M3 - Report on the similarities and differences between securing wireless and wired networked systems.


When using a wired network, it is extremely difficult for an attacker to intercept your connection and steal bandwidth, whereas when using a wireless connection others can see and potentially access your wireless network, sometimes within seconds, enabling them to use your bandwidth and steal any information that is shared over the network. Wireless signals can be picked up from somebody in a neighbouring building or sitting in a car near your house, which is why they can be so unsecure. To make the problem worse some routers get delivered with encryption disabled, meaning anybody can connect to the network without having to enter a password, most homeowners don’t know that they need to enable anything leaving them very vulnerable.
The good news is that it is not very hard to make your wireless network secure, which will both prevent others from stealing your internet and will also prevent hackers from taking control of your computer through your own wireless network. Changing the SSID will make it harder for hackers to find out what router you have, if you leave the SSID as “BtHomeHub-4106” Then any attacker will be able to see you have a Bt HomeHub, they can then try the default admin password and could gain access to your routers admin settings. You can even turn SSID broadcasting off, meaning when a user searches for a wireless network, yours will not appear. You can then connect to your network manually by supplying the SSID name. The most popular method of securing a wireless network is using encryption such as WEP, WPA, or WPA2. WPA2 is the most commonly used type of encryption as it is the most secure and most updated version. Using encryption will mean that anybody trying to connect to your network will have to enter a passphrase, without the unique passphrase they will be denied access to the internet, therefore making your network more secure. This however can still be bypassed my skilled attackers, to make encryption even more secure, it is important to change the default passphrase so it is 100% unique, this is because attackers can sometimes crack default passphrases and still gain access to your network. Ensure you change the passphrase to something very secure; you can do this by making it long and including characters, numbers and symbols.
The most effective and secure method is by disabling DHCP, meaning your router will not automatically assign IP addresses to anybody that wants to connect to the network. Instead you can assign static IP addresses and give the router a list of MAC addresses. This means that only the computers you have listed are able to connect to the network, making it virtually impossible for an attacker to gain access to your network, unless they physically break in and use your own computer. Putting your router in the middle of you house, rather than next to a window will also help make it secure, this will mean that anybody outside of your house will have a poor connection if they do manage to connect to your network.
Wired networks are generally considered more secure, this is because to gain access to the network you need to be physically connected via a wire. They are not however completely safe, there are a number of things you can do to ensure your network stays secure. The main obvious one being the physical security, keeping server roomed locked and only allowing access to authorised members of staff will greatly decrease the chance of a security breach.
Using a shielded cable is another good method of keeping your wired network secure, if you use and unshielded cable somebody could place a tapping device on the cable and pick up all data flowing through it, therefore accessing your data. Having cables on show is another security risk, it is best to keep them on the ceiling or somewhere out of reach or even underground. IPSec (Internet Protocol Security) is a set of protocols developed to support secure exchange of packets at the IP layer. When communicating over the network having IPSec will ensure the packets of data are not tampered with. Having a strong security policy and training staff properly so they are aware of the risks should also prevent any security breaches.
Using security tools and applications to monitor the network will help secure both wired and wireless networks; applications that could protect the networks include IDS, proxies and firewalls to restrict user usage and other things.
It is ideal to have physical security for both wired and wireless networks; this is like the first line of defence for the network. If someone gains access to the physical network they will be able to do a lot of damage. Also having firewalls, IDS and anti-virus is recommended for both types of network. Keeping the operating system and all applications up to date is also very important, this might help the software run faster and detect any new viruses or security threats.

Popular posts from this blog

D1 - Discuss Recent Network Threats

Cross-Site Scripting (XSS) Cross-Site Scripting is a computer security vulnerability that is mostly found in web applications. XSS allows attackers to inject client-side scripts into web pages that are then viewed by others. The people that view this web page can then be infected without even knowing as the page appears to be normal. Depending on what scripts the attacker uses the effects can range from something very minor to a major security risk. XSS can be used to gain control and bypass the authorisation process. SQL Injection SQL Injection is a  technique  used to attack data driven applications and is implemented by adding parts of SQL statements in to entry fields within a website.This is done  in an attempt to get the website to accept a newly formed rouge SQL command to the database. SQL injection is a code injection  technique  that exploits a security vulnerability in an applications software. The vulnerability occurs when the user input field i...
Read more

M1 - Explain The Operation Of Different Intruder Detection Systems

Firewalls Firewalls are designed to prevent unauthorised access to a computer or network. You can implement a firewall in both hardware and software, or a combination of both. A firewall will monitor data packets coming in and out of the network it is protecting and will enforce the company's network security policy. It filters out the packets that look suspicious and do not meet the specified security criteria. Most organisations use firewalls to protect their network from the Internet. There are a few different types of firewall, these are: Packet Filtering Firewall Stateful Inspection Packet Filtering Firewall Proxy Firewall Packet Firewalls Packet filtering was the first type of firewall to be created, a packet filtering firewall will control what data can flow into and out of a network. It will accept or reject packets of data based on a set of user-defined rules, these rules are called ACLs. ACLs are lines of text that the firewall will apply to each packet of d...
Read more