Wireless network traffic security - Part 1

In this series we will show you some Wi-Fi network security techniques. The first part in this series will help you understand the vulnerabilities associated with wireless networks.

Although Wi-Fi systems have been around for a long time, there are still many people wondering about security and privacy in the process of using this networking system, there are two main questions here. :

Because there are still so many questions, we want to spend this series talking about the risks associated with using Wi-Fi. Also in this series, we will cover hardware-based security, how the network architecture will affect your wireless network and ultimately some wireless security mechanisms in Windows Server.

The risks in wi-fi security

One of the first principles regarding security is, unless you clearly understand the wireless security risks, otherwise you will not be able to minimize those risks. In other words, it is difficult to develop a complete security plan unless you know what security threats you have to fight. With that philosophy, we want to use a bit of non-formal methods to talk about wireless security.

Most books and wireless security articles often focus on introducing how to configure wireless access points on an overview network architecture as well as its impact on security issues. . However, in this article we will introduce that later, but now we want to leave out the security issue and talk about the types of information a hacker can " steal " if your wireless network fails. security security.

You may find it a little strange for this approach. However, as mentioned before, the important thing here is that we need to understand the risks ahead. In fact, in the real world there are countless networks that are not insecure. And most mobile users often connect to these unsecured wireless networks. These networks may be networks located at airports, hotels or cafes, etc. or perhaps at home. The problem is that, no matter how good your security is for your wireless network, your users still face the risk of exposing sensitive data because connecting over an external network is completely unsafe. .

Get website real

With that in mind, let's pretend that we have a case where employees in an office are using an unsecured wireless network. What information is really revealed if someone has sniffed the wireless data packets in your network?

Although I really want to say that everything can be revealed, the answer is a bit more complicated. This is because the entire IT security concept revolves around defense in depth. Just because the wireless connection is an insecure network, that doesn't mean that the other security mechanisms you're using are invalid.

In order for you to understand what is meant here, consider what happens if someone has logged into Outlook Web App with an unsecured wireless connection. Outlook Web App is a web version of Microsoft that comes with Exchange Server 2010.

Outlook Web App is designed to require SSL web browsers to use SSL encryption. So, if users log into Outlook Web App over an unsecured wireless network, all user information will be encrypted and maintained as safe as what users experience with Internet connectivity. run the rope.

So does that mean you don't need to worry about Wi-Fi security? Not sure! Just because Outlook Web App maintains security even on insecure connections doesn't mean everything will be safe. Before analyzing this issue in depth, we want to talk about something simpler like a website that can compromise your security.

Notice, when a user logs into the website, they need to enter the authentication certificate set. These certificates are usually unencrypted. For example, some free sites that you use only require membership certificates so you can participate in online discussion forums. These sites do not contain sensitive information so the authentication process is not encrypted.

Logging into such a site is absolutely no problem for itself. The problem here is that some users prefer to use the same password for the accounts they have. If a user logs into a website that is not secure via a wireless connection, someone who is sniffing their packets will be able to extract the credentials of this user. The next logical step for hackers will be to see what users use those certificates for.

Mail

When it comes to all applications used in an enterprise environment, perhaps no application contains a potential vulnerability more than Email. Before explaining why this is so, we still have to admit that some mail systems are also quite secure. For example, Exchange Server 2010 will automatically encrypt communication between yourself and other Exchange 2010 servers.

Although when it comes to basic POP3 and SMTP communications, unsafe Wi-Fi connections will expose everything. Although hosting protocols like SMTP, POP3 and IMAP4 often require authentication, the certificate information is still sent in clear text format, easily exposed to sniffing packets.

Even if an organization has encrypted the authentication process, the mail itself is not encrypted unless the organization executes the same form of S / MIME encryption or encryption. . Thus, it is easy for someone to ' sniff ' radio waves in space to block and read mail streams. Even a hacker can respond to a message they block or send a fake message claiming to be someone else.

Shared resources

Another vulnerability related to unsafe wireless network access is access to shared resources.

While access to shared resources is usually not a big problem in corporate networks, domain controllers will provide authentication. But assuming that the server resources are properly secured, sometimes the vulnerability exists on the user's desktop or laptop. For example, if a user is using Windows XP, it's easy to specify their computer name and also easily connect to shared resources on that computer.

Conclude

As you can see, there are a lot of vulnerabilities related to operating on an unsecured wireless network, so in Part 2 of this series, we will continue to discuss with you This problem by introducing how to block your wireless hardware.