A. NetworkA computer network, called the datatechnology network in the field of information technology, is a dot or nodethat is interconnected by means of data transmission and communication methodsfor audio and video sharing, transmission, transmission, distribution.B. Wired and Wirless Asyou know, the term “wired” is a term used to refer to any physicaldevice. Cables can be copper, twisted pair, or fiber optic.
Wired networks areused to transfer different types of electrical signals from one source toanother. Typically, a wired network using a cable modem or other means, using aT1 Internet connection.Aswe know, “Wireless” is the term refers to medium made ofelectromagnetic waves (i.e. EM Waves) or infrared waves. All the wirelessdevices will have antenna or sensors.
Typical wireless devices include cellularmobile, wireless sensors, TV remote, satellite disc receiver, and laptops withWLAN card etc. C. Wi-FiComputers,smartphones and other devices that allow you to connect to the Internet orcommunicate wirelessly.D.
3G,4G3G, third generationmobile wireless telecommunication technologies for the third generation. It isan update for 2G networks and 2.5G GPRS for fast internet speeds. The fourth generation of 4G mobile broadband networktechnology is the success of 3G. The 4G system must provide the capability ofthe IMT Advanced system, identified by the ITU.E. BluetoothBluetoothis a standard wireless technology and personal area network for exchanginginformation over short distances from fixed and mobile devices. II.
Attacks on Wi-Fi A. Session HijackingBy monitoring transmissions betweena wireless client and an access point, an attack can be launched by the attackersending a fake packet to the wireless client. This packet, which as far as theauthenticated client believes is coming from the access point, tells thewireless client that the session to the access point is now closed. At that moment,the attacker then begins to use the session that the client machine believeswas severed. The attack is further clarified with the following:· The clientauthenticates itself to the access point.· The attackersends an 802.11 MAC disassociate management frame using the MAC of the accesspoint.
This forces the client’s connection to be disassociated.This procedure allows the attacker to actually swap sessions with theauthenticated client, unbeknownst to the access point.· The attacker,using the MAC of the original client, is able to access network resources,because the access point is still in the authenticated state. 1 B.
Man-in-the-MiddleIn this attack, the man-in-the-middle(attacker) pretends to be a legitimate access point. During this launch, theattacker has the benefit of viewing all the traffic that passes between thewireless client and legitimate access point. “The primary flaw in the design isthe asymmetrical treatment of supplicants and access points in the statemachines.
This is untrue for the supplicant, whose port is essentially alwaysin the authenticated state. The unilateral authentication of the claimant tothe access point can open the attacker to the enemy and the access point as anaccess point to the enemy. network.
” 1 C. Passive Attack to Decrypt TrafficThe passive headset can block allwireless traffic until the IV collision occurs. Using the same IV, it has twoXOR packages, and the attacker takes XOR text into two. XOR results can be usedto run information about the content of the two messages. IP traffic is oftenvery predictive and contains many spaces. 1 D.
Active Attack to Inject TrafficKnows the correct message for an encryptedmessage. It can use this information to correctly encrypt packages. This procedureinvolves executing bitmaps in the original encrypted message, creating a newmessage, calculating CRC-32, and editing plain text for a new message. Keyfeatures are RC4 (X) XOR X XOR Y = RC4 (Y).
This package can now be sent to theaccess point or mobile station and accepted as the current package. 1 E. Active Attack from Both EndsPrevious attacks can be further expandedto arbitrarily intercept traffic.
In this case, the aggressor will estimate thetitle of the package rather than the content itself. It is easy to get orforecast this information; specifically, all targeted IP addresses arerequired. In this constructor, an attacker can translate the appropriate bitsto change the targeted IP address, sends packets to a packet on the Internet,and transmits it to a mobile station. Fake. 1 F. Table-based AttackThe smaller space of the start vectorallows the attacker to create a decoding table. Having learned some of thepackages well, it can calculate the used RC4 key flow.
This base line can beused to encode all other packets with the same IV. Over time, the attackercould build a table and table template. When the table is built, an attackercan change the password for all packets sent over a wireless connection.
1 III. tools used for attack on wi-fi A. AircrackAircrackis the most popular and popular password-unlocking tool. Worldwide, the 802.11WEP key and WPA-PSK are used as cracks.
First, he writes network packets and triesto restore network passwords by analyzing packages. It also performs someoptimizations with standard FMS attacks to recover passwords on the network orto recover passwords. Optimally, the attack on the corporation and the PTWattack involve an attack to attack faster than other WEP passwords. This toolis strong and widely used worldwide. I have added it to the top of the list.
2 B. AirSnortAirSnortis another popular wireless LAN password-sharing tool. 802.11b can break theWEP keys on the network. This tool works primarily by passing passive tracesand then calculating the encryption keys when packing enough packages. Thistool is free for Linux and Windows platforms.
It is also very easy to use. Thistool has not been renewed for three years, but behind the tool is the company’scurrent development. This tool also takes part in the WEP cracking and istherefore widely used. 2 C. KismetThisis a Wi-Fi 802.11 a / b / g / n Class 2 wireless network caller and accesscontrol system. This tool is used to troubleshoot Wi-Fi problems. It works wellwith any Wi-Fi card that supports the Rfmon mode.
Available on Windows, Linux,OS X, and UX platforms. This tool collects packets passively to define standardnetwork and detect hidden networks. 2 D. Cain & AbleCain& Able is another popular tool used to break down wireless networkpasswords. This engine has been developed to block network traffic and then useharsh force to identify a password.
Therefore, this engine is very useful forsearching wireless network passwords by analyzing routing protocols. This toolcan also be used to break down other types of passwords. 2 E. WireSharkWireSharkis a very popular tool in the network. This is a network protocol analyzer toolthat allows you to test different things in office or home network. You cananalyze and package packages to search for a large number of network resources bychecking the micro-level data. This tool is available for Windows, Linux, OS X,Solaris, FreeBSD and other platforms. 2 F.
Fern WiFi Wireless CrackerFern WiFi Wireless Cracker is a good tool for network security. Thiswill allow you to view network traffic and define the server in real-time mode.This tool is primarily designed to detect computer errors and fix errors. It isavailable on Apple, Windows, and Linux platforms.It can easily break up and repair WEP / WPA / WPS keys.It can also perform other network-based attacks on wireless or Ethernet-basednetworks. 2 G. CoWPAttyCoWPAtty is a good password cracker tool.
Automaticdictionary attack tool for password passwords for WPA-PSK. It runs on Linuxoperating system and provides an inexpensive command line interface. It workson the list of words that contain thousands of passwords for use in attacks. 2 H. AirjackAirjack802.11 Wi-Fi kit printing tool. DOS attacks and MIM attacks. Thismalfunctioning tool will cause network disruption due to the fraudulent packetinjection and refusal to deny servicing.
This tool can also be applied to theaverage attack on the network. This tool is popular and powerful. 2 IV. wi-fi Secuirty Policies & Guidelines (NHS) A. Introduction We know that keeping in touch withfamily, friends and colleagues is an essential daily requirement for patientsand staff who visit Gates head Health NHS Foundation Trust. A free public Wi-Fiinternet service is now available to our patients, staff and visitors to enablethem to surf the internet, send and receive emails, Facebook, and Skype fromTrust sites. This move is part of our vision to provide excellent services thatshapes the needs of our patients and provides a flexible working environmentfor our staff. 3 B.
PurposeThe purpose of this policy is to ensure-· There is an appropriate securityframework in place for the provision of a public Wi-Fi service;· There is suitable access and usagecontrols in place in line with NHS guidance and legislation;· There is nodisregard to the Trust’s legal obligations or to patient safety andconfidentiality. 3 C. ScopeThe policy covers:-· All Trust sites and applies to anyindividual that may access the public Wi-Fi service in any capacity at the Trust including patients, members of thepublic, visitors, employees, students, volunteers and third party contractorsetc.· Categories ofwebsites permitted and blocked by the public Wi-Fi service. 3 D. Wi-Fi AvailabilityUsers are advised that public Wi-Fiaccess is available across all sites but maybe subject to capacity restraintsand Wi-Fi signal availability. At busy times, the speed of the Wi-Fi connectionmay be reduced or lost due to the number of users using the facility. If thisoccurs, users will have to try to access the Wi-Fi service later.
3 E. Accessing the Wi-Fi ServicePatients are free to use their ownIT devices to connect to the service but must act considerately. The Trust doesnot allow any recording of photos, audio recording, videoing or the streaming ofvideos as this would severely affect a patient’s right to confidentiality andprivacy. Access to the Trust’s Wi-Fi network is normally through connecting tothe “Wi-Fi key” on your mobile, smart phone, laptop or IPad etc. In othercases, depending on your browser settings pop up blockers may appear that youmay have to disable. Please refer to Appendix 1 for a user guide on how toaccess the service. 3 F.
Wi-Fi Terms and ConditionsIn supplying a free public Wi-Fiservice all users are expected to comply with the Trust’s fair usage Terms andConditions. (Please see Appendix 2). Users are asked to read the terms andconditions of this Agreement before activating the service. The standard Wi-Fioffering provides a filtered service and strictly prohibits access to a numberof category sites. Sites blocked include, but not limited to-· Pornographicmaterial;· Gambling;· Indecent imagesof adults and children;· Cyber bullying;· Terrorism; G. Wi-Fi RisksHere are many risks associated with usingthe internet that users should be mindful of:-· Childrenfilters are not in place to prevent inappropriate access to web content.· A standard fair usage policy applies to allusers· Patients areadvised that the Trust’s network is open (i.e.
not encrypted) and thereforecannot guarantee the security of some online networks for instance onlinebanking, purchasing and personal communication such as Yahoo and Hotmail etc.Staff and patients are advised to refrain from these types of activities. TheTrust is not responsible for the loss, misuse or theft of any information,passwords or other data transmitted via our network. The Trust can thereforenot guarantee the confidentiality, integrity and security of any user’sinformation on the Trust network. 3 H. Wi-Fi MonitoringAll users are advised that blockedaccess to inappropriate content be monitored.
This is done in line with theComputer Misuse Act 1990 and the Lawful Business Practice (Interception ofCommunications) Regulations 2000. 3I. Violation and Non-ComplianceAny violation of this Policy willconstitute as unacceptable behavior and may result in the loss, suspension ortermination of the service as set out in the fair usage Terms and Conditions inAppendix 2. Any willful or negligent disregard of this Policy by staff will beinvestigated and may be dealt with under the Trust Disciplinary Procedure.
Specifically, this will apply where there has been a failure to adhere to theTrust’s Code of Conduct and its data protection, confidentiality and securityprotocols and guidelines. 3 J. Staff TrainingStaff usage of the Trust’s pubic Wi-Fi service will be covered inthe Information Governance Mandatory Staff Training Programmed. 3 K. DisseminationThis Policy will be published viathe Trust’s website. 3 V. wi-fi secuirty protocols A.
WEP – wired-equivalent privacy keyThepurpose of this switch is to provide wireless networks such as Wi-Fi as a wiredconnection. Unfortunately, this form of security was not available because thetitle was broken and there are currently many open source applications that caneasily be broken in seconds. For its operation, the WEP Wi-Fi key uses a textmessage sent from the client. It is later encrypted and returned with a publickey.WEP has different keys. The key length is typically 128 or 256 bits. Thesecurity of the WEP system is considerably less. It does not apply to keymanagement issues, and it is important to any security system.
Usually the keysare transmitted manually or in another secure direction. WEP uses Wi-Fi sharedlocks – that is, the access point uses the same key for all customers, so ifyou have the key, then all users will be corrupted. enter. It just listens tothe returned authentication frames to identify the key.As you know, WEP Wi-Fiis no better than anything because everyone does not listen to a Wi-Fi hotspotthat can be a hacker.
It is still widely used and has some levels of security.However, if used, high-layer encryption (SSL, TLS, etc.) should also be used. 4B. WPA Wi-Fi Protected AccessWPAaccess methods have been introduced to improve the full WEP system.
This schemeis developed by Wi-Fi Alliance and is part of the IEEE 802.11i securitystandard – to change the IEEE 802.11i standard WEP protocol. One of the keyelements of the WPA program is the use of the TKIP – Temporal Key IntegrityProtocol. TKIP is part of the IEEE802.11i standard and runs packets inpackages.
Additionally,WPA provides optional support for the AES-CCMP algorithm, which is a Wi-FiProtected access. This ensures a marked improvement in security. 4 C. WPA2 / WPAv2WPA2plan replaces WPA. Performs the required elements of the IEEE 802.11i.Specifically, it introduced a new AES-encryption mode, CCMP, which providesstrong security.TheWPA2 certification was launched in September 2004 and is now mandatory for allnew Wi-Fi labeled devices.
. 4 D. TKIP (Temporal Key Integrity Protocol)This protocol is a direct exchangeof WEP and addresses substantial vulnerabilities. The purpose of the design isto ensure compatibility with existing 802.11 hardware, which can be updated bysoftware. One of WEP’s most important improvements is that it is guaranteed touse a completely different key in each package by creating a connectionfunction for each package instead of the IV connection and the secret key.
4 E. MIC (Message Integrity Code)MIC is a Hashing function to protectthe integrity of packages. This is an 8-byte value calculated in all unencryptedraw packages before being encrypted and passed. The main purpose is to detectany bad packages.
The hash function used by MIK is thenew hash function specially designed for low-power devices, such as hardware ina wireless network interface. The protection provided by this processingcapability is equivalent to a 20-bit key, which is a valid encryption standardbased on low protection. To prevent this low level of protection, WPA uses dataprotection packet prevention measures to protect the wireless network fromattack.. 4 VI. wi-fi security products A. Cisco systemCiscoSystems was founded in December 1984 by leading pioneers in the local areanetwork (LAN) used by Stanford University scientists, Leonard Bosack and SandyLerner, to connect different computers.
Geographically multi-protocol routersystems. From the moment the company registered in NASDAQ in 1990, Cisco hascapitalized the $ 224 million market. Cisco became the most valuable company inthe world in 2000, and more than $ 500 billion has been capitalized.