Saturday, March 30, 2019
Wireless Vulnerabilities Threats And Countermeasures Information Technology Essay
radio pock Vulnerabilities Threats And Countermeasures Information engineering science EssayIntroduction to profits bail brinytains its focus on the interlock and its vulnerabilities, protocols, and pledge solutions. It includes lucre architecture, the functions of layers in a typical net profit, and inter slip by ground attacks including header, protocol, and authentication attacks. Bottom-up approach, it provides at a lower placestanding of the vulnerabilities and mechanisms of each layer of interlock protective cover charge.In any(prenominal)(prenominal) sphere there is net contrive security plan in order to control solely the events occurred in the domain like ticketing selling, consumable purchases, seating arrangement and some others. By function the radio receiver engineering and mobiles we bear plan the top level web security in the plan, the go admitn in this argon all the members in the radio set enthrall obligate one wireless mobile. From t he mobiles all the members butt joint knuckle under the culture to channel that means it is a server. wholly the decisions entertainn by the empires be by the wireless solitary(prenominal), the telly channel be steads real a lot useful in controlling the pipe bowl.Consider the cricket scene of actionChinnaswamy, cricket Stadium in Bangalore, INDIA.The boundary line of the stadium is marked by the rope and here the boundary line is called as the perimeter of the stadium having field diameter of 140 to 160 yards. Score board has to flourish scores and sometimes should work as a third empire for keen observation and all this declineup should work with wireless engineering science be answer wire transmission whoremonger non be implemented everyplace there. This stadium with a seating capacity of 55,000.Features of the stadiumThe entire stadium is equipped with the very sensitive digital cameras, short and long distance explosive detectors. alone it involve 29 closed circuit television cameras, in this 29 cameras five of them atomic number 18 very highly sophisticated which argon having the 360 stratum of vision and all these go out covers all the corners of the stadium. Trained marshals allow operate the 29 closed circuit television cameras (CCTV), nearly 20 trained marshals are there in the stadium. These marshals having the helmets which are with sensitive cameras and sensitive detectors which are capable for covering the explosives which are happened some of 300 meter, this is called as OSD(on-screen display) camera which in the helmet and it is directly connected to the CMS(central monitor carcass) vehicle. This CMS vehicle is standing right(prenominal) the stadium, so whatever the marshal confab and do, each and every point of the stadium and things happening in the stadium are very clearly seen in the CMS (central monitoring system) vehicle. The entire system works on SNMP( fair network management protocol).Total stadium ordure be seen in the CMS vehicle, and another important thing is that empires decisions for example take the out and not out decisions it kitty be displayed on the enormous digital screen. The runs taken by the both the teams will be displayed on the digital screen in stadium.At the heart of the modern stadium is a communications system capable of supporting(a) the innovative unfermented functions and applications customers are looking for. Organizing and hosting events requires a complete communications cornerstone essential to satisfying the communication needs of fans, guests, corporate employees, service and security staff, event organizers, press and media. It is that to provide all the components needed to build a complete, converged, secure and reliable communications system.Security, communication and services are the main aspects at the stadiums now-a-days. The organizers and event managers should be able to satisfy the complete communications foundation essential to satis fying the communication needs of fans, guests, corporate employees, service and security staff, event organizers, press and media. And also the communication system which provides all the components needed to build a complete, secure and consistent communications system.Converged IP/Ethernet CoreStadiums support the communications needs of events with much number of users. Moreover, the supporting infrastructure is shared by different groups with different needs including stadium corporate users, media and press and event promoters. It is important to the make the event made with High-speed, consistent and secure communication which doesnt fails. With reliable, secure, high-performance, innate(predicate) Ethernet connectivity the enterprise LANs put forward intelligently prioritize real-time business communications like voice, exposure and multimedia services.Voice communications Voice communications are important in any purlieu and mainly in the stadiums. IP networks provide t he authorisation and quality of service that voice service requires. Converging voice and grantive information over IP maximizes network efficiency, streamlines the architecture, reduces capital and operating costs, and opens up refreshed service opportunities. It would be secure for organizations of all sizes to use voice over IP (VoIP), with IP PBXs (Private Branch Exchange). Today the global markets have a complete variety of IP phones, including desktop phones with displays, rugged wireless handsets, and PC-based downlikephones. All of these admission price devices operate seamlessly across the range of IP-enabled platforms and applications.Mobility The nature of the stadium environment is mobile. Staff move constantly on making the event booming and provide the security at the top level. For the users, it is essential to have the stay to to key information and communication tools and allows them to roam and remain in bit no matter where they are.In WLAN IP Telephony se rvices, we have a large choice of mobile desktops and handsets. Voice calls can be placed from laptops or PDAs(Personal digital Assistant) using fluffy phones and employees can be equipped with voice over WLAN handsets that support multiple functions super useful for stadium staff, such as text messaging, conferencing and a push-to-talk gas that allows groups of handsets to behave as walkie-talkies.With this, the good coverage can be certain in areas which are difficult to reach with customary areas. Wireless charter Network extends the reach of Wireless LANs securely and cost-effectively for situations where cabling for the LAN network is not in place or too costly to deploy.Implementing naked as a jaybird TechnologiesWith a comprehensive communications infrastructure as the base, stadiums have the foundation on which to build an intelligent environment filled with new, media-rich applications and services capable of creating new revenue opportunities and improving the over all fan experience.Wireless ticketing booths Premium sit for sporting events and concerts can be expensive. Stadiums can leverage wireless technology to implement standalone, mobile carrels that attract fans to upgrade their existing tickets for an event onsite.Digital signage directs patrons to the carrel during the event. The fan simply inserts his ticket, checks a map of available seats, uses a touch-screen to select the new seat and inserts his credit humour to pay. The machine keeps the old(a) ticket and provides the upgrade. The stadium fills the seats closer to the action and generates revenue that would have been lost. It creates a win-win for the guest, the team and the stadium.Stadium owners can use the same kiosk to encourage customers to buy tickets for future events while guests are onsite and in the fashion to buy. The kiosk can advertise upcoming events and attract fans waiting to go past after watching a game or seeing a concert. The terminal shows a list of available events and allows users to follow the same simple steps to purchase a ticket.Additionally, stadium owners can use the kiosk to capture and collect valuable information about its customer base. The kiosk can advertise loyalty programs and contests that suggest incentives for fans to provide personal data that helps the stadium better understand and communicate with its audience base.Public gumshoe and security With thousands of people attending major events at one time, public safety and security is critical. Stadiums can leverage the communications system to offer digital security options including digital video surveillance and RFID (Radio-Frequency Identification) tagging and tracking. For example, stadiums can make better security threat detection with high-resolution IP cameras that provide undecomposed surveillance of the crowd using pre-sets by section operators can select a stadium section and automatically receive all video from that section in multiple view s. Operations staff can set rules to govern detection of left bags, perimeter entry, threshold crossing and loitering receiving alarms if any of the rules are breachedStadiums can improve event response through video feeds and text alerts that are transmitted manually or automatically to upstage PDAs, laptops or offsite responders. All responders can be linked together automatically via dedicated audio conferencing channel. RFID tags can be used to nail down and impinge on the closest security personnel to an emergency situation, ensuring a timely response. astir(predicate) NETWORK SECURITY AND TO FIND THREATSVulnerabilities, Threats and CountermeasuresWireless networking has many advantages. Network embodiment and reconfiguration is easier, faster, and less expensive. But, wireless technology creates new threats and alters the existing information security risk profile. Wireless networking alters the risks associated with various threats to security, the security objectives re main the same as with wired networks, preserving confidentiality, ensuring integrity, and maintaining availability of the information and information systems.Wireless Networks present a host of issues for network managers. Unauthorized introduction points, broadcasted SSIDs, unknown stations, and spoofed mackintosh addresses are just a few of the problems addressed in WLAN troubleshooting.Wireless Vulnerabilities, Threats and CountermeasuresThe wireless networks consist of four basic components The transmission of data using radio frequencies entrance money points that provide a participation to the organizational network and/or the Client devices (laptops, PDAs) and Users. Each of these components provides an avenue for attack that can upshot in the compromise of one or more of the three extreme security objectives of confidentiality, integrity, and availability.Wireless Network AttacksMalicious associationMalicious associations are when wireless devices can be actively made b y awry(p) to connect to a network through their cracking laptop preferably of a access point (AP). These roles of laptops are known as soft APs and are created when a cracker runs some software that makes his/her wireless network card look like a legitimate access point. at a time the cracker has gained access, he/she can steal countersigns, launch attacks on the wired network, or plant trojans. Since wireless networks operate at the Layer 2 level, Layer 3 protective coverings such as network authentication and realistic private networks (VPNs) offer no barrier. Wireless 802.1x authentications do help with protection but are still vulnerable to cracking. The idea behind this type of attack may not be to break into a VPN or other security measures. Most likely the cracker is just onerous to take over the client at the Layer 2 level.Ad-hoc networksAd-hoc networks can pose a security threat. Ad-hoc networks are defined as peer-topeer networks amongst wireless ready reckoners t hat do not have an access point in amongst them. While these types of networks usually have little protection, encryption methods can be used to provide security.Identity thievery (MAC spoofing)Identity theft (or MAC spoofing) occurs when a cracker is able to listen in on network relations and identify the MAC address of a computer with network privileges. Most wireless systems allow some kind of MAC filtering to only allow authorized computers with specialised MAC IDs to gain access and utilize the network. However, a number of programs exist that have network sniffing capabilities. reliance these programs with other software that allow a computer to pretend it has any MAC address that the cracker desires, and the cracker can easily get around that hurdle.Man-in-the-middle attacksA man-in-the-middle attacker entices computers to log into a computer which is set up as a soft AP (Access Point). Once this is done, the hacker connects to a real access point through another wireles s card offering a steady flow of traffic through the unsophisticated hacking computer to the real network. The hacker can then sniff the traffic. unity type of man-in-the-middle attack relies on security faults in challenge and handshake protocols to execute a de-authentication attack. This attack forces AP connected computers to drop their communitys and reconnect with the crackers soft AP. Man-in-the-middle attacks are enhanced by software such as LANjack and AirJack, which automatize multiple steps of the solve. What once required some skill can now be done by script kiddies. Hotspots are peculiarly vulnerable to any attack since there is little to no security on these networks.Denial of serviceA Denial-of-Service attack (DoS) occurs when an attacker continually bombards a targeted AP (Access Point) or network with bogus requests, premature successful connection messages, failure messages, and/or other commands. These cause legitimate users to not be able to get on the net work and may even cause the network to crash. These attacks rely on the abuse of protocols such as the protractile Authentication Protocol (EAP).Network injectionIn a network injection attack, a cracker can make use of access points that are exposed to non-filtered network traffic, specifically broadcast medium network traffic such as Spanning Tree (802.1D), OSPF, RIP, and HSRP. The cracker injects bogus networking re-configuration commands that affect routers, switches, and intelligent hubs. A whole network can be brought down in this manner and require rebooting or even reprogramming of all intelligent networking devices.Signal-Hiding Techniques In order to intercept wireless transmissions, attackers first need to identify and locate wireless networks. There are, however, a number of steps that organizations can take to make it more difficult to locate their wireless access points. The easiest and least costly include the following Turning offthe service set identifier (SSID) br oadcasting by wireless access points, Assign cryptic names to SSIDs, decrease repoint strength to the lowest level that still provides requisite coverage or Locating wireless access points in the interior of the building, external from windows and exterior walls. More effective, but also more costly methods for trim back or hiding signals include Using directional antennas to constrain signal emanations within desired areas of coverage or Using of signal emanation-shielding techniques, sometimes referred to as TEMPEST, 1 to block emanation of wireless signals.Encryption The beat method for protecting the confidentiality of information transmitted over wireless networks is to encrypt all wireless traffic. This is especially important for organizations subject to regulations.Securing Wireless Access PointsInsecure, poorly configured wireless access points can compromise confidentiality by allowing unauthorized access to the network.Use anti-virus and anti-spyware software, and a firewallComputers on a wireless network need the same protections as any computer connected to the Internet. Install anti-virus and anti-spyware software, and keep them up-to-date. If your firewall was shipped in the off mode, turn it on.Change your routers pre-set password for administrationThe manufacturer of your wireless router probably assigned it a step nonremittal password that allows you to set up and operate the router. Hackers know these default passwords, so change it to something only you know. The longer the password, the tougher it is to crack.Allow only specific computers to access your wireless networkEvery computer that is able to communicate with a network is assigned its own unique Media Access contain (MAC) address. Wireless routers usually have a mechanism to allow only devices with particular MAC addresses access to the network. Some hackers have mimicked MAC addresses, so dont rely on this step alone.Training and Educating UsersNotice that Figure 1 also inc ludes users as the fourth basic component of wireless networking. As is the case with wired security, users are the key component to wireless networking security. Indeed, the immensity of training and educating users about secure wireless behavior cannot be overstated. To be effective, user training and education needs to be repeated closureically.The Security PolicyTo maintain a secured wireless network security, we need to hold back these policies, so that the wireless network can be protected by the major threats and vulnerabilities.Computer Acceptable Use. A general document covering all computer use by eventstaff, including desktop, mobile, home PCs, and servers.Password. A rendering of the requirements for password protecting computer systems, the rules for choosing passwords, and how the password policy is enforced.Email. This policy covers the use of email sent from any email address and received at any computer system.Web. A specification of what browsers may be used, h ow they should be configured, and any restrictions on which sites event staff can get down.Mobile reckon and Portable Storage. A description of who owns the mobile computing and portable computer memory on the network, how they are supported, and what specific devices (if any) are authorized for use on the network.Remote Access. A policy stating who can access what information from which locations under what circumstances.Internet. A description of your Internet-facing gateway configuration, stating what is allowed in and out, and why.Wireless. A specification stating how wireless access will be managed on the network and how access points will be plugged in, secured, and maintained who is allowed to use them and under what circumstances.Servers. A dictation of the standards for servers, what services are enabled or disabled by default, and important distinctions between production, test, and development environments.Incident Response Plan. No policy is complete until it also sp ecifies what to do when defenses fail what is considered a security incident who gets called who is authorized to debar things down if needed who is responsible for enforcing applicable local laws who speaks for the company.StandardsWorkstations Approval for workstation connection must be obtained as part of the standard workstation installation process handled by Information Technology Services, or authorized departmental skilful personnel.Other devices (including, but not limited to, network components such as hubs, routers, switches, wireless access points, printers and other communication devices) Approval to connect devices other than workstations must be expressly obtained from Information Technology Services/Network Services.Vendors/visitors can obtain a physical connection access to the University network through Information Technology Services on a per visit basis. This access will be granted for a specific period of timeMail servers may not be run outside of Information Technology Services.GuidelinesAccountsDefinition and use of departmental accounts and shared accounts should be restricted asmuch as possible. Only those functions needed by the user should be made available through such accounts.Servers1. SSL should be implemented on Web servers if account log-in is required.2. Run aggression detection system where appropriate3. Store backups offsite on a monthly basis.4. Install firewall system where appropriate5. Application updates must be performed every 30 days.6. Run file integrity checker such as Tripwire daily.7. Periodically test backups for integrity.Passwords1. should not use any words found in dictionary of any language2. should not use any combination of letters of a users real name, username, initials or nickname3. should not use any combination of a famous persons name4. should not use any combination of a spouses, girlfriends, boyfriends, or childs name5. should not use any personalized numbersWorkstations1. Turn off workstations o vernight.2. Work-related files should be stored on the Novell cluster in the staff membershome directory or the departments work directory3. Implement periodic backups4. Logginga. should be enabled to recordi. successful and thwarted login attempts.ii. system and application errors.CONCLUSIONWe introduce the top level network security plan in the stadium to control the things happening. So by this we can create the safe atmosphere to the audience in the stadium. We can prevent the things inside the stadium only but out side the stadium we cant, so the government have to come forward and give the external security to the stadium. Because of the terrorism attacks the government has to be very paying attention in giving the security to the stadium. For this each and every person who entrance into the stadium is first checked with bomb squad and also by the wireless detector. By this we can provide the safety to people and the players in the match.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment