Saturday, January 29, 2011

Wireless Networking & Social Engineering

Wireless network is a computer network are connected together through a wireless transmission system without any cable of any kind to avoid the costly process of introducing cables into to a building, or as a connection between various equipment locations. For example, if any person in the airport, coffee shops, library or hotel recently, he or she will have a chance to be in the middle of a wireless network. This wireless network called WiFi or 802.11 networking system was released in 2000 and used to connect personal computers at home, and some cities are trying to use the technology to provide free or low-cost Internet access to residents.
WiFi has a lot of advantages such as easy to set up and inexpensive. They are also unobtrusive -- unless we are on the lookout for a place to use our laptop, we may not even notice when we are in a hotspot.
In 2001, the standard Wired Equivalent Privacy (WEP) access protocol, designed to keep unwanted users from accessing the device. Security was greatly increased in 2003 with the release of Wi-Fi Protected Access (WPA).
Wi-Fi has reinvigorated the use of public spaces from cafés to parks around the world. Unfortunately, several attack scenarios remain largely unknown and could feed an epidemic of corporate and personal identity theft. For example, when we try to connect to a cheap wireless access point from any Internet service provider at any airport trying to check our emails using our credit card for paying, a security certificate may pops up when we browse to any site that offers encryption. We will recognize that a site is using an encrypted session because the web link starts with https:// instead of http://. In this case we many choice to either close the page or continue to the website. After a while, we may discover this cheap internet provider charge our credit card within hundred dollars. Unfortunately for us, it turns out that this cheap wireless access company was really an identity thief.
Now the question is this, “how do you know that this particular wireless access point is trustable? Anyone can put up a wireless access point and put up any page they like.
Most people don’t pay that much attention to security warnings that show up when browsing the Internet because they don’t understand what these warnings mean. Society just needs to find ways to reduce the risks without reducing the convenience. User can do to protect himself is to pay attention to security alerts.
The digital certificate is one of the few things a corporation can do to give an end user any sort of confidence in the site’s security. If the certificate is not properly maintained, it causes skepticism about the rest of the security.

  1. Do not accesses to any wireless access point without any prior knowledge it is a trustable wireless network.
  2. It is better to use your personal mobile internet access to security purposes.
  3.  Use 128 bit or even 256 bit encryption key.
  4. Keep any personal information about you as private as possible.
  5. Do not use common numbers like your birthdates or the last four digits of your Social Security number.
How to Avoid Hacking, and Prevent Internet Security Problems
  1. Do not open any attachments or files in your email if you do not recognize the sender.
  2. Make sure that your system has a competent firewall installed and activated.
  3. Make sure to download and install any security updates for your system as soon as they become available.
Reference

Oram, A., and Viega, J. (2009). Beautiful security. O'Reilly Media, Inc. Sebastopol, CA.

2 comments:

  1. This comment has been removed by the author.

    ReplyDelete
  2. This is a well reviewed paper. But I will like to add that a WPA strong passphrase and the use of alphanumeric with punctuation marks for password can strengthen the authentication process in a wireless network.
    Thanks for your paper.

    Godwin O>

    ReplyDelete