Wireless LAN Security in a SOHO Environment: A Holistic Approach

Table of Contents

1. INTRODUCTION

2. LITERATURE REVIEW

3. METHODOLOGY

3.1. TIMETABLE AND LOG-KEEPING

3.2. THE ARTEFACT

3.3. METHODOLOGY REFLECTION

4. WLAN BASICS

4.1. THE IEEE STANDARDS

4.2. RELATIONSHIP BETWEEN THE WI-FI ALLIANCE AND THE IEEE

4.3. WLAN ARCHITECTURE

4.3.1. Independent / Ad-Hoc

4.3.2. Infrastructure

5. SECURITY

5.1. SECURITY OBJECTIVES

5.2. WLAN SECURITY

5.3. WEP ARCHITECTURE

5.3.1. How WEP works

5.3.2. WEP – why it doesn’t work

5.3.3. WEP Summary

5.4. NEW SECURITY: 802.11I AND WPA

5.4.1. Temporal Key Integrity Protocol (TKIP)

5.4.2. What is WPA?

5.4.3. Counter Mode with CBC-MAC and Robust Secure Networks

5.4.4. Mixed Mode – Transitional Security Network (TSN)

5.4.5. 802.11i Summary

5.5. INTERIM AND EXTRA SECURITY SOLUTIONS

5.5.1. VPN and IPSec

5.5.2. SSL and SSH

5.5.3. Other alternatives

5.6. A BAD SECURITY EXAMPLE: NINTENDO DS

6. WIRELESS LAN PENETRATION TEST – AN EXPERIMENT

6.1. ASSEMBLING THE GEAR

6.2. GATHERING BASIC INFORMATION

6.3. ATTACKING WEP

6.4. GETTING PAST THE MAC FILTER

6.5. GETTING NETWORK SETTINGS

6.6. CONCLUSION

7. PHYSICAL LAYER SECURITY

7.1. FREQUENCIES AND THEIR USE

7.1.1. 2.4 GHz WLAN technology

7.1.2. 5GHz WLAN technology

7.1.3. Advantages and Disadvantages of the frequencies

7.2. HOW WLAN SIGNAL STRENGTH IS MEASURED

7.3. HOW THE SIGNAL IS AFFECTED

7.3.1. Straight-Line Losses

7.3.2. Interference

7.3.3. Practical Test: Microwave ovens versus WLANs

7.4. ANTENNAS AND THEIR IRRADIATION PATTERNS

7.4.1. Dipole Antennas

7.4.2. Directional Antennas

7.4.3. Antenna size matters

8. EXPERIMENTS

8.1. GENERAL ISSUES

8.1.1. Hardware and Software Configuration

8.1.2. Measuring the WLAN signal strength

8.1.3. Windows and Netstumbler

8.1.4. Linux and Wavemon

8.2. AVOIDING INTERFERENCE

8.3. MAKING THE TEST RESULTS COMPARABLE

8.4. EXPERIMENTS AND RESULTS

8.4.1. Signal loss for obstacles

8.4.2. Using a home-made reflector

8.4.3. Other means to shield the Access Point

8.5. RECOMMENDATIONS FOR PLACING THE ACCESS POINT TO INCREASE SECURITY

9. CRITICAL EVALUATION

9.1. EVALUATING THE OBJECTIVES

9.2. EVALUATING OF THE PROCESS AND PERSONAL REFLECTION

10. CONCLUSION

Project Objective and Themes

This project examines the current state of wireless network security, specifically within Small Office and Home Office (SOHO) environments. The central research question addresses how wireless local area networks can be adequately secured given the prevalence of insecure configurations and the ease with which traditional protocols like WEP can be compromised. The paper provides a technical analysis of security mechanisms and explores both logical and physical methods for improving network defense.

• Technical analysis of WLAN security protocols (WEP, WPA, 802.11i).
• Investigation of attacker motives and common intrusion techniques.
• Physical layer security assessment, including signal propagation and shielding experiments.
• Practical application of security best practices for SOHO network setups.

Excerpt from the Book

Summary of Chapters

1. INTRODUCTION: Provides an overview of the rise of WLAN technology and sets the scope for examining security mechanisms in SOHO environments.

2. LITERATURE REVIEW: Analyzes the history and known vulnerabilities of 802.11 security standards, focusing on the failure of WEP.

3. METHODOLOGY: Outlines the research approach, including brainstorming, experiments, and the utilization of a Gantt chart for project management.

4. WLAN BASICS: Details fundamental 802.11 standards, the role of the Wi-Fi Alliance, and different network architectures.

5. SECURITY: Discusses security objectives and evaluates various protocols from WEP to 802.11i/WPA, including interim VPN and SSL solutions.

6. WIRELESS LAN PENETRATION TEST – AN EXPERIMENT: Documents a practical penetration test performed on a local network to demonstrate real-world vulnerabilities.

7. PHYSICAL LAYER SECURITY: Investigates the impact of frequency choices, signal strength measurement, interference, and antenna patterns on overall security.

8. EXPERIMENTS: Presents empirical results regarding signal loss due to obstacles and the effectiveness of home-made signal reflectors and shielding.

9. CRITICAL EVALUATION: Reflects on the research objectives, the project process, and personal learning outcomes.

10. CONCLUSION: Summarizes the necessity of a holistic and ongoing security approach and emphasizes the human factor as the weakest link in network security.

Keywords

WLAN, Security, WEP, WPA, 802.11i, SOHO, Penetration Test, Wardriving, Signal Strength, Encryption, Physical Layer, IEEE 802.11, Network Architecture, Access Point, Authentication

Frequently Asked Questions

What is the core focus of this research paper?

This paper focuses on evaluating the security of wireless LANs within Small Office / Home Office (SOHO) environments, addressing both theoretical flaws in security protocols and practical physical security measures.

Which security protocols are evaluated?

The paper covers WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access), and the more modern 802.11i standard, along with supplementary protocols like VPN, IPSec, SSL, and SSH.

What is the primary objective of the work?

The primary objective is to increase security awareness for home users by demonstrating the ease of unauthorized network access and providing practical, cost-effective recommendations to improve security posture.

What research methods were utilized?

The author employed a combination of literature review, a structured penetration test experiment, and physical layer signal experiments (such as testing home-made reflectors).

What is covered in the main section of the paper?

The main section covers technical standards, a deep dive into the vulnerabilities of the WEP protocol, the shift toward 802.11i/WPA, and extensive physical layer testing of signal propagation and shielding.

What are the main keywords describing this work?

Key terms include WLAN security, WEP, WPA, 802.11i, SOHO, penetration testing, wardriving, and physical layer shielding.

Why is WEP considered dead?

WEP is considered insecure because its design flaws, such as weak key management and reuse of initialization vectors, allow attackers to crack keys in minutes using readily available tools.

How does the author test the effectiveness of signal shielding?

The author conducted a series of measurements comparing signal strength before and after applying obstacles (like walls) or using home-made parabolic reflectors made from everyday materials like aluminum foil or Pringles cans.

What conclusion does the author reach regarding the "human factor"?

The author concludes that despite technical improvements, the "human factor"—the lack of security awareness and the tendency to neglect default settings—remains the weakest link in network security.