Securing a Wireless LAN
Today more people are using wireless technology in everyday business and personal life experiences. Using wireless technology personal computers such as smartphones can be used to access emails calendars and generally the internet. This gives the customers at their rooms a chance to access network while sited at a comfort zone.
In the implementation and design of a wireless network there are many proposed actions that should be put into action in order to overcome threats and attacks in the network? The actions also protect the users from intruders who may view their personal information without their knowledge[2]. The following are some of the actions that should be implemented.
Open wireless networks have many risks to the computers that are connected to them. Many intruders will take this as an advantage and use the opportunity to target important information from the genuine connected users[1]. Attackers may supply unknown malwares within the network so that they can affect genuine computers that are connected to the network with aim of deleting important information form the targeted computers. More so the attackers may fetch important personal information from the customer devices without their authority.
More so attackers may also install a software in the network that enable them to listen to conversion in the network without the knowledge of the receiver and sender. This can be referred as eavesdropping which is not constitutional[4].
The security of a wireless network is of importance since it protects several attacks that may cause harm to computers.
Misconfigured primary wireless networks allow war chalking and unauthorized access to the WLAN networks. Since Signals that travel through air are much easier to be interrupted with than those travelling in cables .Many questions are raised on wireless networks. They should be well configured and their password encrypted so that they deny crackers access to ones information or data. The following are some of the recommendation that should be taken while implementing a wireless network[3].
- Deployment of WPA AND WPA2 encryption
- Changing of the default password.
- Closing of the network when not in use.
- Changing the default network name.
- Use of VPAN
- Moving the access points.
- Use of MAC address tables.
The present technology keeps the network secure since tools used by hackers to break into a network also improve. The following activities should be used to keep the network update[5].
- Maintaining and understanding of the network topology
- Keeping of the inventory of handheld devices
- Creation of data backups frequently
- Application of patches and security enhancement
- Monitoring the wireless network and enhancing new security features for new products.
- Performing every day security testing to test the network security.
Authorization
As the radius server consists of many methods to authenticate and authorize the user to access the wireless network. The user login entails an access request from the clients computer to the radius server and the access accept request from the radius server to the client’s computer. The access-Request involves a username and an AES encrypted user password using WPA2 enterprise[7] .When the radius server gets the access request from the client it searches the username from the database. If the username exists in the database and the password is correct then an accept message is send from the server telling the client that the connection has been accepted successfully. If then the credentials are not provided correctly then reject message I sent back to the user confirming that the credentials provided are incorrect.
Recommended Encryption and Authentication Methods
This is the process of proving user identification. In wireless network the radius server only performs authentication .The server is not associated with encryption. During the authentication process the AP gets a request from the STA then the client provides credentials which AP passes to the Radius Server[10]. If the credentials are correct server replays OK then the user connects to the network successfully. More so the keying material is normal generated at the radius server also at the WPA2 client. The WPA2 encryption protocol is normal used.
This refers to overall completeness, accuracy and consistence of a network .Radius server and WPA2 possess high degree of integrity within a network. The radius server does not allow entry of two usernames in its database[9]. Once the user tries to register a username that has been already registered he or she receives a message that the username already exists. Also WPA2 security encryption is more complex such that is not that easy to be cracked by hackers. This makes the network more secured hence no attempt of attacks.
Eavesdropping simply means listening to conversation between two individuals without their knowledge.
Eavesdropping in wireless network can be prevented through making the wireless router with all the other devices with at least WPA and WPA2 encryption.WPA2 has a better encryption. With nobody will be able to access the network[8].
Another way to prevent is enabling AP isolation if the feature is supported by the router and other access points. This feature can also be referred to us as layer of isolation. It blocks all the user to user communication on a network.
The best way to prevent eaves dropping between users is to enable ability to use the file and printer sharing is by applying enterprise WPA AND WPA2 security. This requires setting up radius server to do the required 802[7].1X authentication and also requires a more complex configuration on each computer or device connecting to the wireless network. However, there are hosted services, such as AuthenticatemyWifi, that make the whole process much easier and don’t require you to have your own server.
The following was the network structure layout that was implemented.it has radius server, wireless router and two uses PCs.For the user to connect to the network he should be registered in the network .Without this the device won’t be connected to the network.
For radius server and the wireless router to communicate they are set with specific addresses for them to be uniquely identified within the network. Radius server is configured with an ip address of 192.168.1.5.This address is specifically set to the server and it uniquely identifies the server within the network. The radius server is used to store the access name of the network. In this case the access network name is rando .The connected devices connect to the network through the access name with password 1234. Within the wireless router is where the type of the network is selected in this case we used WPA2 enterprise. The network settings are also configured in the wireless router where the access name of the of the network is set as Rando while the password is set as 1234.The routers is also configured with an Ip address 192.168.1.1 so that it can communicate with the radius server. Once the data network settings are complete. Secret keys are given to users which they use to connect to the network.
Conclusion
While actualizing remote innovations in a safe system, a few focuses should be contemplated. A few dangers are associated with offering wireless connections in organization. This section secured t wireless network by encryption and setting security to the network devices like routers. The safe strategies can be utilized to counter the dangers of open remote ports.
References
[1] Dynarski, R.J., Harper, M., Xu, Y. and Bezaitis, A., 3Com Corp, Radius-based mobile internet protocol (IP) address-to-mobile identification number mapping for wireless communication. U.S. Patent, 2012. 6,466,571.
[2] Dunn, D. and Chang, H., KYOCERA Corp, Method for selecting an air interface using an access list on a multi-mode wireless device. U.S. Patent Application , 2014 11/380,875.
[3] Kalavade, A., Jiang, H. and Chen, P., Tatara Systems Inc, Method and apparatus for integrating billing and authentication functions in local area and wide area wireless data networks. U.S. Patent 2014. 7,171,460.
[4] Lee, H.Y., Chang, R.C., Huang, L.Y. and Chiang, M.L., Accton Technology Corp, System and method using packet filters for wireless network communication. U.S. Patent 2015. 6,657,981.
[5] Leung, K.K., Iyer, J., Andreasen, F., Stammers, T. and Khouderchah, M., Cisco Technology Inc, Methods and apparatus for data traffic offloading at a router. U.S. Patent, 2014. 8,787,303.
[6] Meier, R. and Griswold, V., Cisco Technology IncWireless security system and method. U.S. Patent , 2008. 7,373,508.
[7] Prasad, N. and Prasad, A.WLAN systems and wireless IP for next generation communications. Boston: Artech House,2014
[8] Rajagopalan, R., Sidhiq, H.K., Narayanan, L.K., Bhaskaran, S., Prakash, A. and Rangan, M., Cisco Technology Inc,Distributed load management on network devices. U.S. Patent, , 2013. 8,477,730.
[9] Woodward, E.E., Marvell International Ltd, System and method for enhanced piracy protection in a wireless personal communication device. U.S. Patent, 2009. 7,257,844.
[10]Zahur, Y. and Yang, T.A., Wireless LAN security and laboratory designs. Journal of Computing Sciences in Colleges, 2010 ,19(3), pp.44-60.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
