Basic Wireless Network Security

Wireless LAN Types

  • Infra Structure Mode
  • Ad Hoc Network Mode
  • Mixed Network Mode

 

Thread & Vulnerabilities

  • Wireless traffic is easily captured
  • Common WLAN Attacks: Rogue Access Point (AP)
  • Less Common WLAN Attacks: Wired Network Intrusion

 

Basic Wireless Network Security

  • Use a strong password
  • Enabled MAC address filtering
  • Enable network encryption
  • Configure Wireless router to use static IP addresses
  • Disable guest networks (If possible)

 

Policy Management

Define Access Requirements (who needs what & when)

If a guest access is banned, the policy must state this is that steps are being taken to prevent visitor intrusion

Include unique wireless scenarios such as employees at public hot spots and office visitor

Prohibit peer-to-peer (P2P) networking while permitting logged guest session through specific access points with limited:

  • Destination (inside or outside the network)
  • Protocols
  • Session time
  • Bandwidth

 

Other ways to secure a wireless network

Restrict access point placement within the network topology

Wireless applications required protected access to the intranet and/or Internet, and special firewall rules

Wireless access points should always sit outfit the firewall or within a demilitarized zone (DMZ). Using a DMZ can protect the WAN from Internet threats while protecting the wired intranet from WLAN threats.

Wireless traffic should be segregated so different polices can be applied

What is MS Active Directory

The role of a directory service is to store information about a computer network and offers features for retrieving and managing that information. Whether an organization consists of a single facility or has multiple locations, a directory service provides a centralized management tool for users and resources in all location.
Windows Active Directory is a directory service based on standards for defining, storing, and accessing directory service objects. Its hierarchical database enables administrators to organize users and network resources to reflect the organization of the environment in which it used:

  • Hierarchical organization
  • Centralized/distributed database
  • Scalability
  • Security
  • Flexibility
  • Policy-base administration

Working with user accounts is one of the most important Active Directory administrative tasks. User accounts are the main link between real people and network resources, and are referred to as “domain user accounts.” User accounts have two main functions in Active Directory:

  • Provide a method for user authentication to the network
  • Provide detailed information about a user

The overview of the Active Directory Structure contains a physical and logical structure. The physical structure consists of sites and servers configuration as a domain control. An Active Directory site as nothing more than a physical location in which domain controllers communicate and replicate information regularly. Whereas, the logical structure of Active Directory makes it possible to the pattern the directory service’s looks and feel after the organization in which it runs. The Organizing components of Active Directory are composed of domains, forests, trees, and organization units.

A Group Policy Object (GPO) is a list of settings administrators use to configure user and Computer operating environments remotely. Group policies can specify security settings, deploy software, and configure a user’s desktop, among many other computer and network settings. They can be configured to affect an entire domain, a site, and, most commonly, users or computers in an OU. The GPO scope defines which objects a GPO affects. When Active Directory is installed, two GPOs are created and linked to two containers a default domain policy and default domain controllers policy.
These default policies don’t define any user-specific policies, they are designed to provide default security settings for all computers in the domain. You can view, create, and manage GPOs by using the Group Policy Management console (GPMC). Each GPO has two main nodes a computer and user configuration.

Links:

Microsoft: Active Directory Domain Services Overview

Techopedia explains Active Directory (AD)

What does a Computer Systems Analyst do?

A Computer Systems Analyst is an IT professional who specializes in the analysis, design, and implementation of an information system for a company or organization.  What a Computer Systems Analyst does is assess the suitability of informational systems in terms of their intended outcome and liaise with end users, venders, system administers, programmers. Systems Analysts are often the company’s best line of defense against an internal or external IT disaster.  The role of this type of analyst within an IT project is to serve as the change agent who can identify the organizational needs, design a system to implement the requirements of the project, and train others to use the system once developed. Computer Systems Analyst must be familiar with a wide range of:

  • programming languages
  • operating systems
  • hardware platforms

However, they do not participate in actual hardware or software development.

Other responsibilities include:

  • developing cost analysis
  • design considerations
  • staff impact amelioration
  • implementations timelines

One the most important tools a Computer Systems Analyst have is the system development life cycle.  Once a development project gains necessary approvals from all participants, the System Analyst’s stage can begin.  Information can be gathered about the existing system in order to determine the requirements for an enhanced system or a brand new system.  The end product of this stage, known as a deliverable, is a tangible or intangible object that can be delivered to a customer.

Salary range in 2013

  • $63,860 to $ 102,480

Education

  • Bachelor’s Degree
  • Computer Science
  • Information Science

Skills

  • Technical knowledge
  • Oral & written communication
  • Understanding of the business or organization daily operations
  • Critical thinking skills

Of the skills I have listed, there are two skills in which I would like to go into more detail are critical thinking and communication skills, something that is not addressed in most IT programs. First of all, communication skills are vital to any type of position, in particular a system analysis must interact with people at all levels within an organization from operational employees to senior executives, and outside the company which may include hardware & software venders, customers, and government officials. Lastly, important critical thinking skills ability to

  • Compare
  • Classify
  • Evaluate
  • recognize patterns
  • analyze cause-and-effect
  • apply logic

 

Works Cited

Bratcher, Emily H. Computer Systems Analyst: Salary. 2015. Web Page. 18 February 2015.

Computer Systems Analysts. 8 January 2014. Web Page. 18 February 2014.

toptenreviews. Systems Analyst. 2015. Web Page. 18 Febuary 2015.

Wikipedia, the free encyclopedia. Systems analyst. 23 February 2015. Web Page. 18 February 2015.

Open Source Wireless Protocol Analyzer

A packet analyzer is a computer program that can intercept and log data traffic passing through a network. When data streams flow across a network a packet analyzer will capture each packet and decodes the packet’s raw data. Of the many open source network protocol analyzers the three most popular applications being used are Wireshark, Capsa, and Packetyzer.

Wireshark

Wireshark is a very popular free and open source network analyzer, and is cross platform. What makes this software application so popular to users is how easy it is for anyone to all view network traffic visible on any given network interface. Similar to tcpdump but with a graphical front end instead of command line interface, plus sorting and other advanced filtering options allowing the user to examine data more in-depth from a live network or saved packets in memory. What Wireshark cannot do is be used as a network detection system or for manipulating packets only to examining them.

Wireshark uses the application programming interface (API) pcap to capture packets, which comes from the libpcap code library for the C programming language on UNIX base system, winpcap for windows based machines. Libpcap was first developed at Lawrence Berkeley Laboratory to be used with tcpdump for low level packet capturing.

Capsa
Another popular analyzer to use is Capsa which comes in a three different versions ranging in price from free to $995. This application does everything Wireshark does including real time packet capturing, constant network monitoring. But where this product does surpasses Wireshark is its advanced graphical interface that provides a clearer view of any network making the task of conducting packet level analysis and other network problems easier. What makes a tool for network administrators to use is that is costs $995 for the Enterprise edition and $695 for the Professional, which can be a hard for a starting IT budget but the free is a good way to first test before purchasing it. The Free version has a lot of the advanced features taken out and can only monitor ten IP addresses at once, and how a downtime of four hours before being able to be used again.
Packetyzer

The last analyzer research was Packetyzer which is a very basic packet sniffer application based on the Ethereal project and provides a GUI for windows machines. This application was the same as Wireshark but did not have as nice of a graphical interface for packet capturing.

Of the three applications I researched I would recommend to any IT professional to use Wireshark as a starting to for their networking trouble shooting problems, because it is easy for anyone to use and can be use on any system for free. My second choice would be Capsa because in the event where is an network administer does encounter a more advanced network problem to look into many investing in Capsa if the problem require a more in-depth exam to find a solution.

Mobile Device security in the workplace

Access to data is no longer limited to the fixed computer workstation.  Laptops, Smartphones, and tablets give us access to files, pictures, and music from anywhere in the world.  This is especially attractive in the work place environment where mobility allows employees to check emails, access applications on the cloud, or review office documents.  Unfortunately, the idea of “bring your own device” (or BYOD) to work is creating privacy and security issues prompting questions of how much access should anyone have to a company’s network or cloud.

News of internal data leaks of office documents are all over the Internet raising concerns about how to prevent confidential data from falling into hackers or competitor’s hands.  There have been attempts to address this growing mobile device risk in the world of IT but separating the company’s and employee’s device has proven to be costly and very difficult to implement. Some companies buy mobile devices for employees yet they continue to lose the ability to cut costs, even when buying in bulk.  The company ends up paying for calls and data plans as employees claim these costs as work expenses.  In addition, implementing new network security measures to cope with the increase of new devices on the network is very costly.  The company’s IT department must spend more money and other resources on mobile data protection, network access control, and device management.

One solution is to implement a Virtual Mobile Infrastructure (VMI) where a user can access virtual mobile operating systems that are running on the company’s server without putting the company data at risk.  Employees and users have access to two operating systems on their mobile device; one dedicated to the company server and the other for personal Internet access.  An example of how an employee or IT administrator can use this concept is to run one or more virtual machines with Android application in data centers and deliver the application data to any location