Mobile Wireless Network Security

WEP includes a device level authentication mechanism, pictured in Figure 5-4. The station must provide to the AP a proof of ownership of the key they share. Four messages are exchanged. The station makes a request. The AP sends a challenge, i.e., a 128-bit random value. The station sends a response, i.e., the 128-bit random value encrypted with the WEP stream cipher. The AP decrypts the response. If the decrypted response matches the original challenge value, then a positive authenticate response is returned to the station. WEP authentication is one-way, i.e., the AP is not authenticated by the station. After the completion of the authentication phase, subsequent traffic is not authenticated. The protocol is vulnerable to the authentication spoofing attack. An adversary may obtain the key by xor-ing the intercepted challenge value and its response. The key stream may be used by the adversary to create proper responses to new challenges

WPA includes as well an authentication protocol. WPA authentication, defined in the 802.11i standard [11], follows the 802.1x protocol [16]. Three types of participants are defined: supplicant, authenticator, and Authentication Server (AS). The role of the supplicant is played by a station. An AP takes the role of the authenticator. The function of AS may be collocated with the one of the authenticator, i.e., combined within the AP. This is adequate for a home network. It may also be done by a node part of the infrastructure network, e.g., a Remote Authentication Dial-In User Service (RADIUS). This is more adapted to an enterprise network.

Also read : level 3 network

Comments

Post a Comment

Popular posts from this blog

Enabling the Computer Browser service for Windows Server

  You can configure a computer so that it does not send announcements to browsers on the domain. If you do so, you hide the computer from the Browser list, which can help reduce network traffic. Editing the Registry 1. Open the registry editor and go to Microsoft Registry 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters 2.From the Edit menu, choose Add Value and type: Hidden Note: This value is case sensitive and must begin with a capital H. 3.In the Data Type field, choose REG_DWORD and choose OK. 4.In the Data field, type 1 to enable hiding and choose OK. 5.Restart your computer. Using the NET CONFIG SRV command This setting can also be changed using the following command: net config server /hidden:yes|no To hide the computer from the Browser List, type net config server /hidden:yes at the command prompt, and then press ENTER. To unhide the computer from the Browser list, type net config server /hidden:no at the command Find more :  lanmanserver windows
Read more

The Advantages of Authentication

There are numerous advantages of authentication systems which are used to identify the user of a home, ATM or a security clearance computer system. The main purpose of these systems is to validate the user's right to access the system and information, and protect against identity theft and fraud. While there are still drawbacks with some systems, as the business world and the electronic marketplace become more complex, the advantages of authentication are ever more obvious. Password Based Authentication The use of a password and username is the most common form of authentication used and is generally considered the cheapest and most convenient method. This requires the user to provide and remember a key containing a specified amount of alpha and numeric characters in relation to a username or e-mail address which must be correct at each login. Passwords saved on a network can be encrypted to prevent theft by employee or programs designed by hackers. Device Based Authenticatio
Read more

Server Work Queues of networking

  This is something you should only measure on your Terminal Server(s). You should monitor the "current commands" in the Redirector object. If the value is higher than 20 during sustained periods of time then you could have a bottleneck. Server Work Queues The Server Work Queues object should be monitored on the File server. You should monitor the "Available WorkItems" counter. Sustained values smaller than ten mean that the File server is running out of work items. When it does, performance really starts to plummet. Make sure this doesn't happen by upping the MinFreeworkItems value. Server In this object there's a counter called "Work Item Shortages". This value represents the number of times no work items were available or couldn't be allocated to service a file request. Obviously if you see any other value than zero, you need to start worrying. Upping the InitWorkItems or MaxWorkItems could help out here. Again, there's so much more you
Read more