Instructor Background

Module 1

Module 2

Module 3

Module 4

Module 5

Module 6

Exam Module

Security Related Issues: Wireless Network (part 2)

Invite Friends
Facebook Twitter Google+ LinkedIn Email
Description
Virtual Practice Lab
Practice Test
Resources
Security Related Issues: Wireless Network (part 2)

We further break down Wireless Access Points, look at their encryption types, how they give address so the network.

You’ll learn the significance of antenna placement, what a “side survey” is, when it’s used and why, what a captive portal is, the various types of encryption there are for Wireless Access Points, their differences, and where TCP and IP function.

Now we will be discussing security issues related to wireless networking. With wireless networks the most important thing here is our wireless access point. The wireless access point is a device with which we gain access to the network wirelessly, access to the internet or access to the network wirelessly, usually a device we have to set up on the facility to put the signals in the air. The first thing to consider is the antenna placement. Where do we place the antenna? We have to give considerations for physical security. You don’t want to put your antenna where somebody could just walk in, grab the antenna and walk away. You want to have physical security for your antenna. You also want to ensure that all users of that antenna have good signal coverage. So you must do what we call a site survey. You carry out a site survey to determine the best position possible such that all your users have very good access and signal strength. Then you have to give consideration to the default parameters that ship with the access point. Parameters like the SSID. The Service Set Identifier. This could be in many cases just the product name itself. You want to change that. You also want to change the default ID and the password with which the router is managed. You want to change all these because if you leave those, somebody scanning the environment to see available networks could simply learn the name of the device and check out online the default parameters for such a device. You want to change your SSID, you want to change the account name, you want to change the password. When you change the SSID, it is also good practice you don’t have to give it your name so someone does not know it’s for you to specifically target you. Some random names and numbers could be used. Our SSID; that is the Service Set Identifier. A name to identify your service. When you’re searching for available networks, best practice is to prevent some other people scanning and determining your SSID. In many cases by default it’s enabled. We could disable the broadcast. You could disable the broadcast such that somebody scanning to see available networks do not see your SSID. If you want to increase the spread of your signals or reduce the spread of your signals, then you have to alter your power level controls. The power level controls increase or reduce the spread the signals. So you could increase it to increase the range your signals can travel or you would reduce the power level controls to reduce the spread of the signals. You also could determine that you will need to do access control for your access point. Then we do MAC filtering. The ability to limit access to the access point based on the MAC address. The MAC address is a unique set of numbers for every device that can connect to your wireless access point or a network. You could enable MAC filtering based on the MAC address of the device to prohibit or limit what devices have access to your wireless access point. When users attempt to connect to your wireless access point, they could also have captive portals. This is where an interface could be built through the browser where they must identify themselves, provide their credentials, their usernames and ID and password before they’re able to have access to the network. We call this captive portals. Encryption for our wireless access point is also very important. We have several types of encryption. We have WEP, WPA and WPA2. WEP is the weakest form of encryption. It is not advised these days to have WEP. It can easily be cracked. WEP is vulnerable to the IV attack where it keeps the credentials constant so they can easily be cracked. Rather we would prefer to do WPA and WPA depends on TKIP. The temporal key integrity protocol. However some people have been able to compromise that so we move over to WPA2. WPA2 depends on CCMP. Till date, this is the strongest form of encryption we have so if your devices can support either WPA or WPA2, it is better to have these than it is to have WEP. Whatever you do you must ensure you have some form of encryption on your access point. Otherwise your access point could be used to launch attacks on the internet or to upload prohibited material on the internet.

Watch the Course Intro Video
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google PlayGet it on the App Store
Practice Labs and Exam Vouchers

Congratulations! You're taking the first step to getting certified. Get some hands on experience with available practice labs OR save some money, support Cybrary, and purchase discounted exam vouchers. Ready to earn your next industry certification? Join cyber security's largest community and start learning today.

JOIN CYBRARY

Upcoming Industry Events

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

DUHK: The Technique That Got the VPN Compromised
Views: 2701 / December 10, 2017
What is Docker? [Series]
Views: 2974 / December 9, 2017
Wanna-Cry Ransomware
Views: 2831 / December 9, 2017
The Abyssal Depth of the Deep Web
Views: 2769 / December 8, 2017
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel