Securing wireless and mobile devices
Device hardening is a collection of tools and techniques to reduce vulnerability and helps in securing the network. Some of these methods involve Mutual Authentication, WEP and WPA/WPA2.
- Mutual Authentication: One of the remarkable vulnerabilities of wireless networks is the utilization of rogue access points. An access point is a device that enables wireless devices to connect to a network. Any device that has a wireless transmitter and hardwired interface to a network can go about as a rogue access point. The rogue access point can impersonate an authorized access point. The outcome is that wireless devices establish communication with the rogue access point rather than the authorized access point. The hoaxer can receive connection requests, copy the data in the request and forward the data to the authorized network access point. To prevent rogue access points, mutual authentication is used. In Mutual authentication, both entities in a communications link authenticate to each other. The client validates to the access point and the access point authenticates the client. It is also known as two-way authentication.
- Wired Equivalent Privacy (WEP): Wired Equivalent Privacy (WEP) is one of the first and widely used Wi-Fi security guidelines. WEP became a security standard in September 1999. It provides authentication and encryption protections. The WEP standards are out of date however numerous devices still support WEP. Regardless of corrections to the standard and expanded key size, WEP experienced various security shortcomings. Cyber criminals can crack WEP passwords easily and quickly.
- Wi-Fi Protected Access (WPA/WPA2) The most widely recognized WPA configuration is WPA-PSK (Pre-Shared Key). The keys used by WPA are 256-bit. WPA provides message integrity checks which could detect if an attacker had captured and changed information gone between the wireless access point and client. Another key security improvement as Temporal Key Integrity Protocol (TKIP). The TKIP standard provides the ability to secure and change encryption keys. One of the most noteworthy security improvements from WPA to WPA2 was the obligatory utilization of Advanced Encryption Standard algorithms.
- WPA2 is the fastest of the encryption protocols.
- WPA2 passwords can be up to 63 characters in length.