Wireless network security paper

Source: Internet
Author: User
Tags firewall

People have never stopped pursuing the convenience of life, and the technology to meet this need is constantly being pushed forward. As people have just learned to enjoy the great convenience of Internet technology, the information technology vendors are already drawing us another grander and more beautiful scene, that is, wireless networks.

"What the network can Do" wave has passed, "How to use the network" will become a new round of competition focus. And this new round of network development is striving to get wireless signals across the globe, trying to get people to connect to the global network at any time, anywhere, and through any device. However, when more cables are replaced by wireless signals unseen by the naked eye, it is one of the questions that users will have to answer if they are able to obtain adequate security. It's like putting all your eggs in one basket. The huge signaling system that covers the Earth's surface can make our lives a better place, and it may take away all our sense of security in the blink of an hand.

Wi-Fi

Wi-Fi major security issues

Hidden Dangers of security features

The main power that Wi-Fi relies on for security in terms of design is WEP (Wired Equivalent Privacy) encryption, but this protection has proven to be not robust enough. More importantly, there are some problems with WEP encryption itself. WEP defines a 24-bit field as the initialization vector (IV), and the vector is reused. (Computer science)

Design and usage issues

Most of the manufacturer's products have not used the factory setting of high safety factor in order to be quickly configured and applied. Many users do not know how to configure, and often do not configure wireless network devices securely.

How to make Wi-Fi more secure

Note SSID

The SSID is the identity of a wireless network and, if possible, should not use the device default SSID.

Also, a closed Wi-Fi network does not respond to wireless devices that have the SSID set to any, and does not have SSID broadcasts in the wireless network, which reduces the likelihood of wireless networks being discovered.

Hardening WEP

Limited WEP encryption is at least a lot better than not using WEP, so a basic principle is to set the WEP key as high as possible.

Regular replacement keys

It is not always necessary for all environments to change the key every week, but you should consider changing the key at least once a quarter. As time progresses, a wireless network that never replaces a key has a significant security drop.

Filter computer

By specifying a specific set of addresses, you can try to ensure that only authorized computers have access to the wireless network.

Security recommendations for enterprise applications

The new is often better

If a company is building a wireless network, it should try to buy products that use newer standards and protocols. For enterprises still using old standard equipment, it should be closely concerned about the upgrade information released by the manufacturer.

Leverage existing security Resources

For businesses that have hardware firewalls installed, try to place wireless access points outside the firewall, which treats wireless traffic as untrusted and can apply the firewall to the filtering of the wireless connection, thereby increasing the security starting point.

Incorporating wireless into the overall security policy

Since wireless access is relatively random, it is particularly important to regulate it. Employees should not be allowed to deploy wireless devices on the network at any time, and the company's wireless network should be inspected on a regular basis.

blue tooth (Bluetooth)

The main security problems of Bluetooth

Bluetooth technology is penetrating into people's life at a very fast rate, according to many market research institutions, in 2008, the market demand for Bluetooth products will reach three times times the current. IDC expects more than half of the phones in 2008 to be built into Bluetooth.

The first problem is product vulnerabilities

Although the Bluetooth specification at the beginning of the introduction of security for a better consideration, but due to the manufacturers and user habits, such as the impact of various factors, Bluetooth application security is still not perfect.

At present, the security problems found in Bluetooth are mainly focused on information theft, device control and denial of service attacks, and most of the reasons are caused by the defects of the manufacturer's design.

The basic way to attack Bluetooth

At present, some methods have been discovered to break the security mechanism of Bluetooth devices. Bluetooth devices, which are theoretically not visible, cannot be found, but that is not the case. Some software tools, including Redfang (red fangs, a hacker tool), can discover Bluetooth devices that are in an invisible mode.

Pin crack, break the Bluetooth line.

The main security authentication method between Bluetooth devices is to pair with the pin code. The toughest problem at the moment is that attackers have uncovered ways to crack the pin code of Bluetooth devices. By initiating a mandatory mismatch and listening for information passed in the pairing process, an attacker can enumerate attacks by brute force, thus eventually obtaining pin information.


How to prevent Bluetooth attack

Do not enable if not used

One principle that should always be kept in mind for Bluetooth devices is to turn them off when no Bluetooth connection is required.

Use High Security level

Bluetooth devices usually have three high school low security levels, the highest level is device security. It is necessary to note that a device-level-safe Bluetooth device can also encrypt data. The highest possible level of security is very important.

Pay attention to pairing

Because the process of cracking a Bluetooth pin depends on forcing a new pairing, pay special attention to suspicious pairing requests. In addition, if possible, try to connect in a way that remembers pairing information instead of pairing each time you connect.

Bluetooth security recommendations for enterprises

Develop security policies

Therefore, the processing of Bluetooth security problems needs to be well integrated into the enterprise's overall security strategy, in addition to security policy management of Bluetooth devices should be resolutely disabled.

Focus on related updates

Since most of the current Bluetooth security problems are caused by product defects, we should actively focus on the use of Bluetooth devices to release the vulnerability, and to update the product as soon as possible.

If the vulnerability is more serious and cannot be updated from the vendor, careful consideration should be given to disabling the device or protecting it with additional security measures.

Background information

Bluetooth is another important wireless LAN technology. The technology standard based on a small range of wireless connections is at a fast-growing stage because it is increasingly being integrated into mobile handsets and PDAs, such as mobile phones and PDA devices. The technology usually follows the 802.15 standard to build a user network space called the Wpan (wireless personal area network).


Uwb

Application situation

UWB is becoming a star for home wireless systems. At present, the International Organization for Standardization is actively formulating the standards of UWB, China's 863 plan is also in the field of UWB research and development. On the market side, there are already many manufacturers are starting to apply UWB to HDTV and other home systems.

Security technology

The technical characteristics of UWB determine that the technology is relatively safe. Because the technology was required to be very difficult to eavesdrop on when it was developed by the military. UWB transmission is characterized by a very short pulse signal cycle (often nanosecond or picosecond), and these signals are lower than traditional radio reception equipment noise level, so the use of the usual RF receiver equipment is difficult to receive. In addition, the UWB internal key also uses AES (Advanced Encryption Standard) for encryption, and has anti-jamming mechanism and the ability to recover from the failure of various transmissions. So using UWB technology can establish a very safe and reliable transmission system.

Issues that deserve attention

There is no obvious security flaw in UWB technology, and perhaps a large number of UWB products will find more problems after they are published.

Due to export restrictions, the number of key digits available in different countries varies. If the product is using 40-bit key encryption, then the system will be more vulnerable, if the military standard 256-bit key version, then the UWB system will be very powerful, so in the purchase of products should pay special attention to this point.

In addition, because UWB transmission distance is very limited, in many home applications must be combined with the wired system to play a role, which makes both in the product design phase or in the actual environment of the security protection work need to take into account with the cable system after the situation.

Background information

UWB (Ultra Wide Band), also known as "UWB", came from a study of military radar technology, which began to be used in civilian products in 2002. UWB power consumption is less than 5 per thousand of Wi-Fi, transmission rate can reach a minimum of 100Mbps, the maximum can reach 1Gbps. This technique is similar to the original Bluetooth 1.0 standard, and is mainly used for data transfer within 10 meters distance.

Wimax

The most promising wireless technology

IEEE considers the importance of security for wireless broadband, so it is more and more important to define the security function in the standard, which makes WiMAX based on the Wireless metropolitan Area Network Standard a good starting point in the design phase. As one of the most promising wireless technologies in the last two years, WiMAX has made a positive effort in security.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.