India Broadband

just4kix

This primer is aimed at the non technical people who wish to be informed on the basics of networking and wireless security. I have extracted the information from various sources, Wikipedia being the most common. I have tried to filter away the technical terms and tried to keep the language as simple as possible.

Hope that you will like this primer.

First an intoduction to basic networking ...

What is a computer network?
A computer network is an interconnection of a group of computers. The interconnection is by means of wires or wireless signals. A network may also consist of peripherals such as printers, scanners, fax machines, etc. There are various types of computer networks (also known as network topology). The most common network is known as Local Area Network (LAN). The other common network coming up rapidly is a Wide Area Network (WAN).

What is a LAN?
A network covering a small area, like a home, office, or building can be considered to be a LAN. Current LANs are most likely to be based on Ethernet technology.

What is a WAN?
A WAN is a data communications network that covers a relatively broad geographic area (i.e. one city to another and one country to another country) and that often uses transmission facilities provided by common carriers, such as telephone companies.

What is an IP address?
In a computer network, every computer/peripheral needs to be identified uniquely so that they can 'talk' to each other. The most common method of talking is based on a protocol called as Internet Protocol (IP). Each computer is identified in the network by a physical number called IP address. The IP address is in the format of nnn.nnn.nnn.nnn.

What is a router?
A router is a device that controls the local network. The router is the main point of gateway between the local network (intranet) and the outside world network (internet). When a computer in a network wishes to 'talk' to another computer within the same network or to the outside world, it is the router that receives the communication and channels it to the target.

What is a switch?
Switches are extension points inside a LAN. Consider this like a multiple extensions cord. The main job of the switch is to assign physical IP addresses to every computer within its network. A wired computer is usually connected to the switch and the switch is connected to the router.

What is the difference between wired and wireless network?
Everyone understands wired connections. The physical wire carries the electrical signals that establish connection between two computers or peripherals. In a wireless connection, the electrical signal is converted into a radio frequency signal and transmitted over the air by the wireless device of the source. The antennae of the wireless device in the target machine picks up this signal and the wireless device converts its back into the electrical signal.

Now something about Wireless security ...

What are the security implications in a wireless network?
Since wireless signals are transmitted over the air, any compatible wireless device that is within the range of the wireless network can receive these signals. Hence it will be possible to tap into these signals and 'know' what is going on. If your wireless transmission is not protected a hacker can get into your network. The implications are small to very big:

a) The hacker can get into the network and surf the net free of charge. This will not only clog your network but also consume into your upload and download limit. I would consider this as a small to medium risk.

b) The hacker can visit objectionable or banned sites, post objectionable material on website, etc. But the hacker is not at risk because all this is done from your network. If there is subsequent criminal investigation, records will state that it was from your IP that the 'crime' was committed. This is a high security risk.

c) The hacker can tap into your bank accounts, know passwords, your online transaction passwords, etc. This may cause a lot of monetary loss to you.

What should you do about wireless security?
You should protect your wireless network in such a way that no one is able to 'tap' into your network. There are many methods provided by wireless routers to implement wireless security.

What methods are available for implementing wireless security?[/b]
The methods that are available are from the simplest to the strongest. Please note that no security is full proof. The common wireless security features that are available are:
- MAC (Media Access Control) Address filtering
- Wired Equivalent Privacy (WEP)
- Wi-Fi Protected Access (WPA and WPA2)

What is MAC Address Filtering?
Every network card (wired or wireless) is assigned a unique physical address. So you can limit the access to your wireless network by allowing only the machines with the known MAC address to connect to your network. This works best for very small networks where there are no more than 5 to 6 machines.

What are disadvantages of MAC Address Filtering?
We have to configure MAC Address Filtering in the router by manually adding each and every computer and peripheral MAC address to the list. This is a tedious process. If you wish a new computer to access the network, you have to edit the MAC address list. Secondly MAC Address Filtering prevents access to network only. It is not difficult to 'spoof and clone/copy' a MAC address. Hence this method is not only cumbersome but also not 100% secure.

What is WEP?
WEP uses encryption to implement security. The source network interface card (NIC) encrypts the signal before transmission and the target NIC does the reverse. WEP specifies a shared secret 40 or 64-bit key to encrypt and decrypt the data. Some vendors also include 128 bit keys (know as "WEP2") in their products. With WEP, the receiving station must use the same key for decryption. Each radio NIC and access point, therefore, must be manually configured with the same key. The security exists between the two wireless devices only - once the data enters the wired circuit the security no longer applies.

What are the issues with WEP?
WEP is vulnerable because keys that remain static. With only 24 bits, WEP eventually uses the same initialization vector (IV). If a hacker collects enough frames based on the same IV, the individual can determine the shared values among them, i.e., the keystream or the shared secret key. This of course leads to the hacker decrypting any of the 802.11 frames. The static nature of the shared secret keys emphasizes the problem. 802.11 wireless network does not provide any functions that support the exchange of keys among stations. As a result, system administrators and users generally use the same keys for weeks, months, and even years. This gives mischievous culprits plenty of time to monitor and hack into WEP-enabled networks.

What is WPA?
WPA was designed to enhance the security of wireless networks and to eliminate the limitations of its predecessor WEP. There are two flavors of WPA: enterprise and personal. Enterprise is meant for use with an authentication server, which distributes different keys to each user. Personal WPA utilizes less scalable "pre-shared key" (PSK) mode, where every allowed computer is given the same passphrase. In PSK mode, security depends on the strength and secrecy of the passphrase.

Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used. When combined with the much larger initialization vector, this provides greatly improved protection against, and effectively defeats, the well-known key recovery attacks on WEP.

In addition to authentication and encryption, WPA also provides vastly improved payload integrity. The cyclic redundancy check (CRC) used in WEP is inherently unsecure; it is possible to alter the payload and update the message CRC without knowing the WEP key. A more secure message authentication code (usually known as a MAC, but here termed a MIC for "message integrity code") is used in WPA, using an algorithm named "Michael". The MIC used in WPA includes a frame counter, which prevents replay attacks being executed.

How is WPA more secure?
By increasing the size of the keys and IVs, reducing the number of packets sent with related keys, and adding a secure message verification system, WPA makes breaking into a wireless LAN far more difficult. The Michael algorithm was the strongest that WPA designers could come up with that would still work with older network cards. Due to inevitable weaknesses of Michael, TKIP will shut down the network for one minute if two frames are discovered that fail the Michael check after passing all other integrity checks that would have caught noisy frames. It will then require generation of new keys and reauthentication when the network restarts, forcing the attacker to start over.

What is WPA2?
WPA2 is the next generation of security system in the WPA realm. WPA2 has introduced the Advanced Encryption Standard (AES) algorithm for even more secure networking.

__________________
*** My computer can beat me at chess but is no match when it comes to kick-boxing ***

My Albums | My Movie Collection | Moser Baer Movies

just4kix

Please let me know whether this article was useful to you. It will help me in preparing more articles on similar topics.

MyWay

This was really a informative article. i would say that whole of the article is good and really help full. Keep up the good work.

just4kix

Thanks.

noob

This was very useful. One question. If my wireless broadcast is disabled, does it mean that I am not using it? Or more precisely, how can I disable my wireless part and use only the wired part of the router?

just4kix

Disabling the Wireless SSID Broadcast will simply mean that the SSID will not be visible in the neighbourhood. This will make it difficult for hackers to heck into your network. But there are sniffer programs available that can do the job for hunting hidden networks.

Note that disabling Wireless SSID Broadcast does not turn off wireless network.

I do not recommend disabling Wireless SSID Broadcast. Use a better security method such as WPA or WPA2.

As regards to your second question, a wireless router will always enable wireless networking. It cannot be disabled. That is what its main function is.

Many people are too much paranoid about Wireless networks. Do the following:

1. Have a strong unguessable 'admin' password.
2. Change the router IP address to something unusual; don't keep it simple such as 192.168.1.1 or 192.168.2.1, etc. In fact, deviate from 192.168.x.x.
3. Implement WPA/WPA2 security with a very long key (more than 40 characters)

... and it is more or less impossible to break your wireless. Or I will say possible but not probable.

just4kix

I also advise you to read the next part: Wireless Security Primer - II

Admin

Excellent thread is al I can say Keep up the good work.

just4kix

Thank you.

leonmallet06

Hi,

I am new to this community and I found your article to be very informative. Though, I work in IT but, not related to Networks.
Now I have a Type II modem & with BSNL broadband and I have 2 issues:

1) I can't recive mails on my mobile through wi-fi...due to user name / password which I can't put it in my mobile &

2) how to configure my modem(given by BSNL guys....a taiwan product I think)

Could you help me in sovin these issues...may be I am missing...ideas to configure my cellphone & my modem as well.

Many Thnx.
Cheers.