Name: Adham Ahmed Hassanin Ahmed
Academic Number: 2320083
Group 1 class 2
Dr. Ashraf Abdelaziz Taha
Wireless Network Security
Introduction:
Wireless Network Security is the protection of devices and networks connected in a
wireless environment from Unauthorize users, Wireless networks (Wi-Fi) have
become ubiquitous in homes, businesses, and public spaces.
Wireless Network Threats:
1. Accidental Association: Overlapping networks
unintentionally connect to neighbors
2. Malicious Association: Malicious access points (Free public Wi-Fi) can steal
passwords
3. Ad-Hoc Networks: Two computers can exchange data
4. Nontraditional Networks: Bluetooth can be used to eavesdrop
5. MAC Spoofing: Change MAC address to match a privileged computer 6. Man-In-
The-Middle Attacks: Using rogue access point between the user and the real access
point 7. Denial of Service (DoS): Keep the media busy 8. Network Injection: Spoof
routing/management messages
Countermeasures:
• Turn-off SSID broadcast
• educe signal strength
• Use encryption
• Use IEEE 802.1x network access control
• Change the router’s user ID from default Change the router’s password from
default
• MAC Filtering: Only specific MAC address connect
1
�Wi-Fi and how does it work:
• Wi-Fi leverages the IEEE 802.11 standards for wireless LAN connectivity. Over
time, these standards have evolved, culminating in the latest 802.11ax version.
• The 802.11 standards ensure compatibility with 802.3 Ethernet, the dominant wired
LAN technology, extending wired networks wirelessly. Peer-to-peer Wi-Fi, often used
for wireless printers, is also incorporated within these standards..
• In enterprise networks, wireless access points (APs) bridge the gap between
802.11 wireless and 802.3 Ethernet standards. Home network routers typically have
a built-in AP. Clients connect to the network wirelessly through these APs.
Access and security:
The most user-friendly system would relinquish any access control by passwords,
etc., and grant access to anyone. Unfortunately, only login procedures, as we know
them, grant some limited security against unauthorized access. However, without
frequently changing passwords, even this type of simple security may become a
loophole. Resources are just not freely available.
Security and. Risk:
To protect a complete system, various elements must play together, all of which
generate costs. These costs include:
•Costs for the acquisition of hardware
•Software for firewall building
•Password generator
A secure encryption of data results in a lower throughput and asks for hardware and
software enabling better performance. Furthermore, data encryption usually entails
performance degradation. This also has to be taken into account while decision
making. Risks to data include:
• Loss of privacy
•Data loss as such
• Loss of other resources by alterations of system parameters.
2
� Firewall
Introduction:
• A firewall is a network security device that monitors incoming and outgoing
network traffic and decides whether to allow or block specific traffic based on a
defined set of security rules.
• Firewalls have been a first line of defense in network security for over 25 years.
They establish a barrier between secured and controlled internal networks that can
be trusted and untrusted outside networks, such as the Internet.
• A firewall can be hardware, software, software-as-a service (SaaS), public cloud, or
private cloud (virtual).
Firewall History:
Firewalls have existed since the late 1980’s and started out as packet filters, which
were networks set up to examine packets, or bytes, transferred between computers.
Though packet filtering firewalls are still in use today, firewalls have come a long way
as technology has developed throughout the decades.
• Gen 1 Virus, Late 1980’s, virus attacks on stand-alone PC’s affected all businesses
and drove anti-virus products.
• Gen 2 Networks, Mid 1990’s, attacks from the internet affected all business and
drove creation of the firewall.
• Gen 3 Applications, Early 2000’s, exploiting vulnerabilities in applications which
affected most businesses and drove Intrusion Prevention Systems Products (IPS).
• Gen 4 Payload, Approx. 2010, rise of targeted, unknown, evasive, polymorphic
attacks which affected most businesses and drove anti-bot and sandboxing
products.
3
�• Gen 5 Mega, Approx. 2017, large scale, multi-vector, mega attacks using advance
attack tools and is driving advance threat prevention solutions.
Types of Firewalls:
• Packet filtering
A small amount of data is analyzed and distributed according to the filter’s standards.
• Proxy service
Network security system that protects while filtering messages at the application layer.
• Stateful inspection
Dynamic packet filtering that monitors active connections to determine which network
packets to allow through the Firewall.
• Next Generation Firewall (NGFW)
Deep packet inspection Firewall with application-level inspection.
The importance of firewall:
Firewalls, especially Next Generation Firewalls, focus on blocking malware and
application-layer attacks. Along with an integrated intrusion prevention system (IPS),
these Next Generation Firewalls can react quickly and seamlessly to detect and
combat attacks across the whole network. Firewalls can act on previously set
policies to better protect your network and can carry out quick assessments to
detect invasive or suspicious activity, such as malware, and shut it down. By
leveraging a firewall for your security infrastructure, you’re setting up your network
with specific policies to allow or block incoming and outgoing traffic.
Proxies:
4
� Proxy servers act as intermediaries between your computer and the internet. They
can check if you're allowed to visit a website before connecting you. This makes
them more secure than some firewalls.
• Instead of your computer directly connecting to a website, the proxy connects for
you.
• This allows the proxy to identify real connections and block fake ones.
• There are two main types of proxies: transport-level and application-level.
• Transport-level proxies are simpler and work for most internet traffic.
Application-level proxies require a separate program for each service (like
email or web browsing).
An advantage of transport-level proxies is that they prevent outsiders from sending
fake data through the firewall. This makes your network more secure.
5
� Reference
(Techtarget)
https://www.techtarget.com/searchnetworking/answer/Wireless-vs-Wi-Fi-What-is-the-
difference-between-Wi-Fi-and-WLAN
(cisco)
https://www.cisco.com/c/en/us/products/wireless/what-is-wi-fi-security.html
https://www.cisco.com/c/en/us/products/security/firewalls/what-is-a-
firewall.html#:~:text=A%20firewall%20is%20a%20network,defined%20set%20of%20
security%20rules.
https://www.cisco.com/c/en/us/products/security/firewalls/what-is-a-
firewall.html#:~:text=A%20firewall%20is%20a%20network,defined%20set%20of%20
security%20rules.
(check point)
https://www.checkpoint.com/cyber-hub/network-security/what-is-firewall/
(fortinet)
https://www.fortinet.com/resources/cyberglossary/firewall
