|
|
|
Internetworking
Security at the Wireless Cafι |
|
Technical Communication TS 5004 |
|
Capella University |
|
Tim Burke |
|
12/14/2007 |
|
|
Abstract
Wireless connectivity is a new technology and it
is here to stay. No longer tethered by wire and an inherent level of security,
privacy and safety is often taken for granted. People bring their laptop
computers to the coffee shop or cafι where they are able to connect wirelessly
to the Internet. But, are they surfing in a web of unscrupulous spammers,
hackers and crackers? What level of security is provided to the cafι patron or
should there be signs posted Internet SURFERS beware?
With the boom in wireless networking and
proliferation of public access points there are security risks which are
pervasive and under estimated by the public. Even, the business proprietor may
be unaware of the security risk, or might see this wireless connection as a new
revenue stream for the business by legally harvesting usernames, passwords and
other personal data.
By
explaining the basic operation of wireless communication and showing some of
the tools used to capture information as it is broadcast from device to device,
the non technical user may better understand the steps to mitigate this risk.
Table
of Contents
Popularity
of wireless communication
. 4
Magnitude
of crime and security breach
.. 6
Ethernet
TCP/IP protocol OSI Model
... 7
Figure 1
Wireless network communication protocol
8
802.11
802.16 Wireless protocol
... 10
Figure 2
Wireless Internet Cafι Surfing the Internet
. 11
Hijacking
Man in the Middle and other techniques
... 12
Figure 3
Wireless Internet Cafι Infiltrated by imposter access point
12
Sniffers
analyzing packets of data
. 13
Figure 4
Sniffer showing readable user name and password
14
Figure
4a Wireless network detection software
15
Public
access point with acceptable use policy
. 16
Open
connections Legal vulnerability
16
SSL Secure
Socket Layer
.. 16
Figure 5
Using SSL to hide user name and password
... 17
VPN Virtual
Private Network
.
... 17
Conclusion
. 18
References....
.. 19
Popularity
of wireless communication
How popular is wireless communication? Cell phones,
personal digital assistant (PDA), notebook Personal Computer (PC), tablet PC
and other wireless devices can be found almost anywhere today. Global
communication is a reality and wireless takes us there. Six million people worldwide
in 2003 had a cellular phone and the estimate then was there would be 1.3
billion cell phone users by 2006
At least one-third of North
Americans (U.S. & Canada) have accessed the Internet wirelessly in the past
30 days significantly higher than rates seen in 2004. The U.S. and Canada
also have some of the highest rates of Wi-Fi awareness and usage, as roughly
two in five that have heard of Wi-Fi technology have actually used it to access
the Internet
The freedom and ease to move about with these
communication and storage devices is attracting those individuals, who might
not otherwise have an interest to: connect to the Internet, use a computer,
send email, or carry out financial transactions online, are now getting connected
to this wireless technology. They discover a convenience and find these high
tech gadgets are making their lives easier.
Today the telephone, which was invented in the late 1800s by Alexander
Graham Bell
Businesses are creating public access points or Hot
Spots calling them Wi-Fi zones and marketing this connectivity to customers,
who seek a connection to the Internet. By providing this service to the
customer, the hospitality and travel industries look to create loyalty and meet
the demands of the mobile clientele. The use of wireless information technology
is growing at exponential rates. Initially, wireless communication and its
development was centered on voice communication but has greatly expanded to
include data. In the United States, the growth rate of wireless cellular
service has seen a compounded growth rate of 40% compared to 5% for regular
telephone service since 1981
A recent survey completed by the RSA Security Inc., found that:
Public hotspots continue to proliferate in the many places where people seek connectivity, such as coffee shops, airports and hotels:
- Last years research detected 364 wireless hotspots on
the London route; by 2007 this figure had risen to 461 - a 27 percent
increase.
- In New York the annual growth rate was 17 percent, and
15 percent of all wireless access points were found to be hotspots - by
far the highest percentage across the three cities.
- In Paris, hotspots increased 37
percent and represented 11 percent of all access points.
There is no stopping the human need for communication and
with faster and easier methods to share information it is likely that we will
be experiencing more opportunity to find ourselves at the Wireless Internet
Cafι. The
businesses in order to take advantage of this new market of mobile information
system users advertise their Wi-Fi and available Hot Spots. A Hot Spot is a public access point for
connection to the Internet via a wireless network provided by an organization
or business, and these connection access points are purposely left in an
unsecure state in order to allow easy connection by the patron. Businesses see
this offering as one more marketing advantage to get this new market into their
establishments. The hospitality and travel industries strongly market this
convenience to the travel business employee who needs to stay connected to
their companys data systems while travelling. Cafιs and coffeehouses provide
Hot Spot connections to allure mobile computer users with added convenience of
surfing the Internet or checking email while enjoying the cuisine and
refreshment the businesses provide to their patrons. Hot Spots are also located
in Wireless Internet Cafιs that serve as public connections for communities
where it is too costly for each user to subscribe to an ISP for connecting.
Magnitude
of crime and security breach
The level of lost or
stolen personal identity according to some recent estimates is 73 million
identity records and in one much publicized incident a laptop computer holding
the records of 26 million US military service records was taken
If security breach
includes the loss of ones personal information and is an increasingly common,
how do we protect ourselves and mitigate the risk? Analysis of the problem
indicates that where our personal information is stored, and how it is used by
us represents the sphere of vulnerability to having our identity stolen. The
value of a notebook PC is a decreasing asset because over time, new technology
will replace the capability and power of this device with one which has more
power and capability at a lower cost, according to Moores law
Ethernet
TCP/IP protocol OSI model
Ethernet has become the
de-facto network protocol because of the success and popularity of the
Internet. It is also the base from which the Hot Spot at the Wireless Internet
Cafι operates. This protocol sets rules on how information is made available
and then transported between computers engaging in communication. This
communication takes place at seven different layers and each computer
corresponds with the other on that same level. Figure 1 shows this layer to
layer correspondence in the Open System Interconnection (OSI) reference model
developed by the International Organization for Standardization
The top level or layer
seven is the application layer. Here computer users experience the information
they seek. It is the web page displayed in the Internets browser window, or an
application which is directly connected to the other computer as with a Telnet
session, or a Remote Connection. Layer six moving down the stack is the
Presentation Layer which is responsible for translating file data into the
correct formats so that graphics are displayed correctly or sound files can be
heard. The Session Layer (five) is used
to control the program connection so that all data acquired is handled
independent of each application and the data is kept separate between
applications. These top three layers form the stack area related to the users
application.
The fourth layer is the
Transport Layer; it is this layer that is responsible for segmenting and
reassembling the data. It can provide a logical connection between the host and
destination computer and depending on the data requirements can establish a reliable
connection so that data is retransmitted if the original data is not received. This
layer provides the flow control of the data.
How this information is routed between computers
is the responsibility of the Network Layer. It is this third layer that
determines which is the best path between computers and establishes this path
or circuit. The IP address of the source and the destination devices become
part of the packet. These addresses identify the logical addressing used to
route the information between computers and through networks. The IP address of the source and destination
never change in the packet. It is this addressing that identifies the
communicating devices much like the cell phone number identifies a specific
phone.
The Data Link Layer is
the second layer and is responsible in moving the data to and from network devices
by converting the message to some type of energy, but not before completing the
encapsulation process and marking the data frame with a physical address for
both the source and destination of those devices which exist in the same
physical environment. As the data frame
moves from network to network the source and destination addresses change in
order to complete the flow of data between networks. The physical address or Media Access Control
(MAC) address within the data framing changes to accommodate the entry and exit
points of the specific network connections.
The final step in the
encapsulation process is handled by Layer one or the Physical Layer. Here the
message is converted to bits of energy for transmission across various media to
be received by a remote and similar device.
In the Wireless Internet Cafι the medium is air so transmission of these
energy bits is broadcast via radio waves and can be received by any device
which is listening.
802.11
802.16 Wireless protocol
In the wireless
Ethernet environment, the 802.11 protocol was developed to establish the rules
which govern just how these Bits, Frames, Packets and Segments are transmitted
and secured. The transmission of these
TCP/IP packets is done through the air by the wireless device broadcasting
radio waves. These radio waves travelling through the air can be picked up by
anyone close enough to hear the signal. So there is an issue with privacy if
the signal is available to all in the Wireless Internet Cafι. Figure 2 shows
the connection of Cafι customers connecting wirelessly to the Hot Spot access
point for communication through the Internet to various web servers.
A security solution
without ensuring privacy is no solution at all!
Hijacking
- Man in the Middle and other techniques
The perpetrator of identity
theft will use various techniques to hide and avoid detection. Other tools are
used so the packets of data can be captured and deciphered as they pass through
the rogue access point
No security is configured
to check and verify the authenticity of the wireless clients relationship with
wireless access point the level of trust is high by default and so, there is no
distinction between a rouge access point and the legitimate public Hot Spot.
The information is sent though through the rogue access point because the
hacker has tricked the devices and cloaks the rogue device as a legitimate
network access point by changing the MAC address or other manipulation of the
encapsulated data.
Sniffers
analyzing packets of data
How do these packets
get captured? The term used to describe this type of program is known as a
Sniffer. This program captures the complete frames as the travel through a
network. Any transmission of packets which are captured can be stored on the
hard drive of the packet sniffing computer. These data packets will contain all
information transmitted to and from the communicating computers and is a copy
of your computing session
Many systems do not use
encryption to hide the username and password data. Plain text is a gift. With the
information easily obtained in plain text for username and password plus
tracing of all of the web server connections, personal security is breached in
the matter of just a few minutes. The RSA survey was undertaken using the same
tools available to the hacker. Figure 4a identifies several wireless networks
and is one of the tools used by hackers to evaluate target networks.
The survey
was carried out with a laptop computer and commercial software. The laptop and
software scanner detected both broadcasting and non-broadcasting APs in the
802.11a, b and g frequencies. When devices were detected the software
identified the channel, service set identifier (SSID) and other network
information before disconnecting from that source. The software had no way of
capturing or retaining the data content of sessions detected.
It is interesting to note that the RSA Security Inc. included the disclaimer that the software did not capture or retain data, by their choice.
Public
access points with Acceptable Use Policies
Some Wireless Internet Cafιs
recognize there are vulnerabilities to Hot Spot connections and in an effort to
notify their Internet surfing customer and minimize their associated security risk
liability often present a login home page that serves notice to the Wi-Fi
customer about their acceptable use policy. This includes a warning about the inherent
security risk and the prohibition of capturing data.
Open
connections - Legal vulnerability
To create a public hot
spot the wireless access point device broadcasts its SSID and with the security
mechanisms turned off. You accept the risk by connecting and the liability. There
is no protection from sniffers. Since this access is a public invitation the
packets may be sniffed legally even if the packet sniffer does not agree to the
Acceptable Use Policy of the business. They are not using the Wireless Internet
Cafι network. They are just capturing packets travelling through the air in a
space designated as public Wi-Fi. There is legal protection for networks that
are private and any capture of data packets would be a crime.
SSL
Secure Socket Layer
In order to protect
your identity, do not access any accounts which use plain text to authenticate
the user. Limit your access to accounts which authenticate users using a
security mechanism although Man-in-the-Middle or Replay capture may still
provide enough information for the hacker to decode the security encryption
This SSL method is commonly
seen when using a web browser; it is the lock that appears on the browser and
the communication protocol changes in the address/location bar to https://
from the original http://.
VPN
Virtual Private Networks
Virtual Private Network
(VPN) uses a different method to cloak the data so that it cannot be captured
and viewed. This method requires that both ends of the communication link be
set up in advance of the first connection and the predetermined define security
keys are in place.
Conclusion
Without protection of a
security method the wireless Internet cafι user is exposed to become a victim
of identity theft. Even with some level of security in place the risk is reduced
but not totally eliminated. The decision to use a hot spot connection is often
made because of convenience or status. The risk needs to measure against the
perceived benefit. The probability to fall victim using a public wireless
access point may be high, and the associated cost with rebuilding and
recovering ones identity in terms of time and money spent can be great. Be
proactive and make smart choices when it comes to making that connection in the
Wireless Internet Cafι. Know that no one is protecting your personal data, and
that responsibility is yours and yours alone. You can only take steps that may lower
the risk, but it will never be a zero percent probability unless your computer
stays turned off and in its case.
References
Bell,
Alexander Graham. (2007). Desktop Encyclopζdia Britannica.
Chicago: Encyclopζdia Britannica.
Ciampa, M. (2005). Security + Guide to Network
Security Fundamentals. Boston: Thomson Learning, Inc.
Computers and
Information Systems. (2006). Encyclopζdia Britannica. Retrieved October
23, 2007, from Encyclopζdia Britannica Online:
http://www.britannica.com/eb/article-257856
European Travel
Commission. (2007, November 30). New Media Review - Provided by the European
Travel Commission. Retrieved December 4, 2007, from European Travel
Commission: http://www.etcnewmedia.com/review/default.asp?SectionID=10
Haley, F. (2007,
November). Wi-Fi on Steroids. Black Enterprise, Retrieved December
4, 2007, from ProQuest database, 38(4), 58.
Intel Corporation.
(n.d.). Moore's Law: Made real by Intel Innovation. Retrieved December
4, 2007, from Intel Corportation: http://www.intel.com/technology/mooreslaw/
Lammie, T. (2005).
Chapter 1: Internetworking. CCNA: Cisco Certified Network Associate Study
Guide. San Francisco, London: Sybex,Inc.
Marketing Charts.
(2007, June 15). Wireless Adoption Leaps, Advance Encryption Gains Ground.
Retrieved November 19, 2007, from www.marketingcharts.com:
http://www.marketingcharts.com/interactive/wireless-adoption-leaps-advanced-encryption-gains-ground-678
McClure, S., Scambray,
J., & Kurtz, G. (2005). Hacking Exposed (5th Edition). New York:
McGraw-Hill Osborne.
Miller, S. (2003). Issues
in Wireless Security. Wi-Fi Security. McGraw-Hill Professional
Publishing.
Minoli, D. (2002). Hotspot
Networks: Wi-Fi for Public Access Locations. New York : McGraw-Hill
Professional Publishing.