Wireless Security

Wireless Networking technology is now one of most popular networking and convenient technology but still the security issue is big concern for this technology. This research assignment will explore the wireless networking focusing on its security protocols and its development.

Overview of wireless networking
Computer users are getting more and more interested in accessing the Internet wirelessly because of its convenience and mobility. Nowadays, business travellers use wireless laptops to stay in touch with the home office; vacationers beam snapshots to friends while still on holiday; and shoppers place orders from the comfort of their couches. A wireless network can connect computers in different parts of your home or business without a tangle of cords and enable you to work on a laptop anywhere within the network’s range.

Going wireless generally requires a broadband Internet connection into home, called an “access point,” like a cable or DSL line that runs into a modem. To set up the wireless network, connect the access point to a wireless router that broadcasts a signal through the air, sometimes as far as several hundred feet. Any computer within range that’s equipped with a wireless client card can pull the signal from the air and gain access to the Internet.

The wireless networks are based on the IEEE standards belonging to the 802 family – which include the much-beloved Ethernet (802.3) that is common today in homes and offices. Although the development of the 802.11 technology and standards have been ongoing since the late 1990s, grassroots adoption of “wireless Ethernet” only began in the 2000-2001 time frame when access point (AP) devices became cheap enough for the home user to obtain.[3]
(Security in Wireless LANs and MANs: Thomas Hardnono, Lakshminath R. Dondeti: Page1)

Following list is a simple overview of the 802.11 family:
• 802.11b
o Most widespread
o 11Mb maximum, 2.4 GHZ band
• 802.11a
o Next generation
o 54MB maximum, 5GHZ band
• 802.11g
o 54MB maximum, 2.4 GHZ band
o Compatible with 802.11b
• 802.11X
o Uses Extensible Authentication Protocol (EAP)
o Supports RADIUS
• 802.11i
o Draft

Security vulnerability:
The downside of a wireless network is that, unless anyone takes certain precautions, any person with a wireless-ready computer can use your network. That means the neighborhoods, or even hackers lurking nearby, could “piggyback” on the network, or even access the information on your computer. And if an unauthorized person uses your network to commit a crime or send spam, the activity can be traced back to your account.

The 802.11 standard is, in its operating principles, not that much different from Ethernet. It uses a traditional “one can talk, others listen” media access control scheme, the only difference being that instead of a pair of wires, the carrier of the signal is now just a designated radio frequency. Which bring us tho 802.11’s first problem.

In May 2004, the Queensland University of Technology’s Information Security Research Centre (ISRC) announced it findings that any 802.11 network in any enterprise could be brought to a grinding halt in a matter of seconds simply by transmitting a signal that inhibits other parties from trying to talk. Naturally, the same is true for Ethernet, except that you must be able to connect to a network plug first, which of course makes the attacker much easier to track and the problem easier to solve. You can simply check the switch then follow the cable. This attack is not exactly a surprise, but it’s not what business adopters expected either.

That’s not where the problem ends. Where the 802.11 standard attempted to thwart carrier-level attacks, it actually failed miserably. The Wired Equivalent Privacy (WEP) mechanism was designed for wireless networks to provide a level of protection against eavesdropping on network sessions by external parties, thus providing security roughly comparable to traditional LANs. However, a number of design flaws in the WEP scheme were found in 2001 by researchers from the University of California and Zero Knowledge Systems, which proved the scheme grossly inappropriate. Regrettably, even by that time wi-fi had been deployed widely enough to make necessary modifications difficult to implement.

To add insult to injury, use of WEP is optional, and most wireless network devices have WEP turned of; they’re ready to accept and relay any traffic they receive. Although this is generally acceptable with wired networks, where and additional layer of security is provided on the physical level, wireless networks are open to any random person within range.

In 2002, Tracy Reed of Copilot Consulting decided to fly around San Diego and vicinity with a wireless scanner. Cruising at 1,500feet, he managed to find nearly 400 access points with default caonfiguratins and likely free network access to the Internet of internal corporate networks for any person nearby. Only 23 percent of the devices scanned were protected by WEP (which is in general, easy to crack anyway) or better mechanisms.[1]

Following picture is another wireless vulnerability example which shows there are lot of open access points in our surroundings

Why Wi-Fi security is too vulnerable?
Easy to Access
Wireless LANs are easy to find. Strictly speaking, this is not a security threat. All wireless networks need to announce their existence so potential clients can link up and use the services provided by the network. 802.11 requires that networks periodically announce their existence to the world with special frames called Beacons.

However, the information needed to join a network is also the information needed to launch an attack on a network. Beacon frames are not processed by any privacy functions, which means that your 802.11 network and its parameters are available for anybody with an 802.11 card. “War drivers” have used high-gain antennas and software to log the appearance of Beacon frames and associate them with a geographic location using GPS.

Short of moving into heavily-shielded office space that does not allow RF signals to escape, there is no solution for this problem. The best anyone can do is to mitigate the risk by using strong access control and encryption solutions to prevent a wireless network from being used as an easy entry point into the network. Deploy access points outside firewalls, and protect sensitive traffic with VPNs.
“Rogue” Access Points
Easy access to wireless LANs is coupled with easy deployment. When combined, these two characteristics can cause headaches for network administrators. Any user can run to a nearby computer store, purchase an access point, and connect it to the corporate network without authorization. Many access points are now priced well within the signing authority of even the most junior managers. Departments may also be able to roll out their own wireless LANs without authorization from the powers that be.

“Rogue” access points deployed by end users pose great security risks. End users are not security experts, and may not be aware of the risks posed by wireless LANs. Most existing small deployments mapped by war drivers do not enable the security features on products, and many access points have had only minimal changes made to the default settings. It is hard to believe that end users within a large corporation will do much better. Unfortunately, no good solution exists to this concern. Tools like NetStumbler allow network administrators to wander their building looking for unauthorized access points, but it is expensive to devote time to wandering the building looking for new access points.
Unauthorized Use of Service
Several war drivers have published results indicating that a clear majority of access points are put in service with only minimal modifications to their default configuration. Nearly all of the access points running with default configurations have not activated WEP (Wired Equivalent Privacy) or have a default key used by all the vendor’s products out of the box. Without WEP, network access is usually there for the taking.

Two problems can result from such open access. In addition to bandwidth charges for unauthorized use, legal problems may result. Unauthorized users may not necessarily obey your service provider’s terms of service, and it may take only one spammer to cause your ISP to revoke the connectivity.
MAC Spoofing and Session Hijacking
802.11 networks do not authenticate frames. Every frame has a source address, but there is no guarantee that the station sending the frame actually put the frame “in the air.” Just as on traditional Ethernet networks, there is no protection against forgery of frame source addresses.
Attackers can use spoofed frames to redirect traffic and corrupt ARP tables. At a much simpler level, attackers can observe the MAC addresses of stations in use on the network and adopt those addresses for malicious transmissions.
Traffic Analysis and Eavesdropping
802.11 provides no protection against attacks that passively observe traffic. The main risk is that 802.11 does not provide a way to secure data in transit against eavesdropping. Frame headers are always “in the clear” and are visible to anybody with a wireless network analyzer. Security against eavesdropping was supposed to be provided by the much-maligned Wired Equivalent Privacy specification.

A great deal has been written about the flaws in WEP. It protects only the initial association with the network and user data frames. Management and control frames are not encrypted or authenticated by WEP, leaving an attacker wide latitude to disrupt transmissions with spoofed frames.

Protocols to secure wireless network
WEP (Wired Equivalent Privacy)
WEP is a protocol that adds security to wireless local area networks (WLANs) based on the 802.11 Wi-Fi standard. WEP is an OSI Data Link layer (Layer 2) security technology that can be turned “on” or “off.” WEP was designed to give wireless networks the equivalent level of privacy protection as a comparable wired network.

WEP is based on a security scheme called RC4 that utilizes a combination of secret user keys and system-generated values. The original implementations of WEP supported so-called 40-bit encryption, having a key of length 40 bits and 24 additional bits of system-generated data (64 bits total). Research has shown that 40-bit WEP encryption is too easy to decode, and consequently product vendors today employ 128-bit encryption (having a key length of 104 bits, not 128 bits) or better (including 152-bit and 256-bit WEP systems).

When communicating over the wire, wireless network equipment uses WEP keys to encrypt the data stream. The keys themselves are not sent over the network but rather are generally stored on the wireless adapter or in the Windows Registry.

Regardless of how it is implemented on a wireless LAN, WEP represents just one element of an overall WLAN security strategy.

The 802.11 standard describes the communication that occurs in wireless local area networks (LANs). The Wired Equivalent Privacy (WEP) algorithm is used to protect wireless communication from eavesdropping. A secondary function of WEP is to prevent unauthorized access to a wireless network; this function is not an explicit goal in the 802.11 standard, but it is frequently considered to be a feature of WEP.

WEP relies on a secret key that is shared between a mobile station (eg. a laptop with a wireless ethernet card) and an access point (ie. a base station). The secret key is used to encrypt packets before they are transmitted, and an integrity check is used to ensure that packets are not modified in transit. The standard does not discuss how the shared key is established. In practice, most installations use a single key that is shared between all mobile stations and access points.
Basic WEP Encryption
WEP uses the RC4 encryption algorithm, which is known as a stream cipher. A stream cipher operates by expanding a short key into an infinite pseudo-random key stream. The sender XORs the key stream with the plaintext to produce ciphertext . The receiver has a copy of the same key, and uses it to generate identical key stream. XORing the key stream with the ciphertext yields the original plaintext.

RC4 Keystream XORed with Plaintext

This mode of operation makes stream ciphers vulnerable to several attacks. If an attacker flips a bit in the ciphertext, then upon decryption, the corresponding bit in the plaintext will be flipped. Also, if an eavesdropper intercepts two ciphertexts encrypted with the same key stream, it is possible to obtain the XOR of the two plaintexts. Knowledge of this XOR can enable statistical attacks to recover the plaintexts. The statistical attacks become increasingly practical as more ciphertexts that use the same key stream are known. Once one of the plaintexts becomes known, it is trivial to recover all of the others.

WEP has defenses against both of these attacks. To ensure that a packet has not been modified in transit, it uses an Integrity Check (IC) field in the packet. To avoid encrypting two ciphertexts with the same key stream, an Initialization Vector (IV) is used to augment the shared secret key and produce a different RC4 key for each packet. The IV is also included in the packet. However, both of these measures are implemented incorrectly, resulting in poor security.

The integrity check field is implemented as a CRC-32 checksum, which is part of the encrypted payload of the packet. However, CRC-32 is linear, which means that it is possible to compute the bit difference of two CRCs based on the bit difference of the messages over which they are taken. In other words, flipping bit n in the message results in a deterministic set of bits in the CRC that must be flipped to produce a correct checksum on the modified message. Because flipping bits carries through after an RC4 decryption, this allows the attacker to flip arbitrary bits in an encrypted message and correctly adjust the checksum so that the resulting message appears valid.

The initialization vector in WEP is a 24-bit field, which is sent in the cleartext part of a message. Such a small space of initialization vectors guarantees the reuse of the same key stream. A busy access point, which constantly sends 1500 byte packets at 11Mbps, will exhaust the space of IVs after 1500*8/(11*10^6)*2^24 = ~18000 seconds, or 5 hours. (The amount of time may be even smaller, since many packets are smaller than 1500 bytes.) This allows an attacker to collect two ciphertexts that are encrypted with the same key stream and perform statistical attacks to recover the plaintext. Worse, when the same key is used by all mobile stations, there are even more chances of IV collision. For example, a common wireless card from Lucent resets the IV to 0 each time a card is initialized, and increments the IV by 1 with each packet. This means that two cards inserted at roughly the same time will provide an abundance of IV collisions for an attacker. (Worse still, the 802.11 standard specifies that changing the IV with each packet is optional!)

Improvement of WEP

A stopgap enhancement to WEP, implementable on some (not all) hardware not able to handle WPA/WPA2, based on:
 Enlarged IV value
 Enforced 128-bit encryption
However, WEP2 remains vulnerable to known WEP attacks — at most it will just slow an attacker down a bit — and thus shouldn’t really be considered more secure than WEP. [11]

Also known as WEP+. A proprietary enhancement to WEP by Agere Systems (formerly a subsidiary of Lucent Technologies) that enhances WEP security by avoiding “weak IVs”. It is only completely effective when WEPplus is used at both ends of the wireless connection. As this cannot easily be enforced, it remains serious limitation. It is possible that successful attacks against WEPplus will eventually be found. It also does not necessarily prevent replay attacks. [11]

WPA (Wi-Fi Protected Access)
WPA is a security technology for wireless networks. WPA improves on the authentication and encryption features of WEP (Wired Equivalent Privacy). In fact, WPA was developed by the networking industry in response to the shortcomings of WEP.

One of the key technologies behind WPA is the Temporal Key Integrity Protocol (TKIP). TKIP addresses the encryption weaknesses of WEP. Another key component of WPA is built-in authentication that WEP does not offer. With this feature, WPA provides roughly comparable security to VPN tunneling with WEP, with the benefit of easier administration and use.

One variation of WPA is called WPA Pre Shared Key or WPA-PSK for short. WPA-PSK is a simplified but still powerful form of WPA most suitable for home Wi-Fi networking. To use WPA-PSK, a person sets a static key or “passphrase” as with WEP. But, using TKIP, WPA-PSK automatically changes the keys at a preset time interval, making it much more difficult for hackers to find and exploit them.

More secure wireless networking using WPA2
WPA2 (Wi-Fi Protected Access 2) gives wireless networks both confidentiality and data integrity, two terms not previously associated with Wi-Fi.

Security, of course, has long been the trade-off with Wi-Fi. Early wireless networks leaned heavily on VPNs to provide Layer 3 security, which-aside from the additional overhead of encapsulation and the challenges of roaming, quality of service, client support and scalability-left the IP network vulnerable to attacks. The Layer 2-based WPA2 better protects the network.

But WPA2 alone can’t provide enterprise security: Combining WPA2 with the IEEE 802.IX port-based authentication protocol for access control should eliminate most security worries. This won’t protect you from rogues, denial-of-service attacks or interference, but it will ensure secure wireless communication.

The Wi-Fi Alliance’s WPA2 security spec is a major improvement over WEP (Wired Equivalent Privacy), the security standard in IEEE’s original 802.11. WEP was susceptible to attacks and poorly implemented by vendors, and never took off in the enterprise. WEP’s weaknesses and the ease with which they’ve been exploited led to the 802.Hi standard, which was approved and published in 2004. The Wi-Fi Alliance created WPA, a subset of the draft version 802.Hi, and later, WPA2, which provided stronger security than the first version of WPA.

WPA came with support for TKIP (Temporal Key Integrity Protocol), which uses the RC4 cipher, and it can be implemented in software with just a driver or firmware update. Keys are rotated frequently, and the packet counter prevents packet replay or packet re-injection attacks. WPA provides integrity checking using MIC (Message Integrity Code), sometimes nicknamed “Michael.” Although this checksum method can be attacked with brute-force methods, network traffic is halted automatically for a minute and the session keys reset if a WPA-based access point detects more than one TKIP MIC failure within 60 seconds, so the risks are minimal.

WPA2, meanwhile, uses a new encryption method called CCMP (Counter-Mode with CBC-MAC Protocol), which is based on AES (Advanced Encryption Standard), a stronger encryption algorithm than RC4.

Both WPA and WPA2 include two authentication modes: personal and enterprise. WPA2-Personal generates a 256-bit key from a plain-text pass phrase, sometimes called a PSK, or preshared key. The PSK (as well as the Service Set Identifier and SSID length) form the mathematical basis for the PMK (pairwise master key) that’s used to initiate a four-way handshake and generate the PTK (pairwise transient key)-or session key-between the wireless user device and access point. WPA2-Personal, like static WEP, poses challenges in key distribution and maintenance, making it a fit for small offices but not the enterprise.
WPA2-Enterprise, meanwhile, addresses concerns regarding distributing and managing static keys, and controls access on a per-account basis by tying in to most organizations’ authentication services. This mode requires credentials, such as a user name and password, a certificate or a one-time password, and authentication occurs between the station and central authentication server. The access point or wireless controller monitors the connection and directs authentication packets to the appropriate authentication server, typically a RADIUS server. The framework for this is 802. IX, which supports user and machine authentication with port-based control that works for both wired switches and wireless access points.

Three major components of 802.IX authentication are supplicant, authenticate: and authentication server.

The 802. IX specification describes the supplicant as the device requesting access to the network, usually a laptop or mobile device, but in practice it’s software on that device that initiates and responds to 802. IX commands.

The authenticator-typically an access point, but in a centralized AP architecture, it may reside on the switch/controller-authenticates the client to the network. This device processes requests from the supplicant, and leaves the network interface blocked unless directed by the authentication server to unblock it.

The authentication server, meanwhile, receives and processes the authentication request. It usually is a RADIUS server, but it’s not just any RADIUS server-it must be compatible with the supplicant’s EAP (Extensible Authentication Protocol) types.

EAP traffic is exchanged between the client (supplicant) and AP (authenticator) over the Layer 2 EAPoL (EAP over LAN) protocol. The supplicant doesn’t have Layer 3 connectivity to the RADIUS server: When the AP receives EAP traffic from the client, it converts it to the appropriate RADIUS request and then passes it to the RADIUS server for processing. If the supplicant encrypts the data, the authenticator can’t inspect the contents of the request, but can extract from the response attributes such as the client’s VLAN assignment.

After 802. IX authentication, the client receives the master key (MK) from the authentication server. The master key is tied to that authentication session. From the MK, the same primary master key (PMK) is generated on both the client and the authentication server. The authenticator-in this case an access point-receives the PMK from the authentication server through a predefined RADIUS attribute. Once the client and access point possess the PMK, the client and AP generate the pair-wise transient key (PTK) without actually exchanging it. This is possible over a four-way handshake, which eliminates a successful man-in-the-middle attack.

WPA2’s PTK comprises three types of keys. They are the Key Confirmation Key (KCK), which is used to check the integrity of an EAPOL-Key frame (used in the MIC), the Key Encryption Key (KEK), which encrypts the GTK, and the Temporal Keys (TK), which secure data traffic.

All wireless devices associated with an access point must be able to decrypt the broadcast and multicast traffic. They do so with the same group key, or GTK. If the AP changes the GTK because it was compromised, for example, the AP issues a replacement key using a simpler twoway handshake with the KEK encrypting the GTK.

Because this entire process of client authentication to the RADIUS server can take up hundreds of milliseconds (if not seconds) when a device is roaming from one AP to another, it’s unacceptable for Wi-Fi phones or streaming applications on laptops. So most enterprise wireless products have 802.11i features that help minimize roaming latency-preauthentication and PMK caching.

Pre-authentication lets a mobile client authenticate with other APs in its vicinity while remaining associated with its primary AP. With PMK caching, a roaming client need not fully re-authenticate over 802. IX when it returns “home.”
WPA2 Encryption
WPA2 is built around AES, which has replaced DES and 3DES as the de facto industry encryption standard. The computationally intensive AES requires hardware assistance, something not always in older WLAN equipment.

WPA2 uses CBC-MAC (Cipher Block Chaining Message Authentication Code) Protocol for authentication and integrity, and CTR (Counter Mode) to encrypt the data and MIC. WPA2’s MIC is similar to a checksum and provides data integrity for the nonchangeable fields in the 802.11 header, unlike WEP and WPA. This prevents packet replay from being exploited to decrypt the packet or compromise cryptographic information.

MIC calculation uses a 128-bit IV (initialization vector). The IV is encrypted with AES and the temporal key, producing a 128-bit result. The algorithm then performs an exclusive OR on that result and the next 128 bits of data. The result of this calculation is encrypted with AES and the TK, and then an exclusive OR is performed on that and the next 128 bits of data. The last step is repeated until all 128 blocks in the 802.11 payload are exhausted. At the end of the operation, the first 64 bits are used to produce the MIC.

The counter-mode encryption algorithm encrypts the data and the MIC. The algorithm begins with a 128-bit counter preload similar to the MIC IV, but uses a counter value initialized to 1 instead of a data length. So a different counter is used to encrypt each packet.

The first 128 bits are encrypted using AES and the TK, producing a 128-bit result, and an exclusive OR is performed on that result. The first 128 bits of data produce the first 128-bit encrypted block. The counter preload value increases incrementally and is encrypted with AES and the data encryption key. Then an exclusive OR is performed on that and the next 128 bits of data.
The last step is repeated until all the 128-bit blocks have been encrypted. Then the final counter value is set to O and encrypted using AES and XORed with the MIC. The result is appended to the encrypted frame.

Once the MIC is calculated using CBC-MAC, the data and MIC are encrypted. That information is prefixed with an 802.11 header and the CCMP packet number field, appended with the 802.11 trailer, and then sent out.

WPA2 decryption works in reverse. The counter value is derived from the same algorithm used in the encryption. That value and the encrypted portion of the 802.11 payload are decrypted with the counter mode decryption algorithm and the TK, which results in the decrypted data and MIC. The data then goes through the CBC-MAC algorithm to recalculate the MIC. If the values don’t match, the packet is dropped. If they do, the decrypted data is sent up the network stack and to the client.

Most of the latest enterprise wireless systems support WPA2 or are upgradeable to it. But if you don’t have an authentication or RADIUS server that supports the requisite EAP types, you’ll have to pull together the elements to do so. And you probably have a few laptops and PC cards that don’t support WPA2 because they lack the necessary AES encryption hardware. Sometimes a firmware and/or driver upgrade will activate that functionality.

Another challenge is getting WPA2 to embedded or small form-factor devices such as PDAs, Wi-Fi phones, barcode scanners and wireless print servers. These devices tend to lag in security features due to integration challenges and their infrequent replacement lifecycle.

You can create a separate SSID with WEP or WPA on a separate VLAN with limited, controlled and monitored access to your network. An example is Wi-Fi phones that support only WEP or WPA-PSK: Because they need to communicate only with the VoIP infrastructure, you should restrict them from accessing the general corporate network. Of course, voice calls are still susceptible to decryption, and it might make sense to wait for handsets that support some form of 802.IX.

Supporting WPA2 on your existing desktops and laptops isn’t always easy. If the type of EAP you’re using is not supported by the wireless station’s OS, you can use the supplicant provided on your wireless card’s drive or install, configure and manage a third-party supplicant. If you can’t convert all your users in short order, you can overlay your system with a new SSID that uses WPA2 or mixed-mode encryption. Then you can convert your devices to WPA2 by location, for instance.

Either way, Wi-Fi is ready for prime time when it comes to enterprise security. WPA2 provides encryption and data integrity, and when used with 802. IX authentication, you get complete link-level security.

History of development (WEP To WPA2)
Wired Equivalent Privacy (WEP) was ratified in 1999 along with the original 802.11b Wi-Fi standards. WEP failed to live up to its name when it proved vulnerable to shared key and stream cipher attacks in 2001. In response, enterprises that wanted tighter security augmented their own encryption and authentication schemes, and they added virtual private network (VPN) tunnels on top of their Wi-Fi installations.

By 2003, the Wi-Fi Alliance had crafted WPA as a temporary solution, borrowing from the IEEE’s work in progress on the 802.11i security standard. WPA uses the same encryption algorithm (RC4) as WEP uses, but with larger and dynamically changing keys. WPA also incorporates strong user authentication (such as the 802.1x standard). Most early Wi-Fi clients and access points (APs) could be upgraded from WEP to WPA in software or firmware (i.e., software embedded in hardware).

In June 2004, the IEEE formalized 802.11i, shortly after the Wi-Fi Alliance released WPA2. While the two are not strictly identical, from a practical standpoint the two terms are used interchangeably. If anyone buy a wireless access point or router with either term on it, it provides the same level of security. The WPA2 designation means that the equipment is interoperable with other equipment bearing that designation.

Though the Wireless networking are becoming increasingly popular but it true many users still fear of a large security risk because of it high security vulnerabilities. The initial failure of WEP security technology leads the users fearful about this Wi-Fi technology. But the current development of WPA2™ security plugs hole in WEP. Also, the Wi-Fi Alliance claims that WPA addresses all known WEP vulnerabilities but the market clearly is not convinced.

Wi-Fi security issues are dealing with two different problems: authentication and privacy. Authentication ensures that only legitimate users get access to the network. Privacy keeps transmissions secure from eavesdropping. The WPA is nicely handled these two key problems.

Even though we have the most robust security technology but mishaps can happen anytime, to get a pleasant experience of Wi-Fi technology users must be aware of the security vulnerabilities, that’s why the Wi-Fi Alliance recommends that users of wireless networks exercise the same level of caution they’ve learned to use to avoid scams in the wired world. End users should change their passwords regularly, not respond to questionable e-mails, and look for secure connections. Consumers need to make some new simple security precautions a habit, like connecting through a provider that uses encryption with a list of trusted hotspots, using a VPN, and always enabling security within a home network. Also, users should make it a point to look for products that are Wi-Fi CERTIFIED for WPA™ (Wi-Fi Protected Access) or WPA2™ security.


1. Silence on the wire(a Field Guide to Passive Reconnaissance and Indirect Attacks): Michal Zalewski, ISBN 1-59327-046-1, San Francisco CA94107, No Starch Press Inc.

2. Hacker’s Challenge: Test Your Incident Response Skills Using 20 Scenarios: Mike Schiffman, ISBN 0-07-219384-0, California, McGraw-Hills

3. Security in Wireless LANs and MANs: Thomas Hardnono, Lakshminath R. Dondeti: , ISBN 1-58053-755-3, London, Artech House, Inc.

4. Don’t Overlook the Threats Posed by Wi-Fi ,Bob Egan. American Banker. ISSN: 00027561 , New York, N.Y.: Jul 18, 2006.Vol.171, Iss. 136; pg. 10.A

5. The ABCs Of WPA2 Wi-Fi Security, Frank Bulk. Network Computing. ISSN: 10464468 , Manhasset: Feb 2, 2006.Vol.17, Iss. 2; pg. 65, 3 pgs

6. 802.11i Brings More Security To WLANs, Drew Robb. Business Communications Review. ISSN: 01623885, Hinsdale: Apr 2006.Vol.36, Iss. 4; pg. 52, 3 pgs

7. Better, Simpler WLAN Security,Elena Malykhina. InformationWeek. Manhasset: ISSN: 87506874, Apr 17, 2006., Iss. 1085; pg. 27, 1 pgs

8. Key-Exchange Authenication Using Sharing Secrets, Mohamad Badra, Ibrahim Hajjeh. ISSN: 00189162, Computer. New York: Mar 2006.Vol.39, Iss. 3; pg. 58

9. http://www.networkworld.com/topics/wireless.html

10. http://www.techweb.com

11. http://en.wikipedia.org

You May Also Find These Documents Helpful

Allegory Of American Pie By Don Mc Lean

Ask anyone what was the defining moment in the rock history of the 1960s was and all you will get is a one word answer: Woodstock. The three day rock festival that defined an era was only one of many music festivals of the '60s. But Woodstock has come to symbolize, "an era of peaceful, free- loving, drug- taking hippie youth, carefree before harsher realities hit..." (Layman 40). The Woodstock festival ended a century filled with many metamorphoses of rock'n'roll, from the era of pop music to the rebirth of folk music to the invention of acid rock. But some cynics say that rock'n'roll died with the death of Buddy Holly before the 60s even began. One such person is Don McLean. The poet behind the haunting epic song about the death of 'danceable' music, McLean wrote the ever popular song, "American Pie" (appendix 1). The most important song in rock'n'roll history, "American Pie", is the song about the demise of rock'n'roll after Buddy Holly's death and the heathenism of rock that resulted. Although McLean himself won't reveal any symbolism in his songs, "American Pie" is one of the most analyzed pieces of literature in modern society. Although not all of its secrets have been revealed, many "scholars" of the sixties will agree that the mystery of this song is one of the reasons it has become so successful- everyone wants to know the meanings of its allegories. Proof of "American Pie's" truth lies in the allegory of the song. Many People enjoy the song but have no idea what it means- Who is the Jester? What is the levee? When the deeper story is found, the importance of the song is unearthed. "American Pie" is not only a song, it is an epic poem about the course of rock'n'roll...

Carl Orffs Philosophies In Music Education

While Carl Orff is a very seminal composer of the 20th century, his greatest success and influence has been in the field of Music Education. Born on July 10th in Munich, Germany in 1895, Orff refused to speak about his past almost as if he were ashamed of it. What we do know, however, is that Orff came from a Bavarian family who was very active in the German military. His father's regiment band would often play through some of the young Orff's first attempts at composing. Although Orff was adamant about the secrecy of his past, Moser's Musik Lexicon says that he studied in the Munich Academy of Music until 1914. Orff then served in the military in the first world war. After the war, he held various positions in the Mannheim and Darmstadt opera houses then returned home to Munich to further study music. In 1925, and for the rest of his life, Orff was the head of a department and co-founder of the Guenther School for gymnastics, music, and dance in Munich where he worked with musical beginners. This is where he developed his Music Education theories. In 1937, Orff's Carmina Burana premiered in Frankfurt, Germany. Needless to say, it was a great success. With the success of Carmina Burana, Orff orphaned all of his previous works except for Catulli Carmina and the En trata which were rewritten to be acceptable by Orff. One of Orff's most admired composers was Monteverdi. In fact, much of Orff's work was based on ancient material. Orff said: I am often asked why I nearly always select old material, fairy tales and legends for my stage works. I do not look upon them as old, but rather as valid material. The time element disappears, and only the spiritual power remains. My...

Johann Sebastian Bach Biography

Throughout the history of music, many great composers, theorists, and instrumentalists have left indelible marks and influences that people today look back on to admire and aspire to. No exception to this idiom is Johann Sebastian Bach, whose impact on music was unforgettable to say the least. People today look back to his writings and works to both learn and admire. He truly can be considered a music history great. Bach, who came from a family of over 53 musicians, was nothing short of a virtuosic instrumentalist as well as a masterful composer. Born in Eisenach, Germany, on March 21, 1685, he was the son of a masterful violinist, Johann Ambrosius Bach, who taught his son the basic skills for string playing. Along with this string playing, Bach began to play the organ which is the instrument he would later on be noted for in history. His instruction on the organ came from the player at Eisenach's most important church. He instructed the young boy rather rigorously until his skills surpassed anyone?s expectations for someone of such a young age. Bach suffered early trauma when his parents died in 1695. He went to go live with his older brother, Johann Christoph, who also was a professional organist at Ohrdruf. He continued his younger brother's education on that instrument, as well as introducing him to the harpsichord. The rigorous training on these instruments combined with Bach?s masterful skill paid off for him at an early age. After several years of studying with his older brother, he received a scholarship to study in Luneberg, Germany, which is located on the northern tip of the country. As a result, he left his brother?s tutelage and went to go and study there. The teenage years brought Bach to several parts of Germany where he...


Michelangelo was pessimistic in his poetry and an optimist in his artwork. Michelangelo?s artwork consisted of paintings and sculptures that showed humanity in it?s natural state. Michelangelo?s poetry was pessimistic in his response to Strazzi even though he was complementing him. Michelangelo?s sculpture brought out his optimism. Michelangelo was optimistic in completing The Tomb of Pope Julius II and persevered through it?s many revisions trying to complete his vision. Sculpture was Michelangelo?s main goal and the love of his life. Since his art portrayed both optimism and pessimism, Michelangelo was in touch with his positive and negative sides, showing that he had a great and stable personality. Michelangelo?s artwork consisted of paintings and sculptures that showed humanity in it?s natural state. Michelangelo Buonarroti was called to Rome in 1505 by Pope Julius II to create for him a monumental tomb. We have no clear sense of what the tomb was to look like, since over the years it went through at least five conceptual revisions. The tomb was to have three levels; the bottom level was to have sculpted figures representing Victory and bond slaves. The second level was to have statues of Moses and Saint Paul as well as symbolic figures of the active and contemplative life- representative of the human striving for, and reception of, knowledge. The third level, it is assumed, was to have an effigy of the deceased pope. The tomb of Pope Julius II was never finished. What was finished of the tomb represents a twenty-year span of frustrating delays and revised schemes. Michelangelo had hardly begun work on the pope?s tomb when Julius commanded him to fresco the ceiling of the Sistine Chapel to complete the work done in the previous century under Sixtus IV. The overall organization consists of four large triangles at...

Oscar Wilde

Oscar Fingal O'Flahertie Wills Wilde was born in Dublin Ireland on October 16, 1854. He is one of the most talented and most controversial writers of his time. He was well known for his wit, flamboyance, and creative genius and with his little dramatic training showing his natural talent for stage and theatre. He is termed a martyr by some and may be the first true self-publicist and was known for his style of dress and odd behavior. Wilde, 1882 His Father, William Wilde, was a highly accredited doctor and his mother, Jane Francesca Elgee, was a writer of revolutionary poems. Oscar had a brother William Charles Kingsbury along with his father's three illegitimate children, Henry, Emily, and Mary. His sister, Isola Emily Francesca died in 1867 at only ten years of age from a sudden fever, greatly affecting Oscar and his family. He kept a lock of her hair in an envelope and later wrote the poem 'Requiescat' in her memory. Oscar and his brother William both attended the Protora Royal School at Enniskillen. He had little in common with the other children. He disliked games and took more interest in flowers and sunsets. He was extremely passionate about anything that had to do with ancient Greece and with Classics. Wilde during school years In 1871, he was awarded a Royal School Scholarship to Trinity College in Dublin and received many awards and earned the highest honor the college offered to an undergraduate, the Foundation Scholarship. In 1874, he also won the College's Berkley Gold Medal for Greek and was awarded a Demyship to Magdalen College, Oxford. After graduating from Oxford, Oscar moved to London with his friend Frank Miles, a well-known portrait painter of the time. In 1878 his poem Ravenna was published, for which he won the...

The History Of Greek Theater

Theater and drama in Ancient Greece took form in about 5th century BCE, with the Sopocles, the great writer of tragedy. In his plays and those of the same genre, heroes and the ideals of life were depicted and glorified. It was believed that man should live for honor and fame, his action was courageous and glorious and his life would climax in a great and noble death. Originally, the hero's recognition was created by selfish behaviors and little thought of service to others. As the Greeks grew toward city-states and colonization, it became the destiny and ambition of the hero to gain honor by serving his city. The second major characteristic of the early Greek world was the supernatural. The two worlds were not separate, as the gods lived in the same world as the men, and they interfered in the men's lives as they chose to. It was the gods who sent suffering and evil to men. In the plays of Sophocles, the gods brought about the hero's downfall because of a tragic flaw in the character of the hero. In Greek tragedy, suffering brought knowledge of worldly matters and of the individual. Aristotle attempted to explain how an audience could observe tragic events and still have a pleasurable experience. Aristotle, by searching the works of writers of Greek tragedy, Aeschulus, Euripides and Sophocles (whose Oedipus Rex he considered the finest of all Greek tragedies), arrived at his definition of tragedy. This explanation has a profound influence for more than twenty centuries on those writing tragedies, most significantly Shakespeare. Aristotle's analysis of tragedy began with a description of the effect such a work had on the audience as a "catharsis" or purging of the emotions. He decided that catharsis was the purging of two specific emotions, pity and...

Scholarship Essay About Goals

Ever since I was a young kid I have always been interested with aircraft. I was so curious of how airplane's fly. I remember taking my toys apart to see how it works. As a kid I wanted to go to the airport to watch the airplanes land and fly and pondered how this happens. Other kids wanted to go to the amusement places. As I grew older I became more and more interested in aircraft and the technology behind it. I always involved myself with aviation early on. I read books and magazines on aviation, took museum tours, built model airplanes. When I was younger my father would take me to aircraft repair facilities where I would watch in great fascination. In my teens, went up to the military bases and befriended many soldiers involved with aircraft and asked them numerous questions. I got to meet many aeronautics engineers and borrowed their old textbooks and read them till the wee hours of the morning. As technology improved with information superhighway, I logged on the web. Stayed up for hours and hours searching through web pages and web pages of information about aircraft and technology. I started my elementary school in the Philippines, then we moved to U.S. and continued my high school education and graduated. Enrolled at the CCSF to pursue my college education and now I am in the 2nd year in CCSF taking aeronautics. My goal now is to obtain my AS degree from the City College of San Francisco (CCSF) so I can transfer to a University and get a Bachelors degree and to continue for my Masters degree in Aeronautics Engineering. I will strive hard to reach the peak level of my career which is a Professor and hopefully to be an aeronautic professor so...

Circus Circus Enterprises Case Studies

Executive Summary: Circus Circus Enterprises is a leader and will continue to be in the gaming industry. In recent years, they have seen a decline in profit and revenue; management tends to blame the decrease on continuing disruptions from remodeling, expansion, and increased competition. Consequently, Circus has reported decreases in its net income for 1997 and 1998 and management believes this trend will continue as competition heightens. Currently the company is involved in several joint ventures, its brand of casino entertainment has traditionally catered to the low rollers and family vacationers through its theme park. Circus should continue to expand its existing operations into new market segments. This shift will allow them to attract the up scale gambler. Overview Circus Circus Enterprises, Inc founded in 1974 is in the business of entertainment, with its core strength in casino gambling. The company?s asset base, operating cash flow, profit margin, multiple markets and customers, rank it as one of the gaming industry leaders. Partners William G. Bennett an aggressive cost cutter and William N. Pennington purchased Circus Circus in 1974 as a small and unprofitable casino. It went public in 1983, from 1993 to 1997; the average return on capital invested was 16.5%. Circus Circus operates several properties in Las Vegas, Reno, Laughlin, and one in Mississippi, as well as 50% ownership in three other casinos and a theme park. On January 31,1998 Circus reported net income of 89.9 million and revenues of 1.35 billion, this is a down from 100 million on 1.3 billion in 1997. Management sees this decline in revenue due to the rapid and extensive expansion and the increased competition that Circus is facing. Well established in the casino gaming industry the corporation has its focus in the entertainment business and has particularly a popular theme resort concept....

Effect Of Civil War On American Economy

The Economies of the North and South, 1861-1865 In 1861, a great war in American history began. It was a civil war between the north and south that was by no means civil. This war would have great repercussions upon the economy of this country and the states within it. The American Civil War began with secession, creating a divided union of sorts, and sparked an incredibly cataclysmic four years. Although the actual war began with secession, this was not the only driving force. The economy of the Southern states, the Confederacy, greatly if not entirely depended on the institution of slavery. The Confederacy was heavily reliant on agriculture, and they used the profits made from the sale of such raw materials to purchase finished goods to use and enjoy. Their major export was cotton, which thrived on the warm river deltas and could easily be shipped to major ocean ports from towns on the Mississippi and numerous river cities. Slavery was a key part of this, as slaves were the ones who harvested and planted the cotton. Being such an enormous unpaid work force, the profits made were extraordinarily high and the price for the unfinished goods drastically low in comparison; especially since he invention of the cotton gin in 1793 which made the work all that much easier and quicker. In contrast, the economical structure of the Northern states, the Union, was vastly dependent on industry. Slavery did not exist in most of the Union, as there was no demand for it due to the type of industrial development taking place. As the Union had a paid work force, the profits made were lower and the cost of the finished manufactured item higher. In turn, the Union used the profits and purchased raw materials to use. This cycle...

Evaluation Of The Effectiveness Of Trade Embargoes

Although I am a strong critic of the use and effectiveness of economic sanctions, such as trade embargoes, for the sake of this assignment, I will present both their theoretical advantages and their disadvantages based upon my research. Trade embargoes and blockades have traditionally been used to entice nations to alter their behavior or to punish them for certain behavior. The intentions behind these policies are generally noble, at least on the surface. However, these policies can have side effects. For example, FDR's blockade of raw materials against the Japanese in Manchuria in the 1930s arguably led to the bombing of Pearl Harbor, which resulted in U.S. involvement in World War II. The decades-long embargo against Cuba not only did not lead to the topple of the communist regime there, but may have strengthened Castro's hold on the island and has created animosity toward the United States in Latin America and much suffering by the people of Cuba. Various studies have concluded that embargoes and other economic sanctions generally have not been effective from a utilitarian or policy perspective, yet these policies continue. Evaluation of the effectiveness of Trade Embargoes Strengths Trade embargoes and other sanctions can give the sender government the appearance of taking strong measures in response to a given situation without resorting to violence. Sanctions can be imposed in conjunction with other measures to achieve conflict prevention and mitigation goals. Sanctions may be ineffective: goals may be too elusive, the means too gentle, or cooperation from other countries insufficient. It is usually difficult to determine whether embargoes were an effective deterrent against future misdeeds: embargoes may contribute to a successful outcome, but can rarely achieve ambitious objectives alone. Some regimes are highly resistant to external pressures to reform. At the same time, trade sanctions may narrow the...