness has resulted in another dimension having been opened in reference to wireless routing. With the success of earlier versions of firewalls such as Zone Alarm and Norton, now companies are developing firewalls specifically for wireless routers (Nichols, 2001). This means added security and privacy for users buying the newer version wireless routers.
Conclusion
In conclusion, it is evident that wireless security is a pertinent issue in the security of privacy and personal data. Some statistics put the figure at 60, relating to the number of wireless routers unsecure, and most vulnerable to hacker attacks.
The paper analyzed what wireless routers are, how they work and what makes them so important in our daily lives. The internet has bought an information revolution in our world. Without it, a lot of our social functionality would falter.
People need to understand that their wireless routers are their main line of defense against hackers and invaders. The reason being that it is through the wireless router that hackers can freely ride on your internet. It is through the wireless router that hackers can invade information, privacy and your personal documents on your computer. Most pertinent is the issue that through access from your wireless router, hackers can perform internet attacks, spam attacks and other illegal activities under YOUR name.
The solution most commonly mentioned, aside from the above mentioned strategies, is the introduction of a 802.11 wireless router. However, the most pertinent issue to address is that of secure password formations. Generally, hackers can crack passwords on an average of 2 minutes, through the use of software and password crackers. The key lies in developing passwords which contain both alphabets and numerics.
All in all, to have a secure internet connection, safeguarding the wireless router is of utmost importance.
Categories:
0 comments:
Post a Comment