|
Network Security Basics
Security needs
- Authentication:
Authentication is the process by which a client device must prove its identity
to the access point (AP) before access to the rest of the network is granted.
This ensures that only authorized users are permitted to access the network.
- Integrity:
The integrity of the information is the means by which the receiving end of
the data transmission can verify that the data has not been modified en route
between the client device and the AP.
- Confidentiality:
The goal of confidentiality is to protect data transmitted over the network
from being viewed by unintended recipients. Thus “eavesdroppers”
over the network should not be able to actually decode the data that they might
gain access to.
Common security attacks:
- Eavesdropping is considered a passive form of attack, as it merely consists
of tapping into the network and gathering information without modifying data
or making changes. Utilities to make it easy for attackers to accomplish this
are readily available, and coupled with WEP’s encryption weaknesses, it
is a relatively easy task for attackers to intercept sensitive data and decrypt
it.
- Traffic analysis is another form of the passive attack, where the attacker
is merely observing the patterns of the data coming through the network and
monitoring the flow of communication.
- Insertion attacks occur when attackers configure a device to gain unauthorized
access to a network. This can be done in two ways: by inserting an unauthorized
client device or an unauthorized base station, which could then allow intruders
more easily into the rest of the network.
- Man-in-the-middle attacks confuse a transmission between an access point and
a client device by fooling each side into thinking that it is communicating
directly with the other side, when in reality, all of the data is being run
through the attacker’s computer first. A common example of this is when
an attacker succeeds in intercepting network packets, is able to modify them,
and then puts them back into the network without the receiving end realizing
that the integrity of the data has been compromised.
- Brute-force password attacks are attempts to gain access to a network by using
a dictionary and repeatedly testing passwords to try to break through the password
authentication process.
- Hijacking the session occurs when an attacker is able to intersperse false
traffic in with a legitimate user’s traffic, thereby gaining control of
the session.
- Denial of service attacks do not actually give network access to the attacker;
instead, the attacker prevents the network from providing legitimate service
to all its users. The attacker can achieve this by overloading the network’s
resources to disrupt its regular activities.
Top of page
|