Objective and Table of ContentsComparisonsWireless ProtocolsInstallation ProceduresProblems to be investigatedSecurity AdministrationVulnerability TestingKey QuestionsProtocol QuestionsHardware QuestionsSoftware QuestionsSecurity QuestionsLegality QuestionsMorality QuestionsProcedure for Verifying ResultsExperimental MethodsPublicationsTentative Table of ContentsTime SchedulePossible changes to SpecificationChanges from original ideaPossible future changesList of LiteratureInternet SourcesDepartment of Defense SourcesGeorge Mason University ECE - 646 Fall 2003 Analytical Project Jay A. Crossler (240) 498-7774 [email protected] Project Specification Document Defensive Strategies for Establishing a Secure Wireless Network Third Draft of ProposalObjective and Table of Contents The objective of this paper is to find the best possible wireless configuration and methodology, based on assessing the actual security levels offered by different configuration procedures. Objective and Table of Contents ...................................................................................2 Comparisons ...................................................................................................................3 Wireless Protocols.........................................................................................................3 Installation Procedures..................................................................................................3 Problems to be investigated ..........................................................................................4 Security Administration..................................................................................................4 Vulnerability Testing ......................................................................................................4 Key Questions.................................................................................................................5 Protocol Questions ........................................................................................................5 Hardware Questions......................................................................................................5 Software Questions .......................................................................................................5 Security Questions ........................................................................................................5 Legality Questions.........................................................................................................5 Morality Questions.........................................................................................................5 Procedure for Verifying Results ....................................................................................6 Experimental Methods...................................................................................................6 Publications ...................................................................................................................6 Tentative Table of Contents...........................................................................................7 Time Schedule.................................................................................................................8 Possible changes to Specification................................................................................9 Changes from original idea............................................................................................9 Possible future changes ................................................................................................9 List of Literature............................................................................................................10Comparisons There are many recommended procedures for securing a wireless network. Most of the commonly distributed ones from technical magazines, websites and product brochures are mostly worthless. Wireless configuration procedures will be compared in terms of ease of install, implied security, actual security and average time to break into. Wireless Protocols The following procedures wireless protocols will be considered for analysis. • 802.11a • 802.11b • 802.11g • 802.11i • Bluetooth Installation Procedures The following categories of installation procedures will be compared for security. • Default Settings (using systems right out of the box) • Physical Security (location of receiver, access to physical breach) • Obscurity (turning off SSID broadcasts) • Access Control Lists (MAC Address restrictions and IP filtering) • Wireless Encryption Protocol (56-bit WEP, 128-bit WEP, AES) • Virtual Private NetworksProblems to be investigated There are many conflicting methods for establishing a secure wireless network. The problems to be investigated are largely related to a lack of understanding of how difficult it is to gain unauthorized access to a wireless network. These problems can be divided into two conceptual categories: Security Administration and Information Vulnerability Testing. Security Administration • Wireless Protocols • Wireless Hardware • Wireless Broadcast power and location • Basic intrusion avoidance • Encryption methodology • Managerial Oversight Vulnerability Testing • Basic Access Attempts • Locating Networks (SSID Sniffing) • Wireless Router intrusions • MAC/IP Address sniffing • WEP key sniffing • Physical Intrusion MethodologyKey Questions Protocol Questions What are the differences between the 802.11a, b, g and I standards? What ranges do they operate at? What frequencies do they use? Are they interchangeable? Are they rated as secure? What major companies use them? Hardware Questions What is the range of different wireless hardware? Can this range be expanded? What’s the cheapest way of extending listening/broadcasting range? What’s the cheapest access hardware? What are the most commonly used network access points? Software Questions What software is available to aide in wireless network intrusion? What platforms are required to run this software? How much does professional intrusion detection software cost? Security Questions What is the most common wireless network configuration? What are the default passwords of these access points? What are the default
View Full Document
Unlocking...