Network Security
Security has been one of the foremost concerns for businesses and information houses nowadays. With the ever increasing rate of hackers and malicious code surfacing the internet and prowlers waiting to tap private communications, networks security is remains top priority even for the non-IT businesses. (Information Security over Wireless Networks)
It has to be understood that nowadays security is not an issue that can be taken for granted, be it stand alone PCs or networks. There are constant threats to privacy and hackers are in pursuit of evasive action always to catch sensitive information during data transfers. The issue of security resides in all types of networks: wired, wireless, LANs, VLANs, etc..
There are different ways in which these issues are addresses depending on the type of network and the topology being used. For example, the use of firewalls in Virtual Private Networks (VPN) which disallows computers from the internet to interact with a computer within the network not connected to the internet reduces chances of interference to a great extent. Once a PC is connected a firewall is implemented so that the communication between the network PC and the internet PC is done over a firewall that restricts the internet PC from viewing the contents and details of the PCs on the VPN. (Information Security over Wireless Networks)
However, the issue of major concern in this paper will be that of security over wireless networks. Wireless networks refer to those networks that use unguided media as communication channels. These include long radio waves, radio waves and microwaves for the purpose of broadcasting information. Security is wireless networks is an important issue due to the media in between being easily “catchable”.
(Introduction to Network Security)
Ensuring wireless network security is a difficult task. There are several implemented as well as already tested solutions to this problem: encryption, frequency hopping, protocol encryption, packet encryption, etc… However, the better the securing technology gets, the stronger the hackers get in evading all security checks and persisting on gaining unauthorized access to information. WiMax, WiFi, Bluetooth and Wireless LANs all have embedded security measures up to a strong level of privacy. Yet, hackers are able to cross those barriers and move into wireless networks with perfect ease and at times with a lot of damage. (Wireless Network Security)
However, users of wireless networks are not at a complete loss. Encryption and frequency manipulation are the key to avoiding hackers and malicious uses from gaining access to sensitive information. Most wireless networks are constantly in the habit of modifying the network IDs. This allows dynamic assigning of IP addresses which disables hackers from constantly using a single IP address as the gateway to break through the server. Further, the use of Wired Equivalent Privacy (WEP) greatly condones off the ability of hackers to exploit a networks loopholes. This encryption method limits the access hackers have to data with existing hacking algorithms.
There is no difference between the IP addresses of wired networks and wireless networks. Therefore, it is no use broadcasting the nature of the network when communicating. It is in fact a tempting fact for hackers when they find wireless networks so easily. Therefore, wireless networks should look forward to holding back their identities along with their broadcast addresses. It is essential for wireless networks to use additional security protocols such as IPSec, IETF and SPINS. The use of these protocols is like an additional barrier towards data accessing. Hackers and illegal users often are caught in these protocols since these protocols have been designed to work with wireless networks efficiently. (Wireless Security)
Some additional measures that wireless networks should adopt to include:
Maintaining a log of all the users and their work. This is perhaps one of the easiest but least effective methods to combat hackers since it “sniffs” around for malicious activity and can be programmed to generate warning signals as soon as such activity is discovered.
MAC Address Filtering: Since wireless networks can be ad-hoc networks, it is not possible for the system administrators to create static logs of authorized users. However, when determining network size, the configuration manager can use a list of valid MAC addresses from each point or connection terminal and store in it a valid MAC addresses table. This will then enable only valid PCs to gain access to the network,
LEAP, PEAP and RADIUS: All these are different protocols for handling users and preventing hackers from being able to gain access to the system. It enables users to transfer data through secure links and at the same time maintains security checks on packet delivery and transfer through routing procedures. Since, networks today cannot thrive without the use of routing, these protocols ensure that packets are routed through valid users and none of the packets are accidentally routed onto hacker nodes.
Software restrictions: perhaps the most powerful techniques of restraining hackers is through the use of software patches. Not allowing novice connections, constantly regulating existing connections and placing software network restrictions are some of the strongest ways to deal with hackers and ensure security.
Wireless network security is perhaps one of the scariest nightmares for IT managers and Information security professionals. Managing information security over wireless networks is an area that is in its developing stages i.e. there is a lot of room for development, advancement and technological progress. Wireless security is to a great extent brought about by physical methods but there is the space for development of wireless methods to be used to enforce techno-security.
REFERENCES
Wireless Network Security. Retrieved May 19, 2008, from Networks and Security: http://en.wikipedia.org/wiki/Network_security
Kitts, H. (2005). Information Security over Wireless Networks. Detorit: Gale Research and Co.
James, E. (2006). Wireless Security (6th ed.) New York: Edenberg Publishers.
Information Technician. Retrieved March 27, 2008, from Security in Wireless Networks Web site: http://www.tpub.com/content/istts/14223/css/14223_44.htm
Introduction to Network Security. Retrieved March 27, 2008, from Wireless Networks Web site: http://www.interhack.net/pubs/network-security/