Understanding Wireless Network Security: Threats And Solutions

Rule No.

Explanation of the rules:

• Rule 1 & 2: They are created to block the external access to the network.
• Rule 3: This rule would prohibit the researchers and the students from accessing the mail server.
• Rule 4: This rule would block the other host addresses from accessing the web server.
• Rule 5: This rule allows authorization for the request that are outside the network.
• Rule 6: This rue defines the accessibility of the web server.
• Rule 7 & 8 & 9: This rule is used to enable the SSH accessibility of the server.

1. The two common default policies are intrusion prevention policy and device or application control policy in the firewall. The intrusion prevention can be configured by blocking the unauthorized host to connect in the network and the application or device control can be applied with the enforcement of routing rules such as blocking UDP connection in the network.  

Wifi protected access is referred to as WPA and it is an encryption technique used for securing the wireless access point from unauthorized access. It is the revised version of WEP and it uses the TKIP temporal key integrity protocol for the initialization and checking the integrity of the authentication.

 WPA can operate with the WEP and increases the security of Access point. There are different version of WPA and the most recent version is the WPA 2 and it uses the CCMP Counter Mode Cipher Block Chaining Message Authentication Code Protocol as the encryption algorithm for authentication and verification of the integrity of the wireless network. There are some vulnerability related to WPA 2 such as unauthorized access of the wireless network where the intruders have the access of the WPS access points. For the removal of the threat the WPS is required to be disabled and increase the security of the network.

The performance of the wireless network depends on different factors such as the range of the access point and the radio frequency of the wireless signals. The antennas are used for the propagation of the radio waves and a transmitter is used for transmitting the radio waves. The transmit power of the antenna should depend on the requirement of the wireless network and the coverage area of the wireless access point is required to be analyzed for the development of the wireless network. The wireless access point is required to be installed in the range of the organization and the obstruction is required to be removed for increasing the efficiency of the wireless network.

RADIUS stands for remote authentication dial in user service and is used for the management of the client server and enabling remote access of the servers for communicating with the central server. Dial up connection is used for the communication and access the resources of the network. It can be used in an organizational network for the management of the database and share it with the remote users for maintaining transparency of the network. The RADIUS servers helps an organization to improve its security and helps to set an organizational policy for the administration of the single point network. It is an industrial standard and can be used for tracking the statistics of the network and review the policy of the network.

For the detection of the rogue access point manually the functionality and the ability of the wireless network is required to be analyzed and if it is found that the wireless access point is unauthorized and connected with the wired network then it is considered as the rogue. On the other hand if the access point is found in the RF environment and not connected with the wired network it is considered as interfering access point. The wireless access point is directly related with the security threats since it is connected with the wired network. An attacker gaining the access of the access point can intrude into the network and cause a threat for the organization. A strong authentication is required to be used for the wireless access point for the mitigation of the threats and increase the security of the network.  

1. The shadow file stores all the passwords of the users created on the node 1 of the virtnet topology. SHA algorithm is used for the encryption of the passwords stored in the shadow files.
2. It is difficult for the administrator for identification of the same password for two different users because the password are stored in encrypted format and each of the time different key is generated for different keys and thus it is impossible for the administrator to distinguish between the passwords used by the different users.
3. It is difficult for the malicious users to find the password information that is stored in the active directory of the server. If the file where the password information is stored is available to the malicious user the user cannot decipher the password unless the key is available to the user. All the information is stored in cipher text and it requires the public and the private key for getting the actual content.

Transport

Port number 443 is used by the web server for establishment of the HTTPS connection

Symmetric key of a single bit is used for message encoding

Public key of 4 bit is utilized for the creation of a public key cipher and the RSA algorithm is utilized for the cipher and SHA-1 algorithm is utilized for hashing

A certificate is generated on the first node of the virtnet and MyUni website is deployed on the node number 3 and the node 1 is used for the creation of the certificate and uploaded on the 3^rd node. The web browser uses the certificates for the establishment of a single session for the users.

A threatening client can without a lot of a stretch out end up being more comfortable with the machine territories of the server and the customer furthermore get data about the range and the time of the clients. On the off chance that the NAT is utilized the mal master would be not skilled get the IP address of C and subsequently, would be not able take after the closeness of the client. The malicious client can in like way track the IP addresses and the region of substitute machines that are conversing with VPN servers.

The virtual private network helps the sender and the receiver to send and receive data utilizing a public network securely. Here the client sends data to the server via n number of routers and different paths can be used for reaching the destination address and vpn can be used for securing the channel of communication and increasing the efficiency of the network solution. A point to point connection is established and different proxy servers are used for the protection of the identity and location address of the server or the client. The routers used in the network connection is required to be configured with tunneling and different service is required to be enabled for increasing the security of the network.

Tor is referred to as a network that can be used for anonymous communication between the world wide network and it can be a software. A network surveillance is required to be traced and analysis of the traffic is required to be performed for the protection of the personal identity of the sender and the receiver. The tor network does not prevent the online service and the application of the onion routing helps to increase the efficiency of the tor. Thee data are encrypted and in the tor network including the IP address of the next node and a virtual circuit is utilized for the decryption of the data and forwarding the data packets in the network.

Anwar, R.W., Bakhtiari, M., Zainal, A., Abdullah, A.H., Qureshi, K.N., Computing, F. and Bahru, J., 2014. Security issues and attacks in wireless sensor network. World Applied Sciences Journal, 30(10), pp.1224-1227.

Biswas, S., Bicket, J., Wong, E., Musaloiu-e, R., Bhartia, A. and Aguayo, D., 2015, August. Large-scale measurements of wireless network behavior. In ACM SIGCOMM Computer Communication Review (Vol. 45, No. 4, pp. 153-165). ACM.

Kavianpour, A. and Anderson, M.C., 2017, June. An Overview of Wireless Network Security. In Cyber Security and Cloud Computing (CSCloud), 2017 IEEE 4th International Conference on (pp. 306-309). IEEE.

Khan, S. and Pathan, A.K., 2013. Wireless networks and security. Berlin: Springer.

Kumar, V., Jain, A. and Barwal, P.N., 2014. Wireless sensor networks: security issues, challenges and solutions. International Journal of Information and Computation Technology (IJICT), 4(8), pp.859-868.

Liang, C. and Yu, F.R., 2015. Wireless network virtualization: A survey, some research issues and challenges. IEEE Communications Surveys & Tutorials, 17(1), pp.358-380.

Liu, J., Lai, Y. and Zhang, S., 2017, March. FL-GUARD: A Detection and Defense System for DDoS Attack in SDN. In Proceedings of the 2017 International Conference on Cryptography, Security and Privacy (pp. 107-111). ACM.

Mukherjee, A., Fakoorian, S.A.A., Huang, J. and Swindlehurst, A.L., 2014. Principles of physical layer security in multiuser wireless networks: A survey. IEEE Communications Surveys & Tutorials, 16(3), pp.1550-1573.

Pathan, A.S.K. ed., 2016. Security of self-organizing networks: MANET, WSN, WMN, VANET. CRC press.

Prasad, N.H., Reddy, B.K., Amarnath, B. and Puthanial, M., 2016. Intervlan Routing and Various Configurations on Vlan in a Network using Cisco Packet Tracer. International Journal for Innovative Research in Science and Technology, 2(11), pp.749-758.

Stallings, W. and Tahiliani, M.P., 2014. Cryptography and network security: principles and practice (Vol. 6). London: Pearson.

Tse, A. and Carley, K.M., 2017, July. Event-Based Model Simulating the Change in DDoS Attack Trends After P/DIME Events. In International Conference on Social Computing, Behavioral-Cultural Modeling and Prediction and Behavior Representation in Modeling and Simulation (pp. 120-126). Springer, Cham.