Security in WiFi networks. WEP, WPA, WPA2 encryption. Wi-Fi security. Proper wi-fi protection

Send your good work in the knowledge base is simple. Use the form below

Students, graduate students, young scientists who use the knowledge base in their studies and work will be very grateful to you.

Posted on http://www.allbest.ru/

Federal State Budgetary Educational Institution of Higher Professional Education

Department: Informatics and Information Technologies

Specialty: Applied computer science

COURSE WORK

WIRELESS SECURITY

Completed by a student

Kozlova S.K.

Head of work:

Mityaev V.V.

EAGLE, 2013

Introduction

Conclusion

Bibliography

Application

Introduction

Most modern computers support wireless network access. In other words, they can connect to the Internet (and other wireless-enabled devices) without a network cable. The main advantage of wireless connections is the ability to work with the Internet anywhere in the home or office (if the distance between the computer and the wireless network access device allows). However, if you do not take measures to ensure the security of your wireless network, the following potentially dangerous situations are possible, as a result of which an attacker could:

1. Intercept transmitted or received data;

2. Gain access to a wireless network;

3. Seize the Internet access channel.

Let's turn to the definition of information security. Information security - means the protection of information and information systems from unauthorized access, use, detection, distortion, destruction, modification.

Information security ensures the availability, integrity and confidentiality of information. To implement information security of wireless networks, information security tools and mechanisms are used.

Therefore, if a wireless network is not secure, an attacker can intercept data transmitted over it, gain access to the network and files on the computer, and also access the Internet using the connection. Thus, the data transmission channel is occupied and Internet access slows down.

The topic of wireless network security still remains relevant, although reliable methods for protecting these networks, such as WPA (Wi-Fi Protected Access) technologies, have existed for quite some time.

The purpose of the work is a practical study of security issues and security features of wireless networks.

The object of this course work is network security.

The subject is the security of wireless networks.

The tasks to be solved when performing this work are as follows:

1. Consider the concept of a wireless network;

3. Study the basic provisions of the wireless connection security policy;

4. Analyze solutions for ensuring the security of wireless networks;

5. Assess the need for wireless network security;

6. Develop an algorithm for carrying out work to assess the effectiveness of wireless network protection.

1. Concept of a wireless network and description of the categories of main attacks

1.1 Concept and description of a wireless network

A wireless network is the transmission of information over a distance without the use of electrical conductors or "wires".

This distance can be either small (a few meters, as in television remote control) or very large (thousands or even millions of kilometers for telecommunications).

Wireless communications is generally considered to be a branch of telecommunications.

The popularity of wireless communications is growing at an explosive pace, opening up new markets for operators - from online games on cell phone screens to emergency services.

This is due to the spread of notebook computers, paging systems and the emergence of personal secretary-class systems (Personal Digital Assistant (PDA)), expanding the functionality of cell phones.

Such systems must provide business planning, timing, document storage, and communications with remote stations. The motto of these systems was anytime, anywhere, i.e., the provision of communication services regardless of place and time. In addition, wireless channels are relevant where laying cable lines and long distances is impossible or expensive.

Until recently, most wireless computer networks transmitted data at speeds from 1.2 to 14.0 Kbps, often only short messages, because transferring large files or long sessions of interactive work with a database were not possible. New wireless transmission technologies operate at speeds of several tens of megabits per second.

Alan S. Cohen, senior director of Cisco Systems, responsible for mobile solutions, talks a lot about the prospects for the wireless communications market.

He says wireless technology is quickly becoming an accepted standard that has a pervasive impact on our lives.

There are two important market forces driving the move toward ubiquitous wireless connectivity. The first factor is the "democratization" of wireless technology, which became noticeable in the mobile market with the advent of the 802.11 or Wi-Fi standard.

The rapid growth in the number of mobile devices and mobile networks in homes, apartments, businesses and cities is very noticeable. Today, it is easy and simple to build a wireless network and provide broadband mobility for the benefit of large corporations and individual users.

He also highlighted another interesting area of application of mobile technologies - urban mesh networks, which make Wi-Fi technology truly ubiquitous.

Providing access to all city residents throughout its territory is a wonderful example of the democratization of wireless technology. Network architecture and unified communications technology not only combines wired and wireless communications, but also brings together indoor and outdoor network services. As a result, you can stay connected to the network wherever you are, inside or outside the building, which is very important for urban communications.

Wireless communications are becoming ubiquitous. It allows you to provide connection to users where cable connection is difficult or where full mobility is required. In this case, wireless networks interact with wired networks. Nowadays, it is necessary to take wireless solutions into account when designing any network - from a small office to an enterprise. This may save money, labor and time.

There are many cases and reasons why wireless networks are the only or most convenient option for organizing access to a communications network or the Internet:

1) If it is necessary to organize the possibility of nomadic access to the network and the Internet for random users in cafes, airports, train stations, shops and other public places;

2) If it is necessary to organize a local network in buildings that do not have the ability to lay cable wiring (for example, in historical buildings) or in buildings in which laying cable is a very complex, time-consuming and difficult task;

3) When organizing a temporary local network, including a local network for public access, for example, for holding any events, conferences, etc.;

4) When expanding a local area network in the event that it is necessary to connect any remote isolated segment containing a small number of workstations;

5) If mobile access to network resources is necessary, for example, when moving around an apartment or organization with a laptop, when visiting various patients with a doctor in a hospital to communicate with a central database, or for communicating and coordinating mechanics in large buildings, saturated with modern means of providing them life activity;

6) To organize additional communication channels that can be provided by alternative telecom operators creating wireless local networks in different areas.

Depending on the technologies and transmission media used, the following classes of wireless networks can be defined:

Networks on radio modems;

Networks on cellular modems;

Infrared systems;

VSAT systems;

Systems using low-orbit satellites;

Systems with SST technology;

Radio relay systems;

Laser communication systems.

WI-FI is a modern wireless technology for transmitting data over a radio channel (wireless, wlan wifi).

Any equipment that complies with the IEEE 802.11 standard can be tested by the Wi-Fi Alliance and receive the appropriate certificate and the right to display the Wi-Fi logo.

Wireless Fidelity, which translated from English means wireless precision. There is also a longer name for the term: EEE 802.11b. Wi-Fi originated in 1985 in the USA, after the frequency part of the radio channel was opened for use without special permission.

The very first standard that became most widespread was the IEEE 802.11b standard.

Equipment that complies with the 802.11b standard appeared back in 2001, and to this day most wireless networks still operate using this standard, and many wireless Wi-Fi devices are also available that support 802.11b.

The radio waves used for Wi-Fi communications are very similar to the radio waves used in walkie-talkies, receivers, cell phones and other devices. But Wi-Fi has a few notable differences from other radio devices.

Communication is carried out at frequencies of 2.4-5 GHz. This frequency is much higher than the frequencies suitable for mobile phones, portable radios and television.

The higher the frequency of the signal, the more information is transmitted. A wireless network uses radio waves in the same way as radios, mobile phones, and televisions. In fact, Wi-Fi wireless communication is more similar to two-way radio communication.

In Russia, using Wi-Fi without permission to use frequencies from the State Commission for Radio Frequencies (SCRF) is possible to organize a network inside buildings, closed warehouses and industrial areas.

To legally use a Wi-Fi wireless network outside of an office, for example, a radio channel between two neighboring houses, you must obtain permission to use the frequencies. There is a simplified procedure for issuing permits for the use of radio frequencies in the band 2400-2483.5 MHz (standards 802.11b and 802.11g, channels 1-13); obtaining such permission does not require a private decision from SCRF. To use radio frequencies in other bands, in particular 5 GHz (802.11a standard), you must first obtain a private solution from SCRF. In 2007, the situation changed with the release of the document: “Resolution of July 25, 2007, No. 476 “On Amendments to the Resolution of the Government of the Russian Federation” dated October 12, 2004.

The sixteenth paragraph of the resolution excluded from the list of equipment subject to registration - wireless access user equipment in the radio frequency band 2400-2483.5 MHz with a radiation power of transmitting devices up to 100 mW inclusive.

Also, in pursuance of the protocol entry to the decision of the SCRF dated August 19, 2009, No. 09-04-09, the SCRC decided: to allocate radio frequency bands 5150-5350 MHz and 5650-6425 MHz for use on the territory of the Russian Federation with the exception of the cities specified in the appendix No. 2, fixed wireless access by citizens of the Russian Federation and Russian legal entities without issuing separate decisions of the SCRF for each individual or legal entity.

The specified frequency bands correspond to the 802.11a/b/g/n standards and channels with numbers from the ranges 36-64 and 132-165. However, Appendix 2 lists the 164 largest cities in Russia in which the specified frequencies cannot be used to create wireless networks.

Violation of the procedure for using radio-electronic means is subject to liability under Articles 13.3 and 13.4 of the Code of the Russian Federation on Administrative Offences.

By a decision of July 15, 2010, the State Committee for Radio Frequencies of Russia canceled the issuance of mandatory private decisions of the State Committee for Radio Frequencies for the use of fixed wireless access systems in the ranges 5150-5350 MHz and 5650-6425 MHz. The restriction on these frequency ranges has been lifted for the entire territory of Russia.

The following types and varieties of connections are distinguished:

1. Ad-Hoc connection (point-to-point). All computers are equipped with wireless cards (clients) and connect directly to each other via a radio channel operating according to the 802.11b standard and providing an exchange rate of 11 Mbit/s, which is quite enough for normal operation;

2. Infrastructure connection. This model is used when it is necessary to connect more than two computers. A server with an access point can act as a router and independently distribute the Internet channel;

3. Access point, using a router and modem. The access point is connected to the router, the router is connected to the modem (these devices can be combined into two or even one). Now the Internet will work on every computer in the Wi-Fi coverage area that has a Wi-Fi adapter;

4. Client point. In this mode, the access point acts as a client and can connect to an access point operating in infrastructure mode. But only one MAC address can be connected to it. Here the task is to connect only two computers. Two Wi-Fi adapters can work with each other directly without central antennas;

5. Bridge connection. Computers are connected to a wired network. Each group of networks is connected to access points that connect to each other via a radio channel. This mode is designed to combine two or more wired networks. Wireless clients cannot connect to an access point operating in bridge mode.

Thus, the concept and classes of wireless networks were examined, and the reasons for the appropriate use of a wireless connection were identified. The regulatory framework regarding Wi-Fi networks is analyzed. The wireless network was described by providing a typology and type of connections.

Various problems often arise during the operation of wireless networks. Some are due to someone else's oversight, and some are the result of malicious actions. In any case, damage is caused. These events are attacks, regardless of the reasons for their occurrence.

There are four main categories of attacks:

1. Access attacks;

2. Modification attacks;

3. Denial of service attacks;

4. Disclaimer attacks.

An access attack is an attempt by an attacker to obtain information for which he does not have permission to view, and which is aimed at violating the confidentiality of information.

To carry out this attack, information and means to transmit it are required.

An access attack is possible wherever information and means for its transmission exist.

Access attacks can also include snooping, eavesdropping and interception.

Snooping is viewing files or documents to search for information of interest to an attacker.

Eavesdropping is when someone listens to a conversation in which they are not a participant (often using electronic devices).

Interception is the capture of information during its transmission to its destination.

Information is stored electronically:

Workstations;

Servers;

In laptop computers;

CDs.

With CDs the situation is clear, because an attacker can simply steal them. With the first two things are different. With legal access to the system, the attacker will analyze the files by simply opening them one by one. In case of unauthorized access, the attacker will try to bypass the control system and gain access to the necessary information. It's not difficult to do this. You need to install a network packet analyzer (sniffer) on your computer system. To do this, the attacker must increase his authority in the system or connect to the network. The analyzer is configured to capture any information passing through the network, but especially user IDs and passwords.

Eavesdropping is also carried out in global computer networks such as leased lines and telephone connections. However, this type of interception requires appropriate equipment and special knowledge. In this case, the most suitable place to place the listening device is a cabinet with electrical wiring.

And with the help of special equipment, a qualified hacker can intercept fiber-optic communication systems. However, to succeed, he must place his system in the transmission lines between the sender and receiver of information. On the Internet, this is done by changing the name resolution, causing the computer name to be converted to an incorrect address. Traffic is redirected to the attacker's system instead of the actual destination node. If such a system is configured appropriately, the sender will never know that his information did not reach the recipient.

A modification attack is an attempt to illegally change information. It is aimed at violating the integrity of information and is possible wherever information exists or is transmitted.

There are three types of modification attacks:

1. Replacement;

2. Addition;

3. Removal.

Replacement - replacement of existing information targets both classified and public information.

Addition attack - adding new data.

A deletion attack means moving existing data.

All three types of modification attacks exploit system vulnerabilities, such as server security “holes” that allow the home page to be replaced. Even then, extensive work must be done throughout the entire system to prevent detection. Because transactions are numbered sequentially, deleting or adding incorrect transaction numbers will be noted.

If a modification attack is carried out during the transmission of information, then it is necessary to first intercept the traffic of interest, and then make changes to the information before sending it to its destination.

Denial-of-service (DoS) attacks are attacks that prevent a legitimate user from using a system, information, or computer capabilities. In other words, this attack is “Vandalism”, i.e., an attacker.

As a result of a DoS attack, the user usually does not gain access to the computer system and cannot operate with information.

A DoS attack directed against information destroys, distorts or moves it to an inaccessible place.

A DoS attack aimed at applications that process or display information, or at the computer system on which these applications are running, makes it impossible to complete the tasks performed using such an application.

A common type of DoS attack (denial of access to a system) aims to disable computer systems, as a result of which the system itself, applications installed on it and all stored information become inaccessible.

Denial of access to communications means disabling communications facilities that deny access to computer systems and information.

DoS attacks aimed directly at a computer system are implemented through exploits that take advantage of vulnerabilities in operating systems or internetwork protocols.

With the help of these "holes", the attacker sends a specific set of commands to the application, which it is not able to process correctly, as a result of which the application crashes. A reboot restores its functionality, but during the reboot it becomes impossible to work with the application.

A disclaimer attack targets the ability to identify information, or misrepresent an actual event or transaction.

This type of attack includes:

Masquerade is performing actions under the guise of another user or another system.

Denial of an event is a denial of the fact of an operation.

DoS attacks against the Internet are attacks on the Internet's root name servers.

You can ensure the security of your wireless access device and, accordingly, minimize the risk associated with this type of access using the following simple steps:

1. Change the administrator password on your wireless device. It is easy for a hacker to find out what the device manufacturer's default password is and use that password to access the wireless network. Avoid passwords that are easy to guess or guess;

2. Disable broadcasting of the network identifier (SSID broadcasting, SSID - Service Set Identifier, network identifier) so that the wireless device does not broadcast information that it is turned on;

3. Enable traffic encryption: it is best to use the WPA protocol if the device supports it (if not, then use WEP encryption);

4. Change the network identifier (SSID) of the device. If you leave the device manufacturer's default identifier, an attacker can easily identify the wireless network by learning this identifier. Don't use names that are easy to guess.

As a result of solving this problem, four main categories of attacks and three types of modification attacks were identified and studied. Denial of service and denial of obligation attacks were also subject to consideration. Based on this analysis, steps were developed to ensure the security of wireless access devices.

Thus, to summarize, we can confidently say that wireless connections have now become widespread, mainly due to their ability to work with the Internet anywhere in the home or office.

However, if you do not take measures to ensure the security of your wireless network, an attacker can intercept data transmitted over it, gain access to the network and files on your computer, and also access the Internet using the connection.

2. Review of tools and methods for ensuring information security of wireless networks

2.1 Wireless security policy

The specifics of wireless networks mean that data can be intercepted and changed at any time. Some technologies require a standard wireless adapter, while others require specialized equipment. But in any case, these threats are implemented quite simply, and to counter them, effective cryptographic data protection mechanisms are required.

When building a security system, it is important to determine the threat model, i.e., decide what the protection itself will counter. In fact, there are two threats in wireless networks: unauthorized connection and eavesdropping, but their list can be expanded by highlighting and generalizing the following main threats associated with wireless devices to those listed in the first chapter:

Uncontrolled use and perimeter violation;

Unauthorized connection to devices and networks;

Traffic interception and modification;

Availability violation;

Device positioning.

The widespread use of wireless devices and their low cost lead to gaps in the network security perimeter. Here we are talking not only about attackers who connected a Wi-Fi-enabled PDA to a company’s wired network, but also about more trivial situations. An active wireless adapter on a laptop connected to the corporate network, an access point brought from home for testing - all of these can become convenient channels for penetrating the internal network.

Insufficient authentication and errors in the access control system allow unauthorized connections.

By their nature, wireless networks cannot provide high availability. Various natural, man-made and anthropogenic factors can effectively disrupt the normal functioning of a radio channel. This fact must be taken into account when designing the network, and wireless networks should not be used to organize channels with high availability requirements.

Wi-Fi stations can be easily detected using passive methods, which allows you to determine the location of a wireless device with fairly high accuracy. For example, the Navizon system can use GPS, GSM base stations and wireless access points to determine the location of a mobile device.

The security policy for wireless networks can be presented either as a separate document or as part of other components of regulatory security. In most cases, a separate document is not required, since the provisions of the wireless network policy largely overlap with the traditional content of such documents. For example, the requirements for physical protection of access points are completely overlapped by issues of physical security of active network equipment. In this regard, the wireless security policy is presented in the form of a separate document during the period of WLAN implementation, after which, with the next revision of the documents, it harmoniously merges with others.

If wireless networks are not used, the security policy should include a description of protective mechanisms aimed at reducing the risks associated with unauthorized use of radio networks.

The world's best practices in the field of information security management are described in the international standard for information security management systems ISO/IEC 27001 (ISO 27001). ISO 27001 specifies requirements for an information security management system to demonstrate an organization's ability to protect its information assets.

The standard is authentic GOST RISO/IEC 27001-2006. It establishes requirements for the development, implementation, operation, monitoring, analysis, support and improvement of a documented information security management system, for the implementation of information security management and control measures.

The main advantages of the ISO/IEC 27001 standard:

Certification allows you to show business partners, investors and clients that the organization has effective information security management;

The standard is compatible with ISO 9001:2000 and ISO 14001:2007;

The standard does not place restrictions on the choice of software and hardware, does not impose technical requirements on IT tools or information security tools, and leaves the organization complete freedom to choose technical solutions for information security.

The concept of information security is interpreted by the international standard as ensuring the confidentiality, integrity and availability of information.

Based on this standard, recommendations can be formulated to reduce the likelihood of violating the wireless network security policy in an organization:

1. Training of users and administrators. ISO|IEC 27001 A.8.2.2. As a result of training, users must know and understand the policy's limitations and administrators must be qualified to prevent and detect violations of the policy;

2. Control of network connections. ISO|IEC 27001 A.11.4.3. The risk associated with connecting an unauthorized access point or wireless client can be reduced by disabling unused switch ports, MAC address filtering (port-security), 802.1X authentication, intrusion detection systems and security scanners that monitor the emergence of new network objects;

3. Physical security. ISO|IEC 27001 A.9.1. Controlling devices brought onto the premises allows you to limit the likelihood of wireless devices connecting to the network. Limiting user and visitor access to your computer's network ports and expansion slots reduces the likelihood of a wireless device connecting;

4. Minimizing user privileges. ISO|IEC 27001 A.11.2.2. If the user works on a computer with the minimum necessary rights, then the likelihood of unauthorized changes to the settings of wireless interfaces is reduced;

5. Security policy control. ISO|IEC 27001 6, A.6.1.8. Security analysis tools, such as vulnerability scanners, allow you to detect the appearance of new devices on the network and determine their type (functions for determining OS versions and network applications), as well as monitor deviations of client settings from a given profile. The terms of reference for audit work performed by external consultants must take into account the requirements of the wireless network policy;

6. Inventory of resources. ISO|IEC 27001 A.7.1.1. Having a current, updated list of network resources makes it easier to discover new network objects;

7. Attack detection. ISO|IEC 27001 A.10.10.2. The use of attack detection systems, both traditional and wireless, makes it possible to promptly detect unauthorized access attempts;

8. Incident investigation. ISO|IEC 27001 A.13.2. Incidents involving wireless networks are not much different from other similar situations, but procedures for their investigation must be defined. For networks where wireless networks are being implemented or used, additions to the policy sections may be required;

9. Legal support. ISO|IEC 27001 A.15.1.1. The use of wireless networks may be subject to both Russian and international regulations. Thus, in Russia, the use of the 2.4 GHz frequency range is regulated by the decision of the SCRF dated November 6, 2004 (04-03-04-003). In addition, since encryption is intensively used in wireless networks, and the use of cryptographic means of protection in some cases is subject to rather strict legislative restrictions, it is necessary to study this issue;

10. Internal and external audit. ISO|IEC 27001 6, A.6.1.8. When carrying out security assessment work, the requirements of the wireless network policy must be taken into account. The possible scope of work to assess WLAN security is described in more detail in the last chapter of this book;

11. Network separation. ISO|IEC 27001 A.11.4.5. Due to the specifics of wireless networks, it is advisable to allocate wireless access points to a separate network segment using a firewall, especially when it comes to guest access;

12. Use of cryptographic security measures. ISO|IEC 27001 A.12.3. The protocols and traffic encryption algorithms used on the wireless network (WPA or 802.11i) must be defined. When using 802.1X technology, the requirements for digital signature protocols and the length of the signing key of certificates used for the purposes are determined;

13. Authentication. ISO|IEC 27001 A.11.4.2. The requirements for storing authentication data, their change, complexity, and security during transmission over the network must be determined. The EAP methods used, the RADIUS server public key protection methods can be explicitly defined;

14. Control of changes in the information system. ISO|IEC 27001 A.12.5.1. Wireless technologies must be taken into account in the IP;

15. Acceptability of Software and Hardware Use. ISO|IEC 27001 A.12.4.1 This section covers requirements for access points, wireless switches, and wireless clients;

16. Attack detection. ISO|IEC 27001 A.10.10.2. Requirements for wireless attack detection systems must be defined, and responsibility for event analysis must be assigned;

17. Logging and analysis of security events. ISO|IEC 27001 A.10.10.1. This section can be expanded by adding wireless network-specific events to the list of monitored events. May include the previous section;

18. Remote network access. ISO|IEC 27001 A.11.7.2. In most cases, wireless network users are logically classified as users of remote access systems. This is due to similar threats and, as a consequence, countermeasures characteristic of these IS components. In addition, after completing all stages, the following documents must be generated in one form or another:

Instructions for users regarding the use of a wireless network;

Basic settings of access points, wireless switches, workstations;

Procedures for monitoring the security of wireless networks;

Profiles of attack detection systems;

Wireless Incident Response Procedures.

Thus, the ISO/IEC 27001 standard was analyzed. Based on this standard, recommendations were formulated to reduce the likelihood of violating an organization's wireless security policy. There is also a list of documents that must be generated after completing all stages of the wireless network security policy.

A properly constructed and enforced security policy is a reliable foundation for a secure wireless network. As a result, it is worth paying sufficient attention to it, both at the stage of network implementation and during its operation, reflecting changes occurring in the network in regulatory documents.

2.2 Wireless Security Solutions

An important element of security for any network, not just wireless, is access and privacy management. One of the reliable methods of controlling access to a WLAN is authentication, which allows you to prevent unauthorized users from accessing data communications through access points. Effective WLAN access control measures help determine which client stations are allowed and associate them only with trusted access points, excluding unauthorized or dangerous access points.

WLAN confidentiality means that transmitted data will only be correctly decrypted by the party for whom it was intended. The confidentiality status of data transmitted over a WLAN is considered protected if the data is encrypted with a key that can only be used by the recipient of the data for whom it was intended. Encryption means that the integrity of the data is not compromised throughout the entire transmission process - sending and receiving.

Today, companies using WLAN networks are implementing four separate solutions for WLAN security and access and privacy management:

Open access;

Basic security;

Increased security;

Remote access security.

As with any security deployment, it is wise to conduct a network risk assessment before selecting and implementing any of the WLAN security solutions:

1. Open access. All wireless LAN products certified to Wi-Fi specifications are shipped to operate in public mode with security features disabled. Open access or lack of security may suit the needs of public hotspots such as coffee shops, college campuses, airports or other public places, but it is not an option for businesses. Security features must be enabled on wireless devices during installation. However, some companies do not include WLAN security features, thereby seriously increasing the level of risk to their networks;

2. Basic security: SSID, WEP and MAC address authentication. Basic security involves the use of Service Set Identifiers (SSIDs), open or shared key authentication, static WEP keys, and optionally MAC address authentication. This combination can be used to set up basic access and privacy controls, but each individual piece of security can be compromised. The SSID is a common network name for devices in the WLAN subsystem and serves to logically separate this subsystem. The SSID prevents access from any client device that does not have an SSID. However, by default, the access point broadcasts its SSID among its signals. Even if you disable the broadcast of the SSID, an attacker or hacker can discover the desired SSID using so-called “sniffing” or “sniffing” - unnoticeable network monitoring. The 802.11 standard, a group of specifications for WLAN networks developed by the IEEE, supports two means of client authentication: open authentication and shared key authentication. Open authentication is only slightly different from providing the correct SSID. With shared key authentication, the access point sends a test text packet to the client device, which the client must encrypt with the correct WEP key and return to the access point. Without the correct key, authentication will fail and the client will not be allowed into the access point's user group. Shared key authentication is not considered secure because an attacker given the initial test text message and the same message encrypted with a WEP key can decrypt the WEP key itself. With open authentication, even if a client is authenticated and gains access to the access point's user group, the use of WEP security prevents the client from transmitting data from that access point without the correct WEP key. WEP keys can be 40 or 128 bits long and are usually statically determined by the network administrator at the access point and each client transmitting data through that access point. When using static WEP keys, the network administrator must spend a lot of time entering the same keys into each device on the WLAN. If a device using static WEP keys is lost or stolen, the owner of the missing device can gain access to the WLAN. The administrator will not be able to determine that an unauthorized user has entered the network until the loss is reported. The administrator must then change the WEP key on each device that uses the same static WEP key as the missing device. In a large enterprise network with hundreds or even thousands of users, this can be difficult. To make matters worse, if the static WEP key was decrypted using a tool like AirSnort, there is no way for the administrator to know that the key was compromised by an unauthorized user. Some WLAN solution providers support authentication based on the physical address or MAC address of the client network card (NIC). The access point will only allow a client to associate with the access point if the client's MAC address matches one of the addresses in the authentication table used by the access point. However, MAC address authentication is not an adequate security measure because the MAC address can be spoofed and the network card can be lost or stolen;

3. Basic Security Using WPA or WPA2 Another form of basic security available today is WPA or WPA2 using Pre-Shared Key (PSK). The shared key authenticates users using a password or identification code (also called a passphrase) at both the client station and the access point. The client can only access the network if the client password matches the access point password. The shared key also provides the data to generate the encryption key that is used by the TKIP or AES algorithms for each packet of data transmitted. While more secure than a static WEP key, a shared key is similar to a static WEP key in that it is stored on the client station and can be compromised if the client station is lost or stolen. It is recommended to use a strong, general passphrase that includes a variety of letters, numbers, and non-alphanumeric characters;

4. Basic Security Summary. Basic WLAN security based on a combination of SSID, open authentication, static WEP keys, MAC authentication, and WPA/WPA2 shared keys is only sufficient for very small companies or those that do not trust vital data to their WLAN networks. All other organizations are encouraged to invest in robust enterprise-grade WLAN security solutions;

5. Increased security. The enhanced level of security is recommended for those customers who require enterprise-class security and security. This requires advanced security that fully supports WPA and WPA2 with the building blocks of 802.1X two-way authentication and TKIP and AESB encryption, including the following capabilities:

802.1X for powerful two-way authentication and dynamic encryption keys per user and per session;

TKIP to extend RC4-based encryption, such as key caching (per packet), message integrity check (MIC), initialization vector (IV) changes, and broadcast key rotation;

AES for state-level data encryption, maximum security;

Capabilities of the Intrusion Prevention System (IPS) and subscriber movement tracking - a transparent view of the network in real time.

6. Wireless LAN security and remote access. In some cases, comprehensive security may be required to protect applications. Using secure remote access, administrators can set up a virtual private network (VPN) and allow mobile users to communicate with the corporate network from public hotspots such as airports, hotels and conference rooms. When deployed in an enterprise, the advanced security solution covers all WLAN security requirements, making the use of VPNs on an enterprise WLAN unnecessary. Using a VPN on an internal WLAN can affect WLAN performance, limit roaming capabilities, and make it more difficult for users to log into the network. Thus, the additional overhead and limitations associated with overlaying a VPN network on an internal WLAN network do not seem necessary.

As a result, we can come to the conclusion that to ensure the information security of any network, not just wireless, high-quality access and confidentiality management is important. To achieve this, four separate solutions are currently being actively implemented: open access, basic security, enhanced security, and remote access security.

If network security is properly constructed and all requirements are followed, network security will be at a high level, which will significantly complicate attackers’ access to the wireless network.

3. Assess the need and effectiveness of a wireless network security solution

3.1 Assessing the need for wireless network security

Despite the fact that most companies have already deployed one or another wireless network, specialists usually have many questions about the security of the chosen solutions, and company executives who avoid implementing wireless technologies worry about missed opportunities to increase productivity and reduce infrastructure costs.

Many organization leaders understand that wireless technologies can improve productivity and collaboration, but are hesitant to implement them for fear of vulnerabilities that may arise in the corporate network due to the use of wireless networks. The variety of proposed methods for securing wireless communications and the controversy over their effectiveness only add to these doubts.

There are many challenges associated with implementing wireless technology in a midsize company that make you wonder not only about wireless security, but also whether it is needed at all.

Common problems that can be overcome by properly implementing the security policy discussed in Chapter 2:

Deciding whether to deploy a wireless network;

Understanding and reducing the risk associated with the introduction of wireless technologies;

Defining an approach to protecting a wireless network;

Selecting optimal wireless network security technologies;

Checking the security level of the deployed wireless network;

Integration of existing assets into a wireless network security solution;

Detect and prevent unauthorized wireless network connections.

The benefits provided by wireless networking technologies can be divided into two categories: functional and economic.

Functional benefits include reduced management costs and reduced capital expenditures, while economic benefits include increased productivity, improved business process efficiency, and additional opportunities to create new business functions.

Most of the major economic benefits associated with wireless networks result from increased employee flexibility and mobility. Wireless technology removes the constraints that keep employees at their desks, allowing them to move relatively freely around the office or office building.

But, despite all the advantages, there are also disadvantages, mainly technological, which are expressed in the vulnerability of the wireless network through various attacks from intruders (section 1.2 of this work was devoted to this).

As soon as such technological shortcomings of first-generation wireless networks were discovered, active work began to eliminate them. While some companies were working to improve wireless standards, many analyst firms, network security vendors, etc. were trying to work around the shortcomings inherent in previous standards.

As a result, several approaches to securing wireless networks have been developed.

There are many factors to consider when evaluating possible options for securing your wireless network. When making this assessment, you need to take into account a variety of indicators: from the costs of implementing and administering the solution to its overall security. All of the above approaches have their own advantages and disadvantages, so you need to become more familiar with each of them so that you can make an informed decision.

The latest wireless security standards, namely WPA and WPA2, have eliminated the serious shortcomings of the WEP standard and thus made workarounds such as IPsec or VPN technology unnecessary. The use of static or dynamic WEP is no longer recommended in any form, and omitting security is beneficial in only a few situations. Thus, when developing a comprehensive, effective solution for protecting a wireless network, it is enough to consider only two approaches.

Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) are specifically designed to block threats to wireless networks based on the IEEE 802.11 standard. However, there are some differences between them.

The WPA protocol was developed in 2003 to address the shortcomings of the WEP standard. The developers of WPA did a good job of providing support for mutual authentication, TKIP data encryption, and signed message integrity checks to protect against packet spoofing or replay attacks.

WPA2 provides even greater security because it uses AES rather than TKIP to secure network traffic. Therefore, it should always be preferred over WPA.

The WPA and WPA2 protocols are significantly superior to WEP in terms of security, and if the security system is properly configured, there are no known vulnerabilities in either the first or the second. However, WPA2 is considered more secure than WPA, and if the infrastructure supports it and the additional overhead associated with administering a WPA2 solution is acceptable, it should be the choice.

Most of the access points produced today and the latest OS versions are certified in accordance with the requirements of the WPA2 protocol. If some access points or client computers in your environment do not support WPA2, wireless devices and client systems that support WPA2 can use the older WPA standard.

We should also not forget about such a development option for the company as refusing to deploy a wireless network. There is a saying among security professionals that says, “The best protected system is the one that no one ever turns on.” Thus, the most reliable way to protect against the vulnerabilities inherent in wireless networks or any other technologies is to not implement them. The disadvantage of this approach is obvious: a company that refuses to implement any technology may find itself uncompetitive in modern economic conditions, when any advantage, including technological, may be a decisive factor for success.

As already discussed, before implementing any new technology in a particular company, one must evaluate the company's needs, its risk tolerance, and the actual risk. Wireless technologies are no exception. Wireless networks have a number of benefits, but for a given organization these benefits may not be as important or important at all.

When choosing a secure wireless solution, you need to consider all of your options, including going wireless. If it is determined that an organization is not ready to deploy a wireless network, this decision should be reflected in existing corporate policies to prevent end users from weakening the security of the corporate network environment due to unauthorized creation of wireless networks.

3.2 Development of an algorithm for carrying out work to assess the effectiveness of wireless network protection

In order to determine the advantage of a particular method of protecting a wireless network, it is advisable to assess its security.

This is especially important due to the fact that wireless networks are often deployed for company management. Accordingly, an attacker who gains access to the wireless segment has the opportunity not only to use company resources for his own purposes, but also to gain access to confidential information and block the work of high-priority users.

...

Set a password and appropriate encryption type for the network

This rule applies to all wireless networks. You must definitely set a password (the latest and most reliable one at the moment, although this also has its own nuances, which I will discuss below). You should not use the WPA type, which is not only old, but also limits network speed. WEB encryption is generally the latest topic. It is quite easy to hack this type using brute force methods and more.

Take your password just as seriously. The default minimum password length is 8 characters, but you can make it longer, for example 10-15 characters. It is advisable that the password contain not only letters or numbers, but a whole set of characters, plus special characters.

IMPORTANT! Disable WPS

So, WPS technology has some flaws and with this, people can easily hack your network using Linux-based distributions and entering the appropriate commands in the terminal. And here it doesn’t matter what kind of encryption is used, but the length and complexity of the password decides a little; the more complex it is, the longer it will take to crack. WPS can be disabled in the router settings.

By the way, if anyone doesn’t know, WPS is needed to connect equipment to a Wi-Fi network without a password, you just press this button on the router and, for example, your smartphone connects to the network.

Hide Wi-Fi network (SSID)

On all types of routers or, as they are also called, routers, there is a function that allows you to, that is, when searching for a network from other devices, you will not see it, and you must enter the identifier (network name) yourself.

In the router settings you need to find the item "Hide access point", or something similar, and then reboot the device.

MAC Address Filtering

Most of the newest routers, and older ones too, have functionality that limits connected devices. You can add to the list of MAC addresses those that have the rights to connect to the Wi-Fi network or limit them.

Other clients will not be able to connect, even if they have the SSID and password from the network.

Activate the Guest Network feature

If your friends, acquaintances or relatives, whom you have allowed, have access to the network, there is an option to create a guest network for them, isolating the local network. As a result, you don't have to worry about losing important information.

Guest access is enabled in the router settings. There you check the appropriate box and enter the network name, password, set encryption, etc.

Change the login and password to access the router admin panel

Many who have a router (router) know that when entering its settings you need to enter a login and password, which by default is the following: admin(entered both in the login field and in the password field). Those who have connected to the network can easily go into the router settings and change something. Set a different password, preferably a complex one. This can be done in the same settings of the router, system section. Yours may be a little different.

You should definitely remember the password, as it will not be possible to recover it, otherwise you will have to reset the settings.

Disabling the DHCP server

There is one interesting point that you can do in the router settings. Find the DHCP server item there and turn it off, usually it is located in the LAN network settings.

Thus, users who want to connect to you will have to enter the appropriate address that you specify in the router settings. Usually the IP address is: 192.168.0.1/192.168.1.1, then you can change it to any other, for example, 192.168.212.0. Please note that from your other devices you must also specify this address.

Well, we’ve figured out how to increase the security of a Wi-Fi wireless network. Now you don’t have to worry about your network being hacked and information being lost. I think using at least a few of the methods in this article will greatly improve Wi-Fi security.

Routers that distribute signals to connected devices appeared in the lives of most people relatively recently, but have already gained popularity. It would not be an exaggeration to say that today the Internet is used everywhere: distance education is spreading, people communicate on social networks, documentation is stored electronically, business correspondence is conducted over the Internet. With a router it is possible to create your own...

Saved wifi passwords are a secure network connection that protects information stored on media. This is why users are interested in how to view the Wi-Fi password on a computer. Security of access to the Internet is ensured with greater performance if the user knows where to look up the Wi-Fi password on the router. Access to the Wi-Fi network is provided to trusted devices, because...

The security of a Wi-Fi network depends on a securely chosen password. You’ll say “what’s the difference, there’s no limit, there’s enough speed, there’s no point in bothering with changing the wi-fi password.” If friends and neighbors just use the Internet, and at a time when network access is not needed, it’s not so scary. But about the option “change password on Wi-Fi...

Today it is impossible to imagine a person who does not use the Internet, but almost everyone faces the problem of forgetting their Wi-Fi password. When setting up a home router for the first time, the wizard advises you to create a password that you will not forget and write it down. But most often these tips go unheeded. You may need it again when connecting...

By providing personal brand devices for the convenience of customers, Beeline argues that the routers are already configured with the necessary parameters and are ready to work, you just need to connect them. At the same time, despite such theses, we advise you to immediately change the password on your Beeline Wi-Fi router. Unfortunately, there is no need to talk about individual router protection...

People often ask: “Why change the WiFi password?” The answer is simple. Sometimes this is necessary to prevent unscrupulous neighbors from connecting to your network and reducing traffic. Later in the article we will look at how to change the password for Wi-Fi byfly. (Further…)...

The need to find out the Wi-Fi password for Windows 7 arises just when it is impossible to restore the keygen. Standard situation: the password and login were written down, but the unfortunate piece of paper was long ago lost in the vastness of your home. Users do not always care about the safety of access data, hoping that they can be easily restored. We tell you...

In what cases should you change the password on the router? There are situations when it is necessary for a tplink router user to change the wifi network password. These include the following cases: (more...)...

Securing your private WiFi network is the most important aspect when creating a HomeGroup. The fact is that the access point has a fairly large range of action, which can be taken advantage of by attackers. What to do to prevent this? How to protect a private wireless network from attacks by unscrupulous people? This is exactly what this article will be about....

In this article we will look at what a wireless WiFi network security key is and why it is needed. This is a pressing issue, as wireless networks are widespread throughout the world. At the same time, there is a risk of falling under the radar of criminals or simply lovers of “Freebies”. (Further…)...

How to find out the password for a WiFi network is a hot topic, since very often there are cases when users simply forgot their key. Of course, you can reset the parameters of the router (access point), but this is not always possible, and not everyone can then reconfigure the router. (Further…)...

Sometimes users forget their Wi-Fi password. At the same time, not everyone can connect to the router and enter its settings in order to view the security key. Yes, and this is not always possible. Therefore, the question of how to find out the WiFi password on Android comes up quite often. (Further…)...

Due to the widespread use of wireless networks, a reasonable question arises: is Wi-Fi harmful? Indeed, nowadays almost every family has a wireless router. (Further…)...

Nowadays, WiFi wireless technology, which allows you to create home networks, has become deeply embedded in people's everyday lives. This is a very convenient way to combine home devices such as a laptop, smartphone, tablet, desktop PC, and so on into one group with access to the global network. However, it very often happens that the user forgot....

Nowadays, in almost every apartment and house that is connected to the Internet, you can find a Wi-Fi router. Some users put a password on it so that they can use it individually, and some leave it in the public domain. This is a personal matter, but it happens that the Internet starts to slow down or you, for example, just wonder if it’s connected...

Contrary to all warnings and recommendations, most users using wireless routers and access points set standard Wi-Fi passwords in the device settings. What this threatens and how to protect yourself from it – we will consider further. Why are standard codes dangerous? This behavior occurs only because people often simply do not understand how dangerous it can be. It seemed...

It often happens that you want to limit access to your home Wi-Fi, but before that it was without a password and now many strangers can absolutely continue to use it, but, from your point of view, this is not good. Now we will look at what to do and how to limit the amount...

Perhaps you're tired of having to enter a password for new devices every time? Or are you just a generous person and decided to make your Wi-Fi public? One way or another, you will need our instructions on how to remove a Wi-Fi password. This is not a very labor-intensive process, so now we will describe such an operation on the most common routers...

Modern communication technologies make it possible to create home networks, uniting entire groups of computers for communication, data exchange, and so on. Their organization does not require special knowledge and large expenses. Just imagine, 10 years ago not everyone had a computer, much less the Internet, but today almost every apartment has a private...

The topic of this article is how to set a password for a WiFi network. Such networks are widespread. Almost every home already has a wireless router or modem. But the manufacturer does not install keys for wireless connection on devices. This is done so that the buyer can freely enter the settings menu and...

For modern society, the Internet has become so commonplace that a person cannot live without social networks or access to Google for a long time. Finding the necessary information, downloading music or a movie, or playing an online game can be much faster and easier with the advent of routers that distribute signals to other devices. Desktop PCs, laptops, smartphones, even TVs...

The security of a Wi-Fi network depends on a securely chosen password. You’ll say “what’s the difference, unlimited Internet, the speed is enough, there’s no point in fiddling around to figure out how to change the password on a wifi router.” Today, home networks play an important role in the lives of modern people. With their help, users organize computers into groups, which allows them to exchange information and...

So, you have acquired a Wi-Fi router - this gives you convenient and equally fast access to the Internet from anywhere in your house or apartment, which is already great. As a rule, most users purchase the dispensing device themselves and it happens that they hardly configure it, except perhaps only adjust the basic settings for optimal operation....

If, in addition to a computer, you also have a laptop, tablet or smartphone, then you will probably want to be able to access the network from any point in your apartment or house from these devices. Naturally, the solution to this problem can be a Wi-Fi router that creates wireless Internet coverage within a certain radius. If you are installing...

Sooner or later, every Internet user has a need to make access to the network more convenient, and then a Wi-Fi router appears in the house, which helps get rid of unnecessary wires and enjoy wireless Internet almost anywhere in the apartment or house. However, do not forget about protecting your wireless access point - namely...

Today, it is enough to go into any cafe and start a search for active Bluetooth devices and you will immediately find two or three phones and PDAs that have access to all files and services without any password. You can also steal a phone book, connect to the Internet via GPRS, and even open a Vietnamese call center from someone else's phone.

The proliferation of wireless networks has led to the emergence of many new information security problems. Gaining access to poorly protected radio networks or intercepting information transmitted over radio channels is sometimes quite simple. Moreover, if in the case of wireless local Wi-Fi networks (IEEE 802.11 family of standards) this problem is somehow solved (special devices have been created to protect these networks, access, authentication and encryption mechanisms are being improved), then in Bluetooth networks (IEEE 802.15.1 standard ) poses a serious threat to information security.

And although Bluetooth is intended for organizing communication between devices at a distance of no more than 10-15 m, today many portable mobile devices with Bluetooth support are used all over the world, the owners of which often visit places with large crowds of people, so some devices accidentally end up in close proximity to others. In addition, many such devices are not configured carefully enough (most people leave all settings at default), and information from them can be easily intercepted. Thus, the weakest link in Bluetooth technology is the user himself, who does not want to deal with ensuring his own security. Sometimes, for example, he gets tired of typing the PIN code and other identification mechanisms too often, and then he simply turns off all security functions.

Meanwhile, tools have already been created to find vulnerable Bluetooth-enabled devices, and security experts believe that soon searching for vulnerable Bluetooth connections will become as common a practice as searching for open Wi-Fi networks. The first Redfang hacking tool, targeting Bluetooth devices, appeared back in June 2003. Redfang bypasses the defenses by launching a powerful, aggressive attack to determine the identity of any Bluetooth device within the attacker's range. After this, the issue of the safety of this technology became even more pressing.

Moreover, while wireless local Wi-Fi networks containing confidential information are, in most cases, quite reliably protected by system administrators and information security specialists, the protection of devices with Bluetooth is poorly ensured. But the rapid spread of the Bluetooth interface raises security issues more and more acutely, and not only users, but also administrators of companies whose employees use the Bluetooth interface should pay close attention to this problem. And the more intense the interaction of Bluetooth devices with a computer on a corporate network, the greater the need for specific security measures, since the loss or theft of such a device will give an attacker access to secret company data and services.

In the meantime, Bluetooth technology shows us an example of how the entire burden of security falls on the shoulders of the user, regardless of his desire and qualifications.

General principles of Bluetooth operation

Unlike Wi-Fi, Bluetooth is designed to build so-called personal wireless networks (Wireless Personal Area Network, WPAN). Initially, it was planned to develop a standard that would allow creating small local networks and gaining wireless access to devices within a home, office or, say, car. Currently, the group of companies involved in working on the free, open Bluetooth specification has more than 1,500 members. According to many experts, Bluetooth has no equal in its niche. Moreover, the IEEE 802.15.1 standard has become a competitor to technologies such as Wi-Fi, HomeRF and IrDA (Infrared Direct Access). Previously, the most common technology for wirelessly connecting computers and peripheral devices was infrared access (IrDA). But, unlike IrDA, which operates on a point-to-point basis in a line-of-sight area, Bluetooth technology was created both to operate on the same principle and as a multipoint radio channel.

Initially, Bluetooth transmitters had a short range (up to 10 m, that is, within one room), but later a wider coverage area was defined - up to 100 m (that is, within the house). Such transmitters can either be built into the device or connected separately as an additional interface.

But the main advantage of Bluetooth, thanks to which it is gradually replacing IrDA, is that direct visibility of devices is not necessary for communication; they can even be separated by such “radio-transparent” obstacles as walls and furniture; In addition, the devices interacting with each other may be in motion.

The main structural element of a Bluetooth network is the so-called piconet - a collection of two to eight devices operating on the same template. In each piconet, one device operates as a master, and the rest are slaves. The master device determines the template on which all slave devices of its piconet will operate and synchronizes the network operation. The Bluetooth standard provides for the connection of independent and even unsynchronized piconets (up to ten in number) into a so-called scatternet. To do this, each pair of piconets must have at least one common device, which will be the master in one and the slave in the other network. Thus, within a single scatternet, a maximum of 71 devices can be simultaneously connected to the Bluetooth interface.

Bluetooth security depends on setting

To protect the Bluetooth connection, encryption of transmitted data is provided, as well as a device authorization procedure. Data encryption occurs with a key whose effective length is from 8 to 128 bits, which allows you to set the strength level of the resulting encryption in accordance with the legislation of each country. Therefore, it is worth immediately noting that correctly configured Bluetooth devices cannot spontaneously connect, so there are no accidental leaks of important information to unauthorized persons. In addition, nothing limits protection at the level of specific applications.

Depending on the tasks performed, the Bluetooth specification provides three security modes, which can be used either individually or in various combinations:

In the first mode, minimal (which is usually the default), no measures are taken to ensure the safe use of the Bluetooth device. The data is encrypted with a shared key and can be received by any device without restrictions.
In the second mode, protection is provided at the device level, that is, security measures are activated based on the identification/authentication and permission/authorization processes. This mode defines different levels of trust for each service offered by the device. The access level can be specified directly on the chip, and according to this, the device will receive certain data from other devices.
The third mode is session-level protection, where data is encoded with 128-bit random numbers stored in each pair of devices participating in a particular communication session. This mode requires authentication and uses data encryption/encryption.

The second and third modes are often used simultaneously. The main purpose of the authentication process is to verify that the device initiating the communication session is what it claims to be. The device initiating communication sends its identifier address (Bluetooth Device Address, BD_ADDR). The triggered device responds with a random number as a challenge. At this time, both devices calculate an identification response by combining the identifier address with the resulting random number. As a result of the comparison, either the continuation of the connection or the disconnection occurs (if the identification responses do not match).

If someone is eavesdropping on an over-the-air connection, in order to steal the authentication key, they would need to know the algorithm for deducing the key from the challenge and response, and figuring out such an inverse algorithm would require significant computer power. Therefore, the cost of retrieving the key by simply eavesdropping on the authentication procedure is unreasonably high.

As for authorization, it is intended to ensure that an identified Bluetooth device allows access to certain information or services. There are three levels of trust between Bluetooth devices: trusted, non-trusted and unknown. If the device has a trust relationship with the initiator, then the latter is allowed unlimited access to resources. If the device is not trusted, then access to resources is limited by the so-called protective service layers (layer security service). For example, the first protective layer requires identification and permission to open access to the service, the second requires only identification, the third requires only encoding. An unknown device that has not been recognized is considered unverified.

Finally, 128-bit data encryption helps protect sensitive information from being viewed by unwanted visitors. Only the recipient with the private decryption key has access to this data.

The device decryption key is based on the communication key. This simplifies the key generation process since the sender and recipient share secret information that will decrypt the code.

The Bluetooth encryption service has, in turn, three modes:

No coding mode;

A mode where only the establishment of communication with devices is encrypted, and the transmitted information is not encrypted;

A mode in which all types of communication are encoded.

So, Bluetooth security features must ensure secure communication at all communication levels. But in practice, despite the safety provided for by the standard, this technology has a number of significant flaws.

For example, a weak point in the security of Bluetooth devices is that manufacturers strive to give users extensive authority and control over the devices and their configuration. At the same time, current Bluetooth technology has insufficient means to identify users (that is, the Bluetooth security system does not take into account the identity or intentions of the user), which makes Bluetooth devices especially vulnerable to so-called spoofing attacks (radio disinformation) and misuse of identification devices.

In addition, the priority is the reliability of device identification, rather than their secure maintenance. Therefore, service discovery is a critical part of the entire Bluetooth design.

An extremely weak point of the Bluetooth interface can also be considered the process of initial pairing of devices, during which keys are exchanged in unencrypted channels, which makes them vulnerable to third-party eavesdropping. By intercepting a transmission during the pairing process, it is possible to obtain the initialization key by calculating these keys for any possible password option and then comparing the results with the intercepted transmission. The initialization key, in turn, is used by the hacker to calculate the communication key and is compared with the intercepted transmission for verification. In this regard, it is recommended to carry out the mating procedure in a familiar and safe environment, which significantly reduces the threat of eavesdropping. In addition, the risk of interception can be reduced by using long passwords, which make it difficult to determine them from intercepted messages.

In general, the possibility of using short passwords allowed by the standard is another reason for the vulnerability of the Bluetooth connection, which, as in the case of the use of simple passwords by system administrators of computer networks, can lead to their guessing (for example, during automatic comparison with a database of ordinary/common passwords) . Such passwords greatly simplify initialization, but make communication keys very easy to extract from intercepted transmissions.

In addition, for the sake of simplicity, users tend to use paired communication keys rather than more secure dynamic ones. For the same reason, instead of combinatorial keys, they choose modular ones. And a device with a modular key uses it to connect to all devices that communicate with it. As a result, any device with a modular key can use it to eavesdrop on secure connections that use the same communication key from trusted devices (that is, those with which communication has already been established). When using modular keys, there is no protection.

However, any Bluetooth device with a private decryption key is quite safe. So security measures using Bluetooth technology can only protect connections if they are configured correctly and if the services are used correctly. And this is the only way to protect personal data and confidential information from falling into the wrong hands.

Virus attacks via Bluetooth

Today, as part of the general trend of increasing complexity of telephones, a relatively new type of handheld device called a smartphone (translated from English as “smart phone”), which is essentially the result of the synthesis of cell phones and personal digital assistants (PDAs), is rapidly gaining popularity.

Analysts assess the smartphone market as the most promising segment of mobile telephony. Some even argue that smartphones and communicators will eventually displace both traditional cell phones and PDAs from the market, and this may happen in the very near future. The reasoning for such a prediction is ironclad: every person dreams of seeing the most multifunctional device in the palm of their hand for the same money. And modern smartphones are becoming cheaper right before our eyes.

As a result, modest mobile phones designed only for making calls, under the pressure of progress, are gradually giving way to complex multifunctional devices with computer functions. In addition, according to the analytical company Mobile Data Association (MDA), the number of mobile phones supporting new technologies is expected to double by the end of this year.

However, few users are aware of the dangers of the transition from primitive “dialers” to complex communication devices that run operating systems and software. Meanwhile, already in the middle of last year, the first virus was discovered for smartphones running the Symbian operating system (the share of smartphones with this OS, if we exclude PDAs and communicators, is 94%).

So, the first mobile virus in history, or rather a network worm called Cabir, began to spread across cellular networks and infect smartphones running Symbian. However, almost simultaneously with Cabir, another virus called Duts infected Windows Mobile. Although both of these viruses have not yet caused much harm to users (they even asked permission from phone owners to infect their mobile phones, and unsuspecting users gave them such permission!), however, viruses for smartphones are improving much faster than their older brothers computer viruses. Less than a year after the first viruses appeared, another anonymous malware creator demonstrated an important achievement: he blocked anti-virus software.

Experts do not yet have a consensus on whether the appearance of such worms can be considered a harbinger of epidemics of mobile viruses, but there is nothing technically difficult in creating such “evil spirits,” so in the near future we will definitely encounter attempts by hackers to launch something more malicious. Theoretically, a mobile virus can, for example, erase names and phone numbers from the address book and other data stored in the handset, as well as send SMS messages allegedly written by the owner of the infected device. Let us note that both the sending of such messages and the availability of paid SMS services can greatly undermine the budget of the owner of an infected phone.

As for the first viruses and their clones, smartphone owners just need to disable Bluetooth functionality when it is not needed, or put the device in a mode inaccessible to detection by other Bluetooth gadgets.

Manufacturers of anti-virus software have already begun to take the protection of mobile phones seriously, and if you are faced with manifestations of virus attacks on your mobile phone, you can turn to anti-virus software manufacturers who have developed tools to protect smartphones for help. The currently most popular anti-virus program, Mobile Anti-Virus, for cleaning mobile phones from viruses is produced by the company F-Secure (http://mobile.f-secure.com).

Kaspersky Lab, in turn, reported that Russia became the ninth country in whose territory the Cabir network worm penetrated smartphones, and suggested that users install a special program on mobile phones to find and remove it. The program is available for free download on the Kaspersky Lab Wap site (http://www.kaspersky.ru).

The New Zealand company Symworks (http://www.simworks.biz) also produces anti-virus programs for PDAs and mobile phones. With their help, you can detect a dozen malicious programs that are distributed under the guise of useful software for these devices. One of the viruses even specifically states that it fights the antivirus program from Symworks.

Antivirus developer Trend Micro also offered free antivirus protection to mobile device users. This new product not only destroys known viruses, but also removes SMS spam. Trend Micro Mobile Security can be downloaded and used until June of this year. The anti-virus package is compatible with all popular mobile devices based on Windows Mobile for Smartphone, Windows Mobile 2003 for Pocket PC and Symian OS v7.0 with UIQ v2.0/2.1 interface. You can download the program at: http://www.trendmicro.com/en/products/mobile/tmms/evaluate/overview.htm.

The latest virus found, Drever-C, operates in the best traditions of the genre: it penetrates the phone under the guise of an updated version of the antivirus (this technique is often used by PC viruses). At the same time, all common protection systems from F-Secure, SimWorks and Kaspersky Lab are powerless against it.

Conclusion

As a rule, buyers of mobile phones and Bluetooth gadgets are more concerned about their own health than about the condition of their devices. Therefore, let us immediately reassure them: since the IEEE 802.15.1 standard was developed with low power in mind, its impact on human health is negligible. The radio channel provides a speed of 721 Kbps, which is quite a bit compared to other standards. This fact determines the use of Bluetooth in connections only for those components whose transmission volume (traffic) is insignificant.

Over time, all the weaknesses of this technology will undoubtedly be revealed. It's possible that the Bluetooth Special Interest Group (SIG) will update the standard's specifications once the flaws are identified. Manufacturers, for their part, are updating products, taking into account all safety recommendations.

Protect your mobile phone from the virus!

Since viruses like Cabir can only spread to mobile phones with Bluetooth in detectable mode, the best way to protect against infection is to put the device in Bluetooth hidden mode (hidden or non-discoverable).

To transmit the Cabir virus from one device to another, Bluetooth wireless technology is required, so that its distribution zone is limited to a radius of approximately 10-15 m. And in order for it to be able to jump to another device located in this zone, it is necessary not only to have Bluetooth is activated, but also so that the unsuspecting owner of a mobile phone approves the introduction of a virus into his device, since when transferring a file, a warning appears on the screen that an application is being installed from an unknown source.

After this, the owner must allow the virus to launch and begin working.

However, the latest messages are not displayed on all devices and not in all clones of the virus, so the owner of the phone cannot always “greet” it.

Note that today a modified communication standard has already been developed, which is the next generation of Bluetooth, IEEE 802.15.3. It is also designed for small networks and local data transfer, but provides higher data transfer rates (up to 55 Mbps) and over longer distances (up to 100 m). Up to 245 users can work on such a network simultaneously. Moreover, if interference occurs from other networks or household appliances, communication channels will automatically switch, which will provide the 802.15.3 standard with high reliability and stability of the connection. Perhaps the new standard will be used in areas where high data exchange rates are required and a greater transmission distance is required, while the previous one will be used for simple computer peripherals (keyboards, mice, etc.), telephone headsets, headphones and music players. In any case, the competition of these standards will be determined by their price and energy efficiency.

As for mobile phones, Microsoft and Symbian Limited are preparing new additional security features. It is no secret that mobile phones are used today not only as a means of communication, but also as an actively used computer peripheral (GPRS modem and storage device), which places increased demands on their protection.

WiFi network protection- another question that faces us after we have created a home network. The security of a wifi network is not only a guarantee against unwanted third-party connections to your Internet, but also a guarantee of the security of your computer and other network devices - after all, viruses from other people’s computers can penetrate through holes and cause a lot of trouble. Security key wifi, which is usually limited to most users, is not enough in this case. But first things first…

First of all, to organize the protection of a wifi network, take care of the mandatory ones, for which I recommend using a WPA2/PSK wifi security key. It requires a fairly complex seven-digit password, which is very difficult to guess. But probably! I seriously thought about this problem when, during the next review of the devices included in the network, I discovered not one, not two, but 10 of them! Then protecting the wifi network seriously interested me, and I began to look for additional, more reliable methods and, of course, I found it. Moreover, this does not require any specific protection program - everything is done in the settings of the router and computer. Now I will share with you! Yes, the demonstration of methods will be carried out on ASUS devices - modern ones have an identical interface, in particular, in the video course I did everything on the WL-520GU model.

Protecting a wifi network - practical ways

1. Disable SSID broadcast

Anyone who watched my video course knows what I'm talking about. For those who don’t, I’ll explain. SSID is, speaking in Russian, the name of our network. That is, the name that you assigned to it in the settings and which is displayed when scanning routers available for connection.

If your SSID is visible to everyone, then anyone can try to connect to it. In order for only you and your friends to know about it, you need to hide it, that is, so that it is not on this list. To do this, check the “Hide SSID” checkbox. After that, it will disappear from the search results. And you can join it in the following way:

That's it, after this you should log into your secure wifi, although it was not visible.

2. Filtering devices by MAC address

This is an even more reliable way to protect wifi from uninvited guests. The fact is that each device has its own personal identifier, which is called a MAC address. You can allow access only to your computers by entering their ID in the settings of your home router.

But first you need to find out these MACs. To do this, in Windows 7 you need to go through the chain: “Start > Control Panel > Network and Internet > Control Center > Change adapter settings” and double-click on your wifi connection. Next, click on the “Details” button and look at the “Physical Address” item - this is it!

We write it without a hyphen - only numbers and letters.
Then go to the “Wireless Network MAC Address Filter” tab in the router’s admin panel.
Select the “Accept” item from the drop-down list and add the MAC addresses of the computers that are on your local area—I repeat, without hyphens.

After that, save the settings and be glad that someone else’s device won’t log in!

3. Filtering devices by IP address

This is an even more advanced method. Here computers will be screened out not only by MAC, but also by their IP, manually assigned to each one. Modern technologies make it possible to replace the MAC, that is, having learned the number of your gadget, you can imitate it and log in, as if you had connected yourself. By default, IP is distributed to all connected devices automatically within a certain range - this happens due to the router operating in the so-called DCHP server mode. But we can disable it and set IP addresses for each manually.

Let's see how this is done in practice. First, you need to disable the DCHP server, which distributes addresses automatically. Go to the “LAN” section and open the “DCHP Server” tab. Here we disable it (“No” in the first paragraph).

After this, you need to configure each computer or other device. If you are using Windows 7, then go to “Control Panel > Network and Internet > Network and Sharing Center > Change adapter settings > Wireless connections (or whatever you call it).” Double-click on it and go to “Properties > Internet Protocol Version 4 (TCP/IP)”. Here we got all the parameters automatically. Check the box “Use the following IP” and set:

IP is the one you assigned when setting up the router, that is, for me it is 192.168.1.3
Mask - 255.255.255.0
Gateway - router IP, that is, by default on ASUS it is 192.168.1.1

4. Router operating time

This method is suitable for those who work at the computer at the same certain time. The bottom line is that the router will distribute the Internet only at certain hours. For example, you come home from work at 6 pm and stay online until 10. Then we set the device to operate only from 18:00 to 22:00. It is also possible to set specific switching days. For example, if you go to the country on the weekend, you can not broadcast wifi at all on Saturday and Sunday.

This mode is set in the “Wireless Network” section, “Professional” tab. We set the days of the week for work and hours.

5. Prevent automatic connection to the network

This setting is made on the computer itself and most likely it is not even wifi protection, but to protect the computer from connecting to someone else’s network, through which a virus can be caught. Click on your wireless connection in “Network Connections” (see point 3) and select “Wireless Network Properties” here.

For maximum security of your connection to a wifi network, it is recommended to uncheck all the boxes here to enter the password each time you connect. For the lazy, you can leave on the first point - automatic connection to the current network, but you cannot activate the other two, which allow the computer to independently join any other that is available for connection.

As you can see, WiFi network protection is provided not only by WPA2 encryption - if you follow these simple tips, the security of your wireless network will be guaranteed! Very soon you will also learn how to protect your entire local network at once, and in order not to miss this article, I recommend subscribing to blog updates. If you have any questions, the comment form is at your service 😉

If the article helped, then in gratitude I ask you to do 3 simple things:
Subscribe to our YouTube channel

Send a link to the publication to your wall on a social network using the button above