Term Paper
Christopher Talbott
American Public University System

Wireless Networks and their Security Risks
This purpose of this paper is to discuss the current state of Wireless networks. Their different security features and known issues with wireless technology. As well as how business implement Wireless networks, the different hacking methods used against Wireless networks and its future technological uses.
There are many different wireless standards ranging from 802.11b to the new 802.11ac standard. Many manufactures exist with their own unique features for both home and business use. Each Wireless network standard was set forth an agreed upon by the IEEE or Institute of Electrical and Electronics Engineers. “IEEE is the world's largest professional association dedicated to advancing technological innovation and excellence for the benefit of humanity. IEEE and its members inspire a global community through IEEE's highly cited publications, conferences, technology standards, and professional and educational activities, ("About IEEE," 2014)”.
The IEEE sets forth the standards for each 802.11 standard, starting with 802.11b, which is a “Wireless radio-frequency local area network. 802.11b, adopted Sept. 1999, operates at 11 Mbps in 2.4GHz band. By end of 2000, IEEE to approve backward-compatible 22 Mbps version of 802.11b HR, to be dubbed 802.11b HRb, (Palenchar, J. (2000)”. 802.11b was the first widely adopted Wireless network for home use. Routers and wireless cards using the 802.11b standard allowed for the home networks to become a reality.
The next standard was 802.11g, according to Zyren, “IEEE 802.11g draft standard extends data rates for 2.4-GHz wireless-LAN (WLAN) systems to 54 Mbits/second and provides backward compatibility with existing 802.llb (Wi-Fi) equipment, Zyren, J. (2002)”. Meaning that 802.11b wireless PC cards were compatible with 802.11g routers. So if a user upgraded to router to the new standard their old wireless PC card would still work. But in order to utilize the faster speed of 802.11g a new wireless PC card had to be purchased as well. This backwards compatible allowed for easier transition to the newer standard. The trend of backwards compatibility would continue through future iterations of 802.11 as well.
802.11g was followed by 802.11n, “802.11n connections support maximum theoretical network bandwidth up to 300 Mbps depending primarily on the number of wireless radios incorporated into devices, (Mitchell, 2014)”. This standard was also to first to utilize MIMO, Multiple in Multiple Out antennas. Meaning that multiple radio signals can be received and transmitted at the same time. Unlike previous editions where only two antennas were used, one for receiving and one for transmitting. With MIMO 802.11n is capable of faster connections speeds up to 300 Mbps. Also like its predecessor 802.11g, 802.11n is backwards compatible with 802.11b and 802.11g.
The most recent standard is 802.11ac, according to CISCO, “first-wave 802.11ac products built around 80 MHz and delivering up to 433 Mbps (low end), 867 Mbps (mid-tier), or 1300 Mbps (high end) at the physical layer. Second-wave products may promise still more channel bonding and spatial streams, with plausible product configurations operating at up to 3.47 Gbps, ("802.11ac: The fifth," 2014)”. Same as before this new standard is backwards compatible with previous standards. But with any new standard new hardware is needed to achieve the maximum speed of 802.11ac.
Each of the above 802.11 standards has various security features it uses to help protect the Wireless network. The first of these is WEP, Wired Equivalent Privacy which used RC4 encryption to secure 802.11b Wireless networks. In a paper published in 2001 by Scott Fluhrer, Itsik Mantin, and Adi Shamir, called Weaknesses in the Key Scheduling Algorithm of RC4. They described how intercepting packets can lead to discovery of the security key and ultimately allow a hacker to gain access to a WEP encrypted network with relative ease. Programs are available now that can perform this action in under a minute, some of which will be discussed later in this paper.
Wi-Fi Protected Access or WPA was the successor to WEP and was more secure. “Like WEP, WPA uses RC4 encryption for its keys, but unlike WEP, WPA modifies the original key for greater security and supports an optional authentication server, ("Wi-fi protected access," 2005)”. WPA was more secure then WEP, but it was not a complete solution. WPA2 as then implemented using AES encryption and until recently was not hackable. To quote O’Donnell, “To be clear, hackers have managed to crack WPA2-PSK (Pre Shared Key), which is primarily used by most home and small business users. WPA2-Enterprise, used in the corporate world, has a much more complicated setup involving the use of a RADIUS authentication server and is still a safe bet for wireless protection, (O'Donnell, 2014)”.
To counteract these issues the following security features are recommended and most are standard features on newer wireless routers. The first is selecting a complicated and long PSK (Pre Shared Key). Having a key that has multiple upper and lower case letters as well as numbers can make it more difficult to crack. An example would be H1mYN@M3!T0M which is hi my name is tom. By using a complicated PSK you make your Wireless network harder to crack. A second option is change your routers default SSID (Service Set Identifier). Lists of default SSID’s can be found online just by doing a simple google search. Changing an SSID from its default can also help protect your Wireless network.
Third would be to hide your SSID, most wireless routers have an option to turn off broadcasting of the SSID. Doing so disables the ability of your Wireless network from being seen by a device. But by also doing this you will have to manually type in the SSID into any device that wishes to be added to the Wireless network, instead of just scanning for the name and selecting it. The finally and forth security option is called MAC address reservation. By creating a list of all devices currently connected to the wireless router, you can implement a MAC address filter. Meaning that only the devices which are stored in the MAC address filter can access the wireless router, all others will be denied. One issue with doing this, is that when adding a new device to the wireless router, say a new cell phone or tablet, you will have to disable the filter in order to add the new device. Once done the filter would have to be enabled again. Implementing the above security features can greatly increase the security of your Wireless network and make it less likely of a target to hackers.
There are many tools on the Internet which can be used to hack Wireless networks, the two most common are Linux based operation systems called BackTrack Linux and KaliLinux, which is the successor to BackTrack Linux. “BackTrack Linux (http://www.backtrack-linux.org/) is a custom distribution designed for security testing for all skill levels from novice to expert. It is the largest collection of wireless hacking, server exploiting, web application assessing, social-engineering tools available in a single Linux distribution, (Hess, 2014)”. BackTrack has many programs built into it that can be used for Wireless network hacking, one of them is a program called Aircrack. Aircrack is a terminal program that can be used to capture and analyze Wireless network traffic in order to obtain a WEP security key.
KaliLinux is the predecessor to BackTrack and is more user friendly. Unlike BackTrack which required the user to know terminal commands to run the programs, KaliLinux is almost entirely GUI based making it much easier to use and configure. According to Averley, “The new Kali Linux incorporates more than 300 penetration testing and security auditing programs with a Linux operating system, delivering an all-in-one solution that enables IT administrators and security professionals to test the effectiveness of risk mitigation strategies, (Averley, 2013)”. Both of these operating systems are free since they are Linux distributions, meaning anyone can download them. This also means there are very easily accessible, but they do have a strict learning curve. Both of these operating systems are designed for penetration testing and not for hacking your neighbors Wireless network, do so may violate local and federal laws.
Considering all of this there is still plenty of room for advancement in Wireless networks, whether it be in the realm of enhanced security or faster connection speeds. Wireless networks are the future of connectivity and they can only get better. One company that seeks to change Wireless networks is Artemis with their pCell wireless technology. According to Anthony, “…early demonstrations of the technology are to be believed, pCell appears to completely dismantle the idea of a “wireless spectrum crunch,” allowing each mobile device to receive full wireless bandwidth from congested base stations, potentially increasing our total wireless bandwidth by 1,000x, (Anthony, 2014)”. The concept of pCell is giving each wireless device a dedicated cellular frequency that is maintained and controlled by what is called a DIDO (Distributed-Input-Distributed-Output) server. “DIDO, in theory, gives every wireless user in a given area full access to the available spectrum, rather than having to share it, (Anthony, 2014)”. If this technology proves to work then the future of Wireless networks is looking very exciting.
In conclusion Wireless networks come in various different standards with multiple security options and flaws. Though these flaws can be mitigated by implementing the proper security measures, nothing will ever be 100% secure. With operating systems such as BackTrack Linux and KaliLinux free and readily available there will always be someone trying to improperly access your Wireless network. In the end due to the public’s increasing demand for be connected everywhere and all the time, Wireless networks are the growing standard and will only get faster and more secure as we head into the future.

References
About IEEE. (2014). Retrieved from http://www.ieee.org/about/index.html

Palenchar, J. (2000). IEEE 802.11b HR, 802.11b HRb, 802.11a. TWICE, 15(17), 20-22. Retrieved from http://search.proquest.com/docview/232272524?accountid=8289

Zyren, J. (2002). 802.11g spec: Covering the basics. Electronic Engineering Times, (1204), 61-61,68+. Retrieved from http://search.proquest.com/docview/208083508?accountid=8289

Mitchell, B. (2014). 802.11n. Retrieved from http://compnetworking.about.com/od/wireless80211/g/bldef_80211n.htm

802.11ac: The fifth generation of wi-fi technical white paper. (2014). Retrieved from http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-3600-series
Wi-fi protected access (wpa), wpa2 and 802.11i. (2005, Oct 24). Retrieved from http://www.quepublishing.com/articles/article.aspx?p=421706

O'Donnell, A. (2014). Think your wpa2-encrypted wireless network is secure? think again.. Retrieved from http://netsecurity.about.com/od/secureyourwifinetwork/a/WPA2-Crack.htm

Hess, K. (2014). Backtrack linux: The ultimate hacker's arsenal. Retrieved from http://www.admin-magazine.com/Articles/BackTrack-Linux-The-Ultimate-Hacker-s-

Averley, P. (2013, March 13). Rapid7 introduces official metasploit support for new kali linux free security auditing toolkit. Retrieved from http://www.lexisnexis.com.ezproxy2.apus.edu/hottopics/lnacademic/?verb=sr&csi=162367&sr=HLEAD%28Rapid7%20Introduces%20Official%20Metasploit%20Support%20for%20New%20Kali%20Linux%20Free%20Security%20Auditing%20Toolkit%20Rapid7%20Introduces%20Official%20Metasploit%20Support%20for%20New%20Kali%20Linux%20Free%20Security%20Auditing%20Toolkit%20Closer%20Integration%20with%20the%20Enterprise-Ready%20Evolution%20of%20BackTrack%29%20and%20date%20is%202013