Comptia Network+ Tutorial: Module 05, Part 01: Preventing Wireless Network




Preventing Wireless Network

While transmitting data over a network, there is always one issue that arrives often and that is security. In this module we will discuss about various security threats that may arise during data transmission over a wireless or wired network and techniques to overcome these threats. There can be both hardware and software solutions for data protection.

One of the most common and effective technique of data security we are going to discuss in this module is encryption. Data encryption coverts the text in such a manner that is becomes meaningless and can be transformed into original form only with the use of a key. There are different encryption algorithms to protect data.

Hackers have found techniques to break into networks easily. They are using the technology to fulfil their malicious intentions. Enterprises have to be very careful use effective policies and techniques to protect their valuable data from reaching into malicious hands. Along with security techniques, hacking methods have also become sophisticated and advanced. There are various organisations which are at hackers point. Without appropriate security measures these organisations cannot sit with peace.

If your network is open and unencrypted, it is always prone to be sniffed and captured by unauthorised people. For this organisations must configure access restrictions in the access points. Using VPN (explained below) is also a solution to avoid unauthorised access. There different wireless security measures which are of different effectiveness and practicality which are discussed in this module. Organisations can use the one which suits their environment and requirement.

 

Module 5.1

Preventing wireless network from unauthorised access and damage is very important to protect our important data and information from getting into malicious hands. The most important aspect in creating a secure wireless network is encryption.

Encryption

Wireless encryption prevents a wireless network from being open to everyone. When encrypting, make sure the data that is being sent over the network is not in clear text, that it is encrypted so it stays secure.

The original encryption protocol was Wireless Equivalency Protocol (WEP) and it was easily broken and it is not recommended. Wi-Fi protected access (WPA) replaced WEP and used Temporal Key Integrity Protocol (TKIP) to encrypt data and was able to provide mid-level security but it can still be cracked. WPA gave way to WPA2 and uses the advanced encryption standard. WPA2 is approved in the USA for top secret level data trans-versing a network and is the standard used today. Wireless Protection Security (WPS) is the latest trend and allows for easy connection at the press of a button on a device but it is easily broken as WPS enabled routers do not use a very long encryption key.

Device Signal/Placement

This is not as important as encryption but it is still a necessary concept. Device placement has to do with where devices are placed in a Wi-Fi network and how strong the signal needs to be. The wireless signal needs to be prevented from bleeding out of the office where it can be vulnerable to hackers who might be sitting in the parking lot with a laptop trying to hack into the network. Device placement is integral to allowing employees to access the network all the while keeping important information safe.

WAP Settings

Wireless Access Point (WAP) settings contribute a lot to a secure Wi-Fi network. Within the WAP settings are the Service Set ID (SSID). This is the name used by WAP and it can be made more secure by turning off broadcast and changing the name from default to safeguard information. Also within the WAP settings is the Dynamic Host Configuration Protocol (DHCP) which leases IPs to end clients. Disabling DHCP makes it harder for people to connect to a wireless network since they cannot come up with a valid wireless IP range.

Media Access Card (MAC) filtering is also a way to make WAP settings more secure. Each Network Interface Card has a MAC and using filtering allows only devices that are on the Access Control List (ACL) to connect. In addition to these methods, it is also important to check log activity to see if there is anything out of place.