Wireless Network Security

Wireless Network Security

Jon P. McKinley

mckinley_jon@hotmail.com

TS3150 - Fundamentals of Network Design

Sunday, December 28, 2003

TABLE OF CONTENTS

Introduction 3

The Wireless Market 5

Components of a wireless network 6

Wireless Security Mechanisms1 8

Categories of Attack 10

802.11 Attack Risks 12

Wireless risk mitigation 13

Summary 15

References 16

Introduction

Wireless networks have grown in popularity. This is largely due to the increase in the value of a network as more users are attached to it. The value added to a network by nature of connecting more devices to it, is summarized in "Metcalf's law." Metcalf's law states that if you "connect any number, 'n,' of machines - whether computers, phones or even cars - and you get 'n' squared potential value."[1] The incredible growth of the Internet seems to validate Metcalf's law. It then seems reasonable that eliminating physical constraints to connecting to a network would provide value by allowing more devices to be connected to a network regardless of physical location. Wireless networks provide that ability.

Wireless networks operate over the full spectrum of network topographies. These topographies include: Personal, Local, Controller, Metropolitan, and Wide area networks. A Personal Area Network (PAN) is "...the interconnection of information technology devices within the range of an individual person, typically within a range of 10 meters."[2] A Local Area Network (LAN) is "... a group of computers and associated devices that share a common communications line or wireless link and typically share the resources of a single processor or server within a small geographic area (for example, within an office building)."[2] A Campus Area Network (CAN) is a fiber-optic network that physically interconnects entire buildings into one giant network. While each building may have several discrete LANs within it, each building represents a single node on the CAN. [3] A Metropolitan Area Network (MAN) is "a network that interconnects users with computer resources in a geographic area or region larger than that covered by even a large [LAN] but smaller than the area covered by a wide area network (WAN [- explained next])."[2] A Wide Area Network (WAN) is "a geographically dispersed telecommunications network."[2]

Wireless networks come in many configurations and use many technologies. Figure 1 depicts an example of the wireless technologies and standards used for each of the networks types defined above. The figure indicates two major categories of wireless technologies: fixed and mobile. The figure also indicates 10 technologies in use: Bluetooth, irDA, 802.11, IR LAN, IR Bridge, Ricochet, RF Bridge, Cellular, MCS and Satellite. Virtually all of these technologies play a role in multiple topographies. It is interesting to note that the 802.11 standard has only been assigned to the Mobile LAN and CAN topographies. It has been omitted from them PAN topography. I believe this is an oversight, and I will provide rational for this in a later section.

Each wireless technology has unique security risks and concerns. Many of the risks and concerns are shared across technologies. In order to provide even a brief overview of each technology, topography, and the risks inherent to each would require a document far larger than is specified for this project. Therefore, this document will focus on the 802.11 standard as used in the PAN and LAN topographies.

Figure 1 - Types of Wireless Networks [4]

The Wireless Market

"Over the past ten years or so an alternative to wired LAN structures has evolved in the form of the Wireless LAN. The first generation Wireless LAN products, operating in unlicensed 900-928 MHz Industrial Scientific and Medical (ISM) band, with low range and throughput offering (500 Kbps), subjected to interference came to market with few successes in some applications. But they enjoyed reputation of being inexpensive due to break through development in semiconductor technologies, on the other hand the band become crowded with other products with in short period of time leaving no room for further development.

The second generation in 2.40-2.483 GHz ISM band WLAN products boosted by the development of semiconductor technology was developed by a huge number of manufactures. Using Spread spectrum technology and modern modulation schemes this generation products were able to provide data rate up to 2 Mbps, but again the band become crowded since [the] most widely used product in 2.4 GHz is [the] microwave oven which caused interference.

Third generation product[s] assembled with more complex modulation in [the] 2.4 GHz band allows 11 Mbps data rate. In June 1997, the IEEE finalized the initial standard for wireless LANs: IEEE 802.11. [The] [f]irst fourth generation standard, HiperLAN, came as specification from European Telecommunication Standard Institute (ETSI) Broadband Radio Access Network (BRAN) in 1996 operating at 5 GHz band. Unlike the lower frequency bands used in prior generations of WLAN products, the 5 GHz bands do not have a large "indigenous population" of potential [interferers] like microwave ovens or industrial heating system as was true in 900 MHz and 2.4 GHz [8]. In late 1999, IEEE published two supplements to the 802.11: 802.11b and 802.11a following the predecessor success and interest from the industry. ETSIs next generation HiperLAN family, HiperLAN/2, proposed in 1999 operating at same band with its predecessor, is still under development, the goal is to provide high-speed (raw bit rate 54Mbps) communications access to different broadband core networks and moving terminals. It is expected that 802.11b will compete with