Order Now
Uncategorized

Network Security Issues Of Rare Vintage Auto Parts Ltd

21 min read
Posted on 
April 22nd, 2025
Home Uncategorized Network Security Issues Of Rare Vintage Auto Parts Ltd

Methodology

Discuss about the Network Security Issues Of The Rare Vintage Auto Parts Ltd.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

This report is addressing the concerns raised by the owner, management and personnel of the Rare Vintage auto spares LTD. These trepidations resulted from a steady drop in the smooth running of the business that included having a very rude IT administrator that used the wireless network to access illicit material, Miller, Voas & Hurlburt (2012). The sacking of the IT administrator has compounded the wireless network issues affecting the company even after replacement with a non-expert in the field of network security.

The report includes the identified and analysed risks that make the security of the wireless network system very vulnerable to interference and modification. Using the risk assessment matrix, the threats and vulnerabilities of the network set up have been accessed and documented, Thomson (2012). The following are the top ranked security vulnerabilities, a very weak WEP encryption is being used during connection and data transfer, an incorrect antenna type with a high power access point and mixture of network card standards.

The following methods were used to collect and analyse the data according to Morrow (2012).

In-depth Interviews were conducted with more than 30 employees from the different offices of the company questioned to comment on the wireless connection set up, express their objections and failings.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Network exploitation testing: the network was tested using the available exploitation tools to determine the ability to withstand and prevent external or internal attacks.

Access to secondary sources of data such as the deployment files and documents left behind by the former IT administrator in the data cabinets.

Direct and participatory observation in the daily activities and practices of the employees while taking notes on the wireless configuration, hardware, software, security policies and practices and also asking the employees questions relating to the network use.

L

I

K

E

L

I

H

O

O

D.

SEVERITY OF RISK.

ACCEPTABLE

TOLERABLE

UNDESIRABLE

INTOLERABLE

UNLIKELY

Data loss due to no backup.

Network and components misuse due to no policies and procedures.

Network failure due to no designated router.

Network failure due to no network subnetting.

LIKELY

Attack due to no intrusion detection system.

Poor performance due to mixed network cards.

Network failure due to high power gain APs.

Attack due to broadcasting SSID.

VERY LIKELY.

Attack due to lack of virtual private network.

Poor performance due to incompatible antenna.

Data attack due to no firewall.

Attack due to poor data encryption.

WEP encryption only provides a level of security for the wireless network similar to that of the wired network, which is very poor and allows for eavesdropping through packet sniffing, Song (2014). WEP encryption has the following data vulnerabilities:

  1. the encryption engine RC4 was not implemented properly in which the IVs implementation allows the reuse and repetition of the IVs and therefore the repeated key can be easily hacked using a typical computer since the 40-bit generated keys used by the wireless network in the company was flawed.
  2. A network vulnerability in the RC4 key generation algorithm is easily exploited by free exploitation tools such as WEPCrack. The exploitation tool analyses data traffic transmitted through the network by capturing passive data generated. Since the company’s offices generated lots of data encrypted using the WEP encryption technology, the attack takes just a few hours.

Mitigation:

  1. Out of the box setting up the network routers and access points to enable embedded security features such as changing default settings.
  2. Use of the latest encryption techniques to secure the Wi-Fi such as WPA and WPA2.  
  • Setting the wireless security to enterprise mode, enabling stronger authentication using log in credentials instead of a password.

The company is using a mixture of different antenna types with the 16dBi Omni-directional antenna and 6dBi antenna.

The antenna are two different types. The transmitter antenna has a higher gain than the receiver antenna and therefore receives very poor signals and hence the process of communication is significantly flawed, Scarfo (2012, November). The broadcasted SSID, the network’s name enables the public to view the network under the available network’s window of their mobile devices and connect to the network. With the poor encryption technique and strategy plus no firewall enabled, individuals with malicious intents are able to hack into the network and access the data being transmitted, Ghosh, Gajar & Rai (2013). The attackers are also able to access the network’s SDN and interfere with the network communication. The Wi-Fi security is not set to enterprise mode and therefore the personal mode of security allows the users to use a paraphrase to connect to the wireless network. The paraphrase is saved in the Wi-Fi settings of the user devices and therefore can be accessed when the mobile device is stolen or lost or through the social hacking process of acquiring the password.  

Findings

Additionally, the transmitter uses an Omni-directional antenna that sends the signal in the 360 degrees’ plane. The receiver therefore receives very low signals and hence the communication process breaks. Since the antennas are far from each other, the Omni-directional antenna is not a proper choice because the signals are not concentrated in one direction and also will be more affected by angles.

Solutions:

  1. Installation of uni-directional antennas that concentrates signals towards a receiver.
  2. Use of antennas with equal gains, transmission frequencies and signal strength hence a smooth communication.
  • Reduce physical interference between the transmitters by reducing walls, people, shelves and using a direct line of access between the transmitter and the signal receiver.

The company uses a wireless WIFI network that has a broadcasted service set identifier. In the current network configuration, the access points that are routers advertise the capability information of the network by sending the network’s beacon frames, Gollakota, & Katabi (2011, April).   The broadcasted SSID, the network’s name enables the public to view the network under the available network’s window of their mobile devices and connect to the network. With the poor encryption technique and strategy plus no firewall enabled, individuals with malicious intents are able to hack into the network and access the data being transmitted. The attackers are also able to access the network’s SDN and interfere with the network communication. The Wi-Fi security is not set to enterprise mode and therefore the personal mode of security allows the users to use a paraphrase to connect to the wireless network. The paraphrase is saved in the Wi-Fi settings of the user devices and therefore can be accessed when the mobile device is stolen or lost or through the social hacking process of acquiring the password.  

Solutions:

  1. The network SSID broadcast should be disabled so that the authorized users can connect through the company application instead of the device available network’s list.
  2. Apart from hiding the network’s SSID, the dynamic host configuration protocol should be disabled to reduce unauthorized access to the network by attackers.
  3. Strictly, the network details can be changed regularly after employee termination to prevent access using the old details for malicious intentions.  

To reduce interference, Wi-Fi systems use the principle of increasing the signals strength by adding power. Since the offices are environments with very high interference due to the many access points, the Wi-Fi system is high gain access points to increase the signal strength but this comes with a disadvantage in that it reduces the directional coverage of the Wi-Fi system, López & Zhou (2008). Additionally, when the access points run on high power and high gain, the signal strengths become stronger but the devices such as receivers running on low signal or low power cannot push any data back to the access point and therefore the communication fails when the data transfer process fails. In such an unfortunate instance as in the company offices, the access points keep on transmitting but does not receive back data frames because the receivers are not powerful enough to send back the frames.

Solutions:

  1. Use of access points with very low power outputs and low per gains that matches other devices connected to the network’s power gains in the ranges of 25-50Mw.
  2. Use of low power gain access points to increase the area under coverage in that to reduce the number of access points within the office geographical area.  

The internet is the primary framework from which the Rare Vintage Auto Parts Ltd company operates. It forms the backbone of the enterprise linking the branch offices, cash machines and mobile devices together to the corporate. However, the linkage exposes the enterprise to the outside worlds with malicious individuals and attackers. While security mechanisms such as an antivirus works, it’s not fool proof and hence not a hundred percent secure. The network lacks the firewall functionality of authentication and prevent unauthorized users from remote areas to aces the network since the network is broadcasting its SSID, Bulbul, H. I., Batmaz, & Ozel, (2008, January). Furthermore, the network is used a public network, not set to private by a virtual private network software that offers additional security by allowing secure encrypted connection between the network and remote users and tunnel the data being transmitted within the network to protect the data from the man-in-the-middle attacks and eavesdropping or spoofing.  

Wired Equivalent Privacy encryption

Solutions:

  1. A firewall should be defined at the level between the network and the internet and should be in several layers to control authentication of devices seeking connection to the network of the company.
  2. Access, intranet and extranet virtual private networks with point to point tunnelling and layer to forwarding protocols should be created within the network to enable secure connection s between two different devices within the network seeking connections and data transfer.  
  • Intrusion detection systems should be installed and deployed within the network to monitor traffic and be able to detect suspicious behaviour, activity and provide security alerts when malicious activity is detected. Advanced Intrusion Detection systems are more suitable due to the improved functionality in blocking suspicious traffic and IP addresses.
  1. For long term solutions, intrusion prevention systems should be installed and deployed to stop attacks and threats before network administrator involvement and keep reports and logs of the malicious activities.
  2. The network or broadcast domain is not subnet for all the devices.

In this type of network connection where all the connected devices use the same infrastructure subnet, the traffic on the network becomes slow and reduces the networks performance. In this network infrastructure operating on the same subnet, a broadcasted data packet is send to every connected device with an entry point even the devices that do not need the data packet, Lashkari, Danesh and Samadi ( 2009, August). The spamming of all the devices on the network reduces the devices’ performance and thus the whole network’s performance. Since the network operates on a single subnet infrastructure, the network is highly congested with devices, different IP addresses and hence the processes of network administration and security are reduced.

Resolutions.:

  1. Assign unique identification numbers, IP address to each device that is authenticated to connect to the network.
  2. Divide the network addresses into subnet addresses and subnet masks to identify the network parts that refer to the host and or the subnet using the 32-bit key.
  • Assign the different connected devices to the different subnet masks created to increase network performance and reduce network lagging.

All business enterprises relying on the network infrastructure should have a well-documented network policy.  The written policies create a required precedence on the use and administration of the information technology assists. The security policies set ought to be easy to compose, understand and enforce, Wright, & Cache (2015). The security policies are meant to protect the network and the computers plus the data generated or being transmitted within the network channels. The security policy document addresses the specific need of the enterprise network set such as acceptable use of the computers, control and management of passwords, emails and storage devices and the risk reduction strategies of remote access, internet and servers. Additionally, the policy and procedure document contains the response plan in case of an attack, data loss and or improper use of the network and its components.

Mitigation: the company should formulate policies with strict adherence to the rules, laws and procedures guiding the usage and maintenance of the wireless network and its components. The policies should be updated regularly to keep up with the tech updates directed towards securing the network and adherence by the employees and executives. Additionally, regular training and security awareness programs should be conducted concerning the advancements in security protocols and techniques such as malwares, ransomware and exploitation tools stressing on vigilance.  

The designated router reduces the network traffic and helps to form a channel source of all the system updates on the network. Without a designated router, the network topology is not fully described and the slave-master relationship between the routers is not established hence the data send within the network is not controlled and therefore the different routers on the network update each other with data packets and “confusion” arises.  In any unfortunate event that the designated router fails, the back-up router takes over on the roles of the designated router.

Incorrect antenna type

Solution:

  1. Use of multi-access networks with a link state advertisements functionality to control the heavy packet traffic that can be generated within the network.
  2. Identification and selection of the router to be used as the designated router and the second to act as the back-up router in the OSPF multi-access network. The designated router should be the router with highest router IP address that configures it on the network. The designated router would therefore be used to generate network link data packets instead of every router, thus form a master-slave connection and additionally utilize the network sync of link-state databases.

The 802.11b network card and the 802.11g card can be used on the same network together, however, the performance and the encryption of the latest network card running on 802.11g will reduce to the level of the b network card to allow the slow performance and WEP encryption. In the company’s network connection with the different data cards, the network connection functions but the connections speeds and the data transfer speeds is highly reduced, Zou, Zhu, Wang, & Hanzo (2016). The mixing of the data cards saved the company the budget during the project design and deployment however, the long-term benefits are not met.

Solution:

To provide fast data transfer, improved performance and latest security features, an all 802.11g network should be installed. Even though more expensive, the long-term solution to poor performance due to the mixed g and b data cards is the expensive upgrade to the g data card network.

To protect the business data against the many ways of data losses such as viruses and ransomware, server mishaps, accidental or intentional data erasure or modification and network crash. The data backup is a very important aspect of business project design and deployment however the short term goals of cutting down the budget overshadow it.

Mitigation.

  1. Installation of back up programs and use of standalone servers for the storage of important files such as financial reports, client data and supplies details.
  2. Acquisition of disaster recovery software to aid in the data recovery incise of accidental or intention data deletion or data losses due to ransomware or malicious attacks.   
  • Ultimately, to solve the whole problems involved with the network security, the company should consider subscription to an online cloud computing service provision. With the small employee population of 150 and a limited IT expertise, cloud computing would be the best solution in the long run since the hardware requirements are reduced with the computational, storage and security functions are provided for by the cloud computing vendor such as Amazon Web Services, Microsoft Azure or the HP enterprise services cloud-compute.

Appropriate counter-measures:

  1. Purchase and deployment of Checkpoints’ 730 unified threat management appliance.

To provide convenient networking and security features, the Rare Vintage Auto Parts Ltd business enterprise should consider purchase Checkpoint 730 hardware appliances UTMs with virtual software security features.

Considering the features, firewall throughput and additional services, Checkpoint Unified Threat management system is suggested for the management of the networking and security requirements of the Rare Vintage Auto Parts Ltd.

The following are the notable features:

  1. Firewall, Virtual private network, Application control, Intrusion prevention system, URL filtering, Anti-spam and Email security.
  2. Firewall throughput of 3Gbps and supports and unlimited number of concurrent users.
  • Checkpoint 730 is ready out of the box with an upgradable module with a price of
  1. $5662.00 inclusive of all checkpoint appliances.
  1. Amazon web service Software as a service yearly subscription $17255.00.

The cloud based computing offers an added advantage for the Rare Vintage Auto Parts Ltd since the company will not have to incur the additional costs of purchasing on premise server computers which would incur the company hidden costs and therefore increase the total cost of ownership. The cloud-based computing would have the following advantages:

  1. Highly scalable in terms of resources such as storage and computing power which will increase the work output and throughput of the company.
  2. Reduces the total cost of ownership required to purchase the on premise computer server with the ability to offer the cloud-based big data analytics.
  • There is no need to employ Information Technology administrators since the cloud-based computing vendor Amazon provides the data security using their own technical experts.

This written covenant presents the policies, procedures and laws that govern the employees of Rare Vintage Auto Parts Ltd in the use of the company’s network, network components and privately owned mobile devices and personal computers. The covenant is intended to provide integrity and security to the data and infrastructure of Rare Vintage Auto Parts Ltd, Swan & McKinney (2012).

Rare Vintage Auto Parts Ltd respects the confidentiality and privacy concerns of its employees and therefore the data stored in the personal devices will nope be interfered with nor accessed. The company expects the employees to provide their devices for implementation of security controls or provide evidence resulting from civil, criminal or administrative proceedings.

Enabled SSID

Rare Vintage Auto Parts Ltd stipulates that, in this BYOD policy, the recommended use of the employee devices while at place of work or connected to the company network as practices which support the objectives, missions and goals of Rare Vintage Auto Parts Ltd such as viewing and accessing resources owned by the company such as calendars, emails, contacts and communication documents such as memos.

The company expects its employees to use their personal devices limitedly while at work unless for urgent communication but not:

  • For texting and chatting on social media platforms inclusive of office employees and drivers.
  • Online streaming, download or sharing of illicit content.
  • Storage or sharing of the company data in any form whatsoever.
  • Participate or run external businesses.
  • Physically, sexually or emotionally molest other employees.

The company supports all personal computers and mobile devices such as android phones, iPhones and laptops. For device connectivity to the network, the connection settings MUST only be input by the company’s network IT administrator. The settings include standard applications configuration, employee network profile creation and Wi-Fi on device set up with login credentials.

The company recommends the following for the personal employee devices and computers to be configured to access the company’s network:

  • The device must be locked with a strong password, at least six characters with a combination of digits and letters, after a maximum of five minutes being idle.
  • That employees will bring new devices to be configured or the old ones for reconfiguration after every 3 months since the network’s credentials will be upgraded regularly.
  • Rooted android mobile phones will not be configured to the network, either running on custom 3rdparty firmware or not.
  • Jailbroken iPhones and iPad will not be configured.
  • Employee’s access to company is not allowed unless special access permission is granted by the management.
  • A device belonging to the employee may be wiped remotely from the company network or cellular network if:
  • The company and the employee agree to terminate the contract of employment mutually or not.
  • The IT department, intrusion detection system and the intrusion prevention system detect malicious or abnormal behaviour from the employee’s device that may threaten the company’s network or data.
  • The employee’s device is stolen, lost or sold to a third party who is or not a company employee.

Disclaimer:

It’s the employees’ responsibility to back up their device data, the company will not take liability in the event that the employee’s device is remotely wiped.

The company has the right to deny or disconnect an employee from accessing the network without prior notification.

In the unfortunate event that an employee’s mobile phone is lost, stolen or sold, the employee should notify the company and the mobile phone career network provider within 24 hours. Failure to which the employee shall be questionable in the event of a third party malicious attack to the network or company data.

The employee takes responsibility for threats to the network and company data that are caused or result from their use of the personal devices while connected to the network such as viruses, malware and accidental or intentional deletion of whole or part of the company data.

Rare Vintage Auto Parts Ltd expects the employees to use their personal devices in an ethical manner, strictly adhere to the company’s BYOD policy and personally be liable for device costs.

Rare Vintage Auto Parts Limited has the rights to take severe disciplinary actions, against the company’s human resources from the executives to the employees, in the event of noncompliance that includes payment of fines and or termination of the employment contract with immediate effect.

I understand and accept that I will strictly comply with the company’s security and BYOD regulations. In the event that business use increases my personal plan service costs, the company does not provide reimbursements.

Access points with high power gains

Employee name:

BYOD device:

Employee signature:

References

Miller, K. W., Voas, J., & Hurlburt, G. F. (2012). BYOD: Security and privacy considerations. It Professional, 14(5), 53-55.

Thomson, G. (2012). BYOD: enabling the chaos. Network Security, 2012(2), 5-8.

Morrow, B. (2012). BYOD security challenges: control and protect your most sensitive data. Network Security, 2012(12), 5-8.

Song, Y. (2014). “Bring Your Own Device (BYOD)” for seamless science inquiry in a primary school. Computers & Education, 74, 50-60.

Scarfo, A. (2012, November). New security perspectives around BYOD. In Broadband, Wireless Computing, Communication and Applications (BWCCA), 2012 Seventh International Conference on (pp. 446-451). IEEE.

Ghosh, A., Gajar, P. K., & Rai, S. (2013). Bring your own device (BYOD): Security risks and mitigating strategies. International Journal of Global Research in Computer Science (UGC Approved Journal), 4(4), 62-70.

López, J., & Zhou, J. (Eds.). (2008). Wireless sensor network security (Vol. 1). Ios Press.

Lashkari, A.H., Danesh, M.M.S. and Samadi, B., (2009, August). A survey on wireless security protocols (WEP, WPA and WPA2/802.11 i). In Computer Science and Information Technology, 2009. ICCSIT 2009. 2nd IEEE International Conference on (pp. 48-52). IEEE.

Wright, J., & Cache, J. (2015). Hacking exposed wireless: wireless security secrets & solutions. McGraw-Hill Education Group.

Gollakota, S., & Katabi, D. (2011, April). Physical layer wireless security made fast and channel independent. In INFOCOM, 2011 Proceedings IEEE (pp. 1125-1133). IEEE.

Zou, Y., Zhu, J., Wang, X., & Hanzo, L. (2016). A survey on wireless security: Technical challenges, recent advances, and future trends. Proceedings of the IEEE, 104(9), 1727-1765.

Bulbul, H. I., Batmaz, I., & Ozel, M. (2008, January). Wireless network security: comparison of wep (wired equivalent privacy) mechanism, wpa (wi-fi protected access) and rsn (robust security network) security protocols. In Proceedings of the 1st international conference on Forensic applications and techniques in telecommunications, information, and multimedia and workshop (p. 9). ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering).

Swan, T. L., & McKinney, D. U. (2012). U.S. Patent No. 8,184,530. Washington, DC: U.S. Patent and Trademark Office.

Jacobsen, S. C., Markus, D. T., & Pensel, R. W. (2010). U.S. Patent No. 7,787,939. Washington, DC: U.S. Patent and Trademark Office.

Van, D. N., Bui, T. T. X., & Tesfalidet, S. (2008). The transformation of phenyltin species during sample preparation of biological tissues using multi-isotope spike SSID-GC-ICPMS. Analytical and bioanalytical chemistry, 392(4), 737-747.

Bestermann, J. (2013). U.S. Patent No. 8,412,942. Washington, DC: U.S. Patent and Trademark Office.

Won, S. Y. (2013). U.S. Patent No. 8,509,199. Washington, DC: U.S. Patent and Trademark Office.

Jacobsen, S. C., & Wells, D. L. (2013). U.S. Patent No. 8,614,768. Washington, DC: U.S. Patent and Trademark Office.

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order
Calculate the price
Pages (275 words)
$0.00
Course Scholars
Company
Legal
How Our Service is Used:
Course Scholars essays are NOT intended to be forwarded as finalized work as it is only strictly meant to be used for research and study purposes. Course Scholars does not endorse or condone any type of plagiarism.
Subscribe
No Spam
© 2025 Course Scholars. All rights reserved.
Course Scholars will be listed as ‘Course Scholars’ on your bank statement.

Order your essay today and save 15% with the discount code GINGER

Order Now