Corrective measures for today and the future Essay Example for Free

Corrective measures for today and the future Essay There are many ways to stop war drivers and hackers and these methods may be as simple or complex depending upon the nature of the network. First, one should understand that war drivers and hackers can easily tap into a network because of the plug-and play nature of modern devices. Also some advanced security systems such as the Wired Equivalency Privacy (WEP) system used by 802. 11b wireless networks is plagued by some common errors in the system, including failure to engage it entirely by itself or engage WEP encryption key set at default. Thus, method such as WEP, IPSEC, and Wi-fi protected Access, DMZs, Firewalls and Virtual Private Networks can be established to deter war drivers and hackers (â€Å"War Driving†, 2004). WEP Wired Equivalent Privacy (WEP) is basically a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard (which is 802. 11b) designed to provide the WLAN a security level that matches a wired network. Security for a WLAN can be tricky, as access to a WLAN is not hindered by most physical barriers. WEP works by encrypting data before transmitting it to the wireless network. This encryption can be done in conjunction with other protection methods such as password protection, end-to-end encryption and virtual private networks (VPNs) (â€Å"Wired Equivalent Privacy†, 2006). But WEP is not without it flaws, as proven by a research group from the University of California at Berkeley. The group was able to intercept and change data transmissions and gone as far as gaining access to restricted networks and data. On the other and, WECA (Wireless Ethernet Compatibility Alliance) claims that WEP is not the only security system method available for WLAN. WEP is popular because most consumers have put up much of their trust in WEP that other methods (â€Å"Wired Equivalent Privacy†, 2006). IPsec IPsec (Internet Protocol Security) is defined as the backbone for a set of security protocols for network communications. IPsec claims to be effective in establishing virtual private networks and remote user access in dial-up accounts and private networks. One obvious advantage of IPsec is that security arrangements can be taken cared of without changing computers or users. CISCO (a major promoter of IPSEC) provides support for IPSEC on their network routers (â€Å"IPsec†, 2005). IPsec has two options for security service. First is the Authentication Header (AH), which basically authenticates the identity of the data sender and the other one is Encapsulating Security Payload (ESP) which handles both sender authentication and data encryption. Both services packages specific information into packets in a header that follows the IP packet header. Separate key protocols can be selected for this such as the ISAKMP or Oakley protocol (â€Å"IPsec†, 2005). ISAKMP (Internet Security Association and Key Management Protocol) is a coded protocol based on the IKE key exchange protocol (ISAKMP, 2006). On the other hand, the Oakley protocol is a security system in which two authorized parties can exchange confidential material through the Internet (Oakley Protocol, 2006). Both protocols can be used on a secured connection and is defined by RFC (Request for Comments) 2408 and 2412 respectively. Wi-Fi Protected Access Wi-Fi Protected Access (WPA) is a new security protocol that was designed to replace WEP. It is technically an improved version of WEP. Though WPA has improved data protection features, WEP is still considered to be best for home use. However, WEP is not recommended for corporate use because it is prone to eavesdropping and hacking, because it is not able to handle the bulk of data that WPA is capable of handling. WPA uses Temporal Key Integrity Protocol (TKIP) which uses pre-packet mixing function, extended initialization vector, and a re-keying mechanism. WPA is also said to have stronger user identification because it is based on 802. 1 xs and has an Extensible Authentication Protocol (EAP). Also WPA relies on RADIUS (a central authentication server) to identify each user â€Å"Wi-Fi Protected Access†, 2005). WPA is actually under IEEE 802. 11i, and there are rumors that a second version called WPA2 is on the works. It is also predicted that by 2003, there will be software updates that will allow both the client and server to establish WPA in their system. â€Å"Hotspots† can then operate within a mix of WEP and WPA modes to support both home and corporate clients. In case of a home client, the identification system would be simpler than the one that will be issued for corporations (â€Å"Wi-Fi Protected Access†, 2005).