MODULE 4: WIRELESS NETWORKING

WIRELESS NETWORKING:

Wireless networking in cybersecurity involves a range of concepts and practices designed to secure data
transmitted over wireless networks and protect the network infrastructure from various threats. Some
of them are:

1. Wireless Network Types and Protocols

 Wi-Fi (Wireless Fidelity): The most common wireless network technology, typically using WPA2
or WPA3 for security.
 Bluetooth: Used for short-range communication between devices, with its own set of security
measures.
 Zigbee and Z-Wave: Protocols used in IoT (Internet of Things) devices, each with specific security
protocols.

2. Encryption

 WPA2/WPA3 (Wi-Fi Protected Access): Encryption protocols used to secure wireless networks.
WPA3 is the latest standard, providing stronger encryption and security mechanisms.
 SSL/TLS (Secure Sockets Layer/Transport Layer Security): Protocols for encrypting data in transit,
commonly used in web communication.

3. Authentication

 Pre-shared Key (PSK): A shared password used for accessing a wireless network, suitable for
home and small business networks.
 802.1X: A network access control protocol for enterprise networks, providing authentication
through a central server (e.g., RADIUS).

4. Intrusion Detection and Prevention

 Wireless Intrusion Detection Systems (WIDS): Monitor wireless traffic for suspicious activity.
 Wireless Intrusion Prevention Systems (WIPS): Actively prevent attacks by taking
countermeasures when threats are detected.

5. Threats and Mitigations

 Eavesdropping: Using encryption to prevent unauthorized interception of wireless

communication.
 Rogue Access Points: Detecting and disabling unauthorized access points.
 Man-in-the-Middle Attacks: Using strong encryption and authentication protocols to prevent
interception and tampering of data.
COMMON TERMS:

WLAN (Wireless Local Area Network)

A WLAN is a type of local area network that uses wireless communication to connect devices within a
limited area such as a home, school, or office. WLANs are typically based on the IEEE 802.11 standards,
commonly known as Wi-Fi.

Wireless

In the context of networking, "wireless" refers to the use of radio waves to connect devices and transmit
data without the need for physical cables. This encompasses various technologies such as Wi-Fi,
Bluetooth, and cellular networks.

Wireless Access Point (WAP)

A wireless access point is a device that allows wireless devices to connect to a wired network using Wi-
Fi. It acts as a central transmitter and receiver of wireless radio signals, enabling devices like laptops,
smartphones, and tablets to access the network.

Cellular

Cellular refers to wireless communication technology used in mobile phones and other portable devices.
Cellular networks divide regions into cells, each served by a base station, allowing for wide-area
coverage and mobility. Common cellular standards include 4G LTE and 5G.

Attenuation

Attenuation is the reduction in signal strength as it travels through a medium, such as air or physical
obstacles. In wireless networking, attenuation can be caused by distance, walls, and other obstructions,
leading to weaker signal reception.

Microwave

In wireless communication, microwaves refer to a type of electromagnetic wave with frequencies

typically ranging from 1 GHz to 300 GHz. Microwaves are used in various communication technologies,
including Wi-Fi, Bluetooth, and satellite communications.

Jamming

Jamming is the intentional interference with wireless communication by broadcasting signals that
disrupt or block legitimate communication. This can be a form of cyber attack, affecting Wi-Fi, cellular,
and other wireless networks.

SSID (Service Set Identifier)

An SSID is a unique identifier or name assigned to a Wi-Fi network. It allows users to distinguish between
different networks and is broadcast by the wireless access points, so devices can find and connect to the
network.

Bluetooth

Bluetooth is a wireless technology standard for exchanging data over short distances (usually within 10
meters) using short-wavelength UHF radio waves. It's commonly used for connecting peripheral devices
like headphones, keyboards, and mice to computers and smartphones.

Wi-Fi Hotspots

Wi-Fi hotspots are physical locations where Wi-Fi access is made available to the public or specific users.
Hotspots can be found in places like cafes, airports, hotels, and public parks, allowing users to connect
to the internet using their wireless devices.

WHAT IS WIFI?
Wi-Fi, which stands for "Wireless Fidelity," is a technology that allows electronic devices to connect to a
wireless local area network (WLAN) using radio waves. It is based on the IEEE 802.11 standards, which
define communication protocols for implementing wireless local area network computer communication
in various frequency bands.

WIRELESS ATTACKS:

War Driving:

War driving involves driving around in a vehicle with a laptop or mobile device equipped with Wi-Fi
capability and an antenna to detect and map wireless networks. The purpose is to identify and locate
wireless networks, typically open or unsecured ones, in a particular area. This activity can be done for
various reasons, ranging from testing network security to illicitly accessing unprotected networks.

War Walking

War walking is similar to war driving but involves walking instead of driving. Individuals use portable
devices like smartphones or laptops to search for wireless networks while on foot. This method is often
used in urban areas where driving is less practical or in places where vehicle access is restricted.

War Chalking

War chalking involves marking physical locations with symbols (chalk marks) to indicate the presence
and status of nearby wireless networks. This practice originated from the concept of "hobo signs" and is
used to share information about network availability, encryption status, and accessibility with others.
The symbols typically indicate whether a network is open, secured, or has specific features.

War Flying
War flying is an extension of war driving, conducted from an aircraft, such as a small plane or drone. The
purpose is to scan for wireless networks from the air, covering larger areas more quickly than ground-
based methods. This technique can be used for similar purposes as war driving, including mapping
networks and identifying unsecured access points.

Bluejacking

Bluejacking is a practice involving the unauthorized sending of messages or data to Bluetooth-enabled

devices. This is typically done by exploiting Bluetooth’s discoverability feature to send unsolicited
messages, contact information, or other files to nearby devices without the recipient's consent. While
usually harmless and intended as a prank, bluejacking can be disruptive and intrusive.

HOW TO SECURE WIRELESS NETWORK:

Securing wireless networks is essential to protect against unauthorized access, data breaches, and
various cyber threats. Here are key strategies and best practices for securing wireless networks:

1. Use Strong Encryption

 WPA3 (Wi-Fi Protected Access 3): Ensure your network uses the latest encryption standard,
WPA3, which provides enhanced security features over WPA2.
 WPA2 (Wi-Fi Protected Access 2): If WPA3 is not supported, use WPA2 with AES encryption.

2. Set a Strong, Unique Password

 Complex Passwords: Use strong, complex passwords for both your Wi-Fi network and the
router's admin interface. Avoid common words or easily guessable information.
 Regular Changes: Change passwords periodically to reduce the risk of them being compromised.

3. Network Segmentation

 Guest Networks: Create a separate guest network for visitors to prevent them from accessing
your main network.
 VLANs (Virtual Local Area Networks): Use VLANs to segment different types of traffic, isolating
sensitive data from general access.

4. Disable WPS (Wi-Fi Protected Setup)

 WPS Risks: Disable WPS, as it has known vulnerabilities that can be exploited by attackers to
gain access to the network.

5. Update Firmware Regularly

 Router Updates: Regularly check for and install firmware updates for your router to patch
security vulnerabilities.

6. Enable Network Firewall

  Router Firewall: Ensure the built-in firewall on your router is enabled to provide an additional
layer of protection against external threats.

7. MAC Address Filtering

 Access Control: Implement MAC address filtering to allow only known devices to connect to the
network. Be aware, however, that MAC addresses can be spoofed.

8. Disable SSID Broadcasting

 Hidden Network: Disable SSID broadcasting to make your network less visible to casual users.
Note that this is not a foolproof security measure, as determined attackers can still detect
hidden networks.

9. Reduce Signal Range

 Power Settings: Adjust the transmission power of your router to limit the range of the Wi-Fi
signal to just the area you need, reducing the chance of outsiders accessing the network.

10. Use a VPN (Virtual Private Network)

 Encrypted Traffic: Use a VPN to encrypt data traffic, especially when accessing the network
remotely or using public Wi-Fi.

PROXY CONCEPTS:

proxies play a critical role in managing, securing, and optimizing internet traffic. Here are the key
concepts related to proxies in cybersecurity:

Proxy Server

A proxy server acts as an intermediary between a client (such as a web browser) and a destination
server (such as a website). When a client makes a request for resources (like web pages), the proxy
server processes this request and forwards it to the destination server. The response from the
destination server is then sent back to the client through the proxy server.

Key Functions of Proxies in Cybersecurity

a. Anonymity and Privacy

Proxies can mask the client's IP address, providing anonymity and helping to protect user privacy. This is
particularly important for users who wish to maintain confidentiality while browsing the internet.

b. Access Control and Filtering

Proxies can enforce access control policies and filter content. Organizations often use proxies to block
access to certain websites, monitor internet usage, and prevent access to malicious content.
c. Load Balancing and Failover

Reverse proxies distribute incoming client requests across multiple servers to balance the load and
ensure high availability. This helps in managing traffic spikes and provides failover capabilities in case a
server goes down.

TYPES:

a. Forward Proxy

A forward proxy is used by clients to access resources on the internet. It acts on behalf of the client by
sending requests to external servers and returning the responses. This type is commonly used to:

 Access blocked content.

 Improve performance through caching.
 Provide anonymity by hiding the client's IP address.

b. Reverse Proxy

A reverse proxy is used by servers to manage incoming requests from clients. It sits in front of web
servers and forwards client requests to appropriate backend servers. Benefits include:

 Load balancing across multiple servers.

 Enhancing security by masking the identity of backend servers.
 Caching content to improve performance.

PROXY CHAIN:

A proxy chain is a series of proxy servers that a user's request passes through before reaching its final
destination. The concept behind proxy chaining is to enhance privacy, security, and anonymity by adding
multiple layers of proxies, making it more difficult for anyone to trace the original source of the request.
Here’s a detailed look at proxy chains:

Key Concepts of Proxy Chains

1. Multiple Proxies in Sequence

o In a proxy chain, requests are relayed through multiple proxy servers before reaching
the target server. For example, a user's request might pass through Proxy A, then Proxy
B, and finally Proxy C before hitting the destination server.
2. Enhanced Anonymity
o Each proxy server only knows the address of the previous hop and the next hop in the
chain. This makes it much harder for an external observer to trace the entire path back
to the original requester, significantly enhancing user anonymity.
3. Security Benefits
o Proxy chains can provide additional security by distributing the traffic across multiple
servers, which can help to obscure the user's identity and protect against certain types
of attacks.